What Is Play.Google.com?
play.google.com is the domain name for the Google Play Store, often shortened to Google Play or Play Store. The Google Play Store if where you can download and install Android apps for devices that run on the Android operating system. Google Play is often used as an app rather than a website; however, there is a Google Play website that can be accessed from any good web browser and the URL is play.google.com.
Website: https://play.google.com/
Is Play.Google.com Safe?
I conducted a series of malware tests to find out if play.google.com is safe and legit. Here are the results:
I installed the Malwarebytes Browser Guard on my Edge browser and was able to browse the site play.google.com without any issues.
To check this further I ran malware scans with Malwarebytes and Spybot on my computer after browsing the site play.google.com and they returned no malware detection. I also ran a system-wide scan with Microsoft Defender and no malware was found.
To try to confirm that the site is clean, I also checked the site play.google.com on the online malware scanner Sucuri and it returned with no issues. You can see the same here: https://sitecheck.sucuri.net/results/play.google.com
Sucuri says the site play.google.com is a low security risk and doesn’t have any malware. Moreover, no associated security vendor has blacklisted the site play.google.com, meaning they don’t think it’s malicious.
Some hardening improvements could be made such as solving the missing security headers listed below:
Missing security header for ClickJacking Protection. Alternatively, you can use Content-Security-Policy: frame-ancestors ‘none’. Affected pages:
http://play.google.com/404javascript.js
http://play.google.com/404testpage4525d2fdcMissing Content-Security-Policy directive. We recommend to add the following CSP directives (you can use default-src if all values are the same): script-src, object-src, base-uri, frame-src
The ‘unsafe-eval’ keyword in Content-Security-Policy is not recommended. Please consider fixing the JavaScript code.. Affected pages:
https://play.google.com/store/apps/details?id=com.kiloo.subwaysurf
https://play.google.com/store/apps/details?id=com.king.candycrushsaga
https://play.google.com/store/books
https://play.google.com/store/games for iPad’s UA
https://play.google.com/store/movies
However, these hardening improvements don’t change the overall grade of the scan.
Lastly, I ran a malware scan with VirusTotal on the domain play.google.com and no security vendor has flagged the domain as malicious. You can see the same here: https://www.virustotal.com/gui/domain/play.google.com
In conclusion, the site play.google.com is low security risk and doesn’t have malware according to Sucuri. Moreover, no security vendor associated with Sucuri or VirusTotal has blacklisted the site play.google.com as malicious.