play.google.com
142.250.184.238

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.baggerservice-leipzig.de/
Effective URL:
https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US
Submission: On October 15 via automatic, source certstream-suspicious (October 15th 2021, 7:12:42 pm UTC) — Scanned from DE

Summary HTTP 117 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 117 HTTP transactions. The main IP is 142.250.184.238, located in United States and belongs to GOOGLE, US. The main domain is play.google.com.
TLS certificate: Issued by GTS CA 1C3 on September 13th 2021. Valid for: 2 months.

This is the only time play.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	85.13.162.221 85.13.162.221	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
2	31.31.198.216 31.31.198.216	197695 (AS-REG) (AS-REG)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2	167.71.64.21 167.71.64.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	5.101.45.12 5.101.45.12	209813 (FASTCONTENT) (FASTCONTENT)
1 2	5.189.217.127 5.189.217.127	209813 (FASTCONTENT) (FASTCONTENT)
1 2	185.50.248.87 185.50.248.87	209813 (FASTCONTENT) (FASTCONTENT)
4	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
13	142.250.185.163 142.250.185.163	() ()
17	142.250.181.246 142.250.181.246	() ()
2	172.217.16.131 172.217.16.131	() ()
6	142.250.186.163 142.250.186.163	() ()
1	142.250.181.238 142.250.181.238	() ()
2 3	172.217.23.100 172.217.23.100	() ()
2	142.250.185.142 142.250.185.142	() ()
1	74.125.206.156 74.125.206.156	() ()
117	17

32 85.13.162.221 (Germany) 1 redirects

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd16130.kasserver.com

www.baggerservice-leipzig.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
baggerservice-leipzig.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.31.198.216 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: spl96.hosting.reg.ru

wodrpress.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.71.64.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

allowww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.allowww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.101.45.12 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

take-your-prizes-here.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.189.217.127 (Haarlem, Netherlands) 1 redirects

ASN209813 (FASTCONTENT, DE)

fqfouu.bottomdreamboy.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.50.248.87 (Haarlem, Netherlands) 1 redirects

ASN209813 (FASTCONTENT, DE)

apk-top.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.163 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.181.246 (None, )

ASN- ()

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.131 (None, )

ASN- ()

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.163 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.238 (None, )

ASN- ()

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.100 (None, ) 2 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.142 (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.156 (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	baggerservice-leipzig.de 1 redirects www.baggerservice-leipzig.de baggerservice-leipzig.de	188 KB
21	gstatic.com www.gstatic.com ssl.gstatic.com fonts.gstatic.com	816 KB
17	googleusercontent.com play-lh.googleusercontent.com	248 KB
8	google.com 2 redirects play.google.com apis.google.com www.google.com	241 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	apk-top.cloud 1 redirects apk-top.cloud	872 B
2	bottomdreamboy.top 1 redirects fqfouu.bottomdreamboy.top	2 KB
2	take-your-prizes-here.life take-your-prizes-here.life	36 KB
2	allowww.com allowww.com 0.allowww.com	100 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	pp.ua wodrpress.pp.ua	1 KB
1	doubleclick.net stats.g.doubleclick.net	411 B
0	statcounter.com Failed www.statcounter.com Failed
117	13

	Domain	Requested by
31	baggerservice-leipzig.de	baggerservice-leipzig.de
17	play-lh.googleusercontent.com	play.google.com
13	www.gstatic.com	play.google.com www.gstatic.com www.google.com
6	fonts.gstatic.com	play.google.com
4	play.google.com	apk-top.cloud baggerservice-leipzig.de www.gstatic.com
3	www.google.com	2 redirects www.gstatic.com play.google.com
2	www.google-analytics.com	www.gstatic.com www.google-analytics.com
2	ssl.gstatic.com	play.google.com www.google.com
2	apk-top.cloud	1 redirects fqfouu.bottomdreamboy.top
2	fqfouu.bottomdreamboy.top	1 redirects take-your-prizes-here.life
2	take-your-prizes-here.life	baggerservice-leipzig.de take-your-prizes-here.life
2	counter.yadro.ru	1 redirects wodrpress.pp.ua
2	wodrpress.pp.ua	baggerservice-leipzig.de wodrpress.pp.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	apis.google.com	www.gstatic.com
1	0.allowww.com	baggerservice-leipzig.de
1	allowww.com
1	www.baggerservice-leipzig.de	1 redirects
0	www.statcounter.com Failed	baggerservice-leipzig.de
117	19

This site contains links to these domains. Also see Links.

Domain
www.google.com
accounts.google.com
support.google.com
www.tiktok.com

Subject Issuer	Validity	Valid
baggerservice-leipzig.de R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
wodrpress.pp.ua R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
7.wwcheck.biz R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
10.allowww.com R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
take-your-prizes-here.life R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
*.bottomdreamboy.top R3	`2021-10-15` - `2022-01-13`	3 months	crt.sh
apk-top.cloud R3	`2021-10-13` - `2022-01-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 3 frames:

Primary Page: https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US
Frame ID: 0BDEC006C64EED9D4F6533D9AC9E1FDF
Requests: 142 HTTP requests in this frame

Frame: https://take-your-prizes-here.life/media/mainstream/frame.html
Frame ID: C7FA4CA0E97A879F3810C0345AF3F685
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcA2tEZAAAAAJj7FTYTF9cZ4NL3ShgBCBfkWov0&co=aHR0cHM6Ly9wbGF5Lmdvb2dsZS5jb206NDQz&hl=de&v=qljbK_DTcvY1PzbR7IG69z1r&size=invisible&cb=kf8u7rlxa6cb
Frame ID: 60D0683C3859A45D0D3995C1F572F8F0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.baggerservice-leipzig.de/ HTTP 301
https://baggerservice-leipzig.de/ Page URL
https://wodrpress.pp.ua/wp.html Page URL
https://allowww.com/go/gq3dazrvmy5dmmbugy Page URL
https://0.allowww.com/index.php?p=gq3dazrvmy5dmmbugy Page URL
https://take-your-prizes-here.life/?u=p3yk605&o=3r9pzg2 Page URL
https://fqfouu.bottomdreamboy.top/ejhqbfqs/?u=p3yk605&o=3r9pzg2&f=1&sid=t1~nsmxeshnzb5o4bsu3x14le1l&fp=D%2Bv1Q... Page URL
https://fqfouu.bottomdreamboy.top/web/?sid=t1~nsmxeshnzb5o4bsu3x14le1l HTTP 302
https://apk-top.cloud/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBlt... HTTP 302
https://apk-top.cloud/away.php Page URL
https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US Page URL