urlscan.io logo urlscan.io
SecurityTrails logo

storage.googleapis.com Open in urlscan Pro
2a00:1450:4001:81d::201b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/mailgooo/nobotgogomailbali.html#cl/1414_md/2/1340/59/25/950408
Effective URL: https://storage.googleapis.com/mailgooo/nobotgogomailbali.html
Submission Tags: @phish_report
Submission: On May 15 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 5 HTTP transactions. The main IP is 2a00:1450:4001:81d::201b, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is storage.googleapis.com. The Cisco Umbrella rank of the primary domain is 353.
TLS certificate: Issued by WR2 on May 6th 2024. Valid for: 3 months.
This is the only time storage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2a00:1450:400... 15169 (GOOGLE)
1 3 104.17.3.184 13335 (CLOUDFLAR...)
1 2606:2800:134... 15133 (EDGECAST)
1 142.250.186.100 15169 (GOOGLE)
5 4
Apex Domain
Subdomains		 Transfer
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4500
14 KB
2 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 353
3 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
872 B
1 twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 1214
100 KB
5 4
Domain Requested by
3 challenges.cloudflare.com 1 redirects storage.googleapis.com
challenges.cloudflare.com
2 storage.googleapis.com 1 redirects
1 www.google.com
1 pbs.twimg.com storage.googleapis.com
5 4

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://storage.googleapis.com/mailgooo/nobotgogomailbali.html
Frame ID: D8C8A753B2481160B47C1A7C011C3485
Requests: 4 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xb64q/0x4AAAAAAAWyD8kIgIxaOYq5/auto/normal
Frame ID: CCE15988A02AE0F97431AA489BC65A0E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Confirmation Page

Page Statistics

5
Requests

60 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

118 kB
Transfer

144 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js
Request Chain 3
  • https://storage.googleapis.com/favicon.ico HTTP 307
  • https://www.google.com/images/icons/product/cloud_storage-32.png

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nobotgogomailbali.html
storage.googleapis.com/mailgooo/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/mailgooo/nobotgogomailbali.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
38a10944720bc48fa58a881f5fd3d1b0933e9f985fd43085e356ff3241107d20

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
2313
content-type
text/html
date
Wed, 15 May 2024 00:40:48 GMT
etag
"2fc0ce91527bf0f082e9a6408f5136a9"
expires
Wed, 15 May 2024 01:40:48 GMT
last-modified
Wed, 10 Apr 2024 03:41:53 GMT
server
UploadServer
x-goog-generation
1712720513628512
x-goog-hash
crc32c=cJ7JpQ== md5=L8DOkVJ78PCC6aZAj1E2qQ==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2313
x-guploader-uploadid
ABPtcPpBDMf8Hs-DYCpuA3cml1U2M-wUIkhPxQk7qtyzxD7to_IZq4IyOo6sojQ09fOyNUeaJ8vYJ8mJSw
api.js
challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js
42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/mailgooo/nobotgogomailbali.html
Protocol
H3
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae0e2e45f84d7d3d06526aafc20d4a95b486e8747bf80895f3aeb8c4aebee7f4

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 15 May 2024 00:40:48 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800, public
cross-origin-resource-policy
cross-origin
cf-ray
883f14275f6509a4-ARN
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 15 May 2024 00:40:48 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/g/1b3559406bc8/api.js
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
883f14270f4509a4-ARN
alt-svc
h3=":443"; ma=86400
content-length
0
GKWG_bwbgAA9ZS3
pbs.twimg.com/media/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/GKWG_bwbgAA9ZS3?format=png&name=small
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/mailgooo/nobotgogomailbali.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F71A) /
Resource Hash
cce2c0d44945d32059790f43d9be7cc73e935e86e94b3dd89bf36b4830a23ca5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://storage.googleapis.com/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 00:40:48 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
372429
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
101838
x-response-time
105
surrogate-key
media media/bucket/3 media/1775974052408295424
last-modified
Thu, 04 Apr 2024 19:47:44 GMT
server
ECS (ska/F71A)
x-tw-cdn
VZ, VZ, VZ
content-type
image/png
access-control-allow-origin
*
x-transaction-id
8130686587d9464d
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7402827104
x-connection-hash
f5944c63b378c43240b2f2941f5cf6f3b4b6fc7557e9baeff1e90c8790f03e25
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xb64q/0x4AAAAAAAWyD8kIgIxaOYq5/auto/ Frame CCE1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xb64q/0x4AAAAAAAWyD8kIgIxaOYq5/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://storage.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
883f142819a382d7-ARN
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 15 May 2024 00:40:48 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
cloud_storage-32.png
www.google.com/images/icons/product/
Redirect Chain
  • https://storage.googleapis.com/favicon.ico
  • https://www.google.com/images/icons/product/cloud_storage-32.png
850 B
872 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/images/icons/product/cloud_storage-32.png
Protocol
H3
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
sffe /
Resource Hash
24283abecab24b0a7f50518ef5e9c684b1abd4fdbb31c6d0e1ca63a236a34d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 15 May 2024 00:40:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
850
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 15 May 2024 00:40:49 GMT

Redirect headers

date
Wed, 15 May 2024 00:14:16 GMT
server
UploadServer
age
1592
x-guploader-uploadid
ABPtcPqGGMy84xoVPzsT3tLyyPy6nknDjajsChUerlKFJiQBMAZZcucrrCVpHzpPUTrGqH-oi1eUEcNNYw
content-type
text/html; charset=UTF-8
location
https://www.google.com/images/icons/product/cloud_storage-32.png
cache-control
public, max-age=31556926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| redirectToNewUrl object| turnstile

0 Cookies