![](/screenshots/4d99ab46-64c1-43a0-9788-30b9956edbde.png)
storage.googleapis.com
Open in
urlscan Pro
2a00:1450:4001:81d::201b
Public Scan
Effective URL: https://storage.googleapis.com/mailgooo/nobotgogomailbali.html
Submission Tags: @phish_report
Submission: On May 15 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by WR2 on May 6th 2024. Valid for: 3 months.
This is the only time storage.googleapis.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 2a00:1450:400... 2a00:1450:4001:81d::201b | 15169 (GOOGLE) (GOOGLE) | |
1 3 | 104.17.3.184 104.17.3.184 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665 | 15133 (EDGECAST) (EDGECAST) | |
1 | 142.250.186.100 142.250.186.100 | 15169 (GOOGLE) (GOOGLE) | |
5 | 4 |
ASN15169 (GOOGLE, US)
storage.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
cloudflare.com
1 redirects
challenges.cloudflare.com — Cisco Umbrella Rank: 4500 |
14 KB |
2 |
googleapis.com
1 redirects
storage.googleapis.com — Cisco Umbrella Rank: 353 |
3 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
872 B |
1 |
twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 1214 |
100 KB |
5 | 4 |
Domain | Requested by | |
---|---|---|
3 | challenges.cloudflare.com |
1 redirects
storage.googleapis.com
challenges.cloudflare.com |
2 | storage.googleapis.com | 1 redirects |
1 | www.google.com | |
1 | pbs.twimg.com |
storage.googleapis.com
|
5 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
storage.googleapis.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-28 - 2024-07-26 |
a year | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2023-08-18 - 2024-08-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://storage.googleapis.com/mailgooo/nobotgogomailbali.html
Frame ID: D8C8A753B2481160B47C1A7C011C3485
Requests: 4 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xb64q/0x4AAAAAAAWyD8kIgIxaOYq5/auto/normal
Frame ID: CCE15988A02AE0F97431AA489BC65A0E
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
- https://challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js
- https://storage.googleapis.com/favicon.ico HTTP 307
- https://www.google.com/images/icons/product/cloud_storage-32.png
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
nobotgogomailbali.html
storage.googleapis.com/mailgooo/ |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/ Redirect Chain
|
42 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GKWG_bwbgAA9ZS3
pbs.twimg.com/media/ |
99 KB 100 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xb64q/0x4AAAAAAAWyD8kIgIxaOYq5/auto/ Frame CCE1 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cloud_storage-32.png
www.google.com/images/icons/product/ Redirect Chain
|
850 B 872 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| redirectToNewUrl object| turnstile0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
challenges.cloudflare.com
pbs.twimg.com
storage.googleapis.com
www.google.com
104.17.3.184
142.250.186.100
2606:2800:134:fa2:1627:1fe:edb:1665
2a00:1450:4001:81d::201b
24283abecab24b0a7f50518ef5e9c684b1abd4fdbb31c6d0e1ca63a236a34d1c
38a10944720bc48fa58a881f5fd3d1b0933e9f985fd43085e356ff3241107d20
ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4
cce2c0d44945d32059790f43d9be7cc73e935e86e94b3dd89bf36b4830a23ca5