storage.googleapis.com Open in urlscan Pro
2a00:1450:4001:81f::2010 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://storage.googleapis.com/aoffice365-pyrosmalite-443417722/index.html
Submission: On January 24 via manual (January 24th 2020, 9:24:10 am UTC) from IE

Summary HTTP 19 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2a00:1450:4001:81f::2010, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is storage.googleapis.com.
TLS certificate: Issued by GTS CA 1O1 on January 7th 2020. Valid for: 3 months.

This is the only time storage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OneDrive (Online)

Domain & IP information

	IP Address	AS Autonomous System
14	2a00:1450:400... 2a00:1450:4001:81f::2010	15169 (GOOGLE) (GOOGLE)
1	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff18	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
3	2a02:26f0:10c... 2a02:26f0:10c:384::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:196::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	4

14 2a00:1450:4001:81f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4a0:1338:28::c38a:ff18 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

img-prod-cms-rt-microsoft-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:10c:384::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:196::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googleapis.com storage.googleapis.com	691 KB
3	s-microsoft.com c.s-microsoft.com	92 KB
1	microsoft.com www.microsoft.com	26 KB
1	akamaized.net img-prod-cms-rt-microsoft-com.akamaized.net	4 KB
19	4

	Domain	Requested by
14	storage.googleapis.com	storage.googleapis.com
3	c.s-microsoft.com	storage.googleapis.com
1	www.microsoft.com	storage.googleapis.com
1	img-prod-cms-rt-microsoft-com.akamaized.net	storage.googleapis.com
19	4

This site contains links to these domains. Also see Links.

Domain
store.office.com

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2019-08-13` - `2020-08-12`	a year	crt.sh
www.microsoft.com Microsoft IT TLS CA 5	`2019-10-21` - `2021-10-21`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://storage.googleapis.com/aoffice365-pyrosmalite-443417722/index.html
Frame ID: 119178A79EEB6F4732F9DC424B27F430
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

19
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

814 kB
Transfer

809 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://store.office.com/worldwide.aspx?rs=en-us&returnURL=https%3a%2f%2fwww.office.com%2f&cmapid=2
Title: English (United States)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.html Show response
storage.googleapis.com/aoffice365-pyrosmalite-443417722/ 38 KB
39 KB 343ms
331ms Document
text/html 2a00:1450:4001:81f::2010
GOOGLE

General

storage.googleapis.com Open in urlscan Pro 2a00:1450:4001:81f::2010 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

19 Requests

100 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

814 kBTransfer

809 kBSize

0 Cookies

1 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Indicators

storage.googleapis.com Open in urlscan Pro
2a00:1450:4001:81f::2010 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

814 kB
Transfer

809 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!