storage.googleapis.com Open in urlscan Pro
2607:f8b0:4020:805::2010  Malicious Activity! Public Scan

URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Submission: On August 23 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 2607:f8b0:4020:805::2010, located in Montreal, Canada and belongs to GOOGLE, US. The main domain is storage.googleapis.com. The Cisco Umbrella rank of the primary domain is 409.
TLS certificate: Issued by GTS CA 1C3 on July 31st 2023. Valid for: 3 months.
This is the only time storage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OneDrive (Online) Adobe (Consumer) Generic Email (Online)

Domain & IP information

IP Address AS Autonomous System
2 2607:f8b0:402... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
3 2001:4de0:ac1... 20446 (STACKPATH...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
6 146.75.36.193 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
18 8
Apex Domain
Subdomains
Transfer
6 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7475
214 KB
4 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 409
ajax.googleapis.com — Cisco Umbrella Rank: 366
fonts.googleapis.com — Cisco Umbrella Rank: 45
46 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 982
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2782
50 KB
3 jquery.com
code.jquery.com — Cisco Umbrella Rank: 736
132 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
7 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1065
12 KB
18 6
Domain Requested by
6 i.imgur.com storage.googleapis.com
3 code.jquery.com storage.googleapis.com
2 maxcdn.bootstrapcdn.com storage.googleapis.com
2 storage.googleapis.com storage.googleapis.com
1 stackpath.bootstrapcdn.com storage.googleapis.com
1 cdnjs.cloudflare.com storage.googleapis.com
1 use.fontawesome.com storage.googleapis.com
1 fonts.googleapis.com storage.googleapis.com
1 ajax.googleapis.com storage.googleapis.com
18 9

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-12-30 -
2023-12-30
a year crt.sh
use.fontawesome.com
GTS CA 1P5
2023-07-04 -
2023-10-02
3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-13 -
2024-03-12
a year crt.sh

This page contains 1 frames:

Primary Page: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Frame ID: 18411AB54B80C980ED392B92188D903E
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Online

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

9
Subdomains

8
IPs

3
Countries

460 kB
Transfer

1040 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 35497.html
storage.googleapis.com/yusiaiso0027.appspot.com/
15 KB
15 KB
Document
General
Full URL
https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2010 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9eb3a370bc76d512ae18f480e617c5f80272bb22bc773f6396c1e78a739f1da0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-disposition
inline; filename*=utf-8''35497.html
content-length
14913
content-type
text/html
date
Wed, 23 Aug 2023 21:01:26 GMT
etag
"4959316f9b0efcfb1a4f4ed020802c2b"
expires
Wed, 23 Aug 2023 22:01:26 GMT
last-modified
Thu, 31 Mar 2022 17:40:22 GMT
server
UploadServer
x-goog-generation
1648748422665105
x-goog-hash
crc32c=SpyasQ== md5=SVkxb5sO/PsaT07QIIAsKw==
x-goog-meta-firebasestoragedownloadtokens
6d996429-1e38-4249-8524-0c151e543551
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
14913
x-guploader-uploadid
ADPycduKrXXMjgO73vhS_oxVYAa0mxqK7g-By8scysEa3eiIJDbvAg5YYGjQSpAdsUKWhMMTxAB8qz8DliROss6P-kB7RgT_ZgLC
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 23:40:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Aug 2024 23:40:26 GMT
jquery-3.1.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:26 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-152b5"
surrogate-control
public;hw-h2proxy, max-age=315360000;hw-h2proxy, stale-while-revalidate=604800;hw-h2proxy
vary
Accept-Encoding
x-hw
1692824486.cdn4-pxy206-mia02.mi1.evs,1692824486.cds254.mi1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000, stale-while-revalidate=604800
accept-ranges
bytes
content-length
30070
jquery-3.3.1.js
code.jquery.com/
265 KB
79 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Request headers

Referer
https://storage.googleapis.com/
Origin
https://storage.googleapis.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:26 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-42587"
surrogate-control
max-age=315360000;hw-h2proxy
vary
Accept-Encoding
x-hw
1692824486.cdn4-pxy220-mia02.mi1.evs,1692824486.cds240.mi1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000,public
accept-ranges
bytes
content-length
80268
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/
141 KB
22 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://storage.googleapis.com/
Origin
https://storage.googleapis.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
878
age
895556
cdn-cachedat
09/04/2022 07:20:45
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"450fc463b8b1a349df717056fbb3e078"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
694f0fa4195529a2cdc71bd372876c1a
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7fb64a71febe31e9-MIA
cdn-requestpullsuccess
True
css
fonts.googleapis.com/
422 B
731 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Yellowtail&display=swap
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9b4cc67632d1fea91d3ebb1f3672aab91a4d8cc5abd862e352c4e873eb16dc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 23 Aug 2023 21:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 23 Aug 2023 21:01:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 23 Aug 2023 21:01:26 GMT
all.css
use.fontawesome.com/releases/v5.7.0/css/
53 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.7.0/css/all.css
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae

Request headers

Referer
https://storage.googleapis.com/
Origin
https://storage.googleapis.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
S1V3Y4ANZ3P49K1X
age
87302
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ZYXdc43MRXurRqXbp123wYGAVkrc80X8gn1UWRWKPSGzNcet/Nqyb+gIFEb4syjTUEt3rY5M/sE=
last-modified
Wed, 30 Jun 2021 15:45:15 GMT
server
cloudflare
etag
W/"251d28bd755f5269a4531df8a81d5664"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2R38UdceHZdAyLnPIPaffm0IGq0ZC8ty6Q3xbiqbkzo8D2QYhGasNSqtT9AngMNq%2BO2jd%2FXo9Hg%2BC%2FXuep5z4m5VCK%2FPtiQYN6Zw0wyueMq%2BxvgF3IOq9r2tSJys78IjdcGHSa%2BAqvHamSrw1ID%2BWbQF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7fb64a720a1e334d-MIA
hover.css
storage.googleapis.com/staging.yuksdcbjsdbkdcbsdjh3.appspot.com/
0
0
Stylesheet
General
Full URL
https://storage.googleapis.com/staging.yuksdcbjsdbkdcbsdjh3.appspot.com/hover.css
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2010 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:26 GMT
server
UploadServer
x-guploader-uploadid
ADPycdvFDt1GZdTLA7p97ZB7Ax3Po-wPxppoVq8DXc3I98GXEbrG8a1hC42RXIsNOmue1dMA-VOjraZo3jmok96VXOaMXdeR-CKZ
content-type
application/xml; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
212
expires
Wed, 23 Aug 2023 21:01:26 GMT
XvAi8dK.jpg
i.imgur.com/
26 KB
26 KB
Image
General
Full URL
https://i.imgur.com/XvAi8dK.jpg
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
cd853b098c9424ebb951f5cebaa206ffbb290eb54c76e85c9bda16de99e36a0a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:27 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
188423
x-cache
Miss from cloudfront, HIT
content-length
26208
x-served-by
cache-iad-kcgs7200094-IAD
last-modified
Mon, 02 Nov 2020 12:57:09 GMT
server
cat factory 1.0
x-timer
S1692824487.186945,VS0,VE2
etag
"99434e9b6f2a025ad00317cf927bc891"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
M1WhSfkPrGxI16QlV6m9mM5L0-uP5o2I4XN0N5P8Faxo11DvUkY0bA==
x-cache-hits
1
5ID5toV.png
i.imgur.com/
771 B
917 B
Image
General
Full URL
https://i.imgur.com/5ID5toV.png
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:27 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
188886
x-cache
Miss from cloudfront, HIT
content-length
771
x-served-by
cache-iad-kcgs7200094-IAD
last-modified
Mon, 02 Nov 2020 12:58:17 GMT
server
cat factory 1.0
x-timer
S1692824487.187308,VS0,VE1
etag
"c3fc46c5799c76f9107504028f39190f"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
o_OE_--ljHlSadywWEKybTQmQqjSTTWIVUYc8lj2ro4gZuCVVc_Z0w==
x-cache-hits
1
0J0KUj0.png
i.imgur.com/
3 KB
3 KB
Image
General
Full URL
https://i.imgur.com/0J0KUj0.png
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
5e74d6beeaf8fcf8179879c1fa1aaaf559baa6849c04ea6c8d832b95c63d62e7
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:27 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
618231
x-cache
Miss from cloudfront, HIT
content-length
2983
x-served-by
cache-iad-kcgs7200094-IAD
last-modified
Mon, 02 Nov 2020 12:58:17 GMT
server
cat factory 1.0
x-timer
S1692824487.187283,VS0,VE1
etag
"10751f1f1cd54ff50678ce5822626f25"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ja2x66xVE6agfAN3p1CBsX7-osBhmojpqBD8mNvDTD0cKMww6QqSEw==
x-cache-hits
1
BRvBsqK.png
i.imgur.com/
7 KB
7 KB
Image
General
Full URL
https://i.imgur.com/BRvBsqK.png
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8e20009cccb8d6669b5a182a8c4bd12041308470aee71e6a340f28434acc6842
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:27 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
638854
x-cache
Miss from cloudfront, HIT
content-length
6718
x-served-by
cache-iad-kcgs7200094-IAD
last-modified
Mon, 02 Nov 2020 12:58:17 GMT
server
cat factory 1.0
x-timer
S1692824487.187486,VS0,VE1
etag
"c27ae9aa732191f42fbc6400aadaad64"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_MB6v-Tjd34B7aCmLIa9kJlfk27qosCQ50Y3JdRpMCcMi-E3JpxmjQ==
x-cache-hits
1
agNr5Vz.png
i.imgur.com/
65 KB
65 KB
Image
General
Full URL
https://i.imgur.com/agNr5Vz.png
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
bcdf4efedbeffffb053002efc736dd5b9c7c8966a1d23e1168d35f2721d3a276
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:27 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
125499
x-cache
Miss from cloudfront, HIT
content-length
66685
x-served-by
cache-iad-kcgs7200094-IAD
last-modified
Mon, 02 Nov 2020 13:08:02 GMT
server
cat factory 1.0
x-timer
S1692824487.187470,VS0,VE2
etag
"20793fe81a5ded71207785a2b5891dac"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6nIEXoID8yAoeKGVeI5sSSex2uD2mH4bxL_m3UIsGPzYgNhuQ8Q7mg==
x-cache-hits
1
jquery-3.2.1.slim.min.js
code.jquery.com/
68 KB
23 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer
https://storage.googleapis.com/
Origin
https://storage.googleapis.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:26 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-10fdd"
surrogate-control
max-age=315360000;hw-h2proxy
vary
Accept-Encoding
x-hw
1692824486.cdn4-pxy220-mia02.mi1.evs,1692824486.cds255.mi1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000,public
accept-ranges
bytes
content-length
23856
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/
19 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://storage.googleapis.com/
Origin
https://storage.googleapis.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13349290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6157
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWK0pBVkL%2FRRiqCeQnK1qwYwYUCGJkKW2oGO4ugNre5lgE2vyY35wnpSxXU%2F3jgnTRWFG3ace3Q0CYgBLeKNBVaTjAE5XXa1SHE1ZhVtFTmJ0UkCoY2VHcCvyKlwax7qqDEp1e7NK46GFRxhXc7ulSKx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fb64a73df3f030a-MIA
expires
Mon, 12 Aug 2024 21:01:27 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/
48 KB
13 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://storage.googleapis.com/
Origin
https://storage.googleapis.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
974
age
369591
cdn-cachedat
09/03/2022 05:37:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
178793629e179a5851b11b4ed44b5dc9
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7fb64a73795431e9-MIA
cdn-requestpullsuccess
True
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/
50 KB
15 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
976
age
5134795
cdn-cachedat
09/03/2022 05:38:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"67176c242e1bdc20603c878dee836df3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
434513781317a827f9465ce08fe2a86f
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7fb64a744f684c21-MIA
cdn-requestpullsuccess
True
9AxSYZF.jpg
i.imgur.com/
111 KB
112 KB
Image
General
Full URL
https://i.imgur.com/9AxSYZF.jpg
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/yusiaiso0027.appspot.com/35497.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e5a91f9f4dd250eeaa23728e98eb79256b96bdd2291de3685072e565fce2263c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 21:01:27 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
622605
x-cache
Miss from cloudfront, HIT
content-length
113767
x-served-by
cache-iad-kcgs7200094-IAD
last-modified
Mon, 02 Nov 2020 12:51:57 GMT
server
cat factory 1.0
x-timer
S1692824487.187528,VS0,VE2
etag
"21c522bd6c0316908c081e61fc9368eb"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
MqrKCmm23QdjbGldw8qL01EjCSOxvwAqY2vV72NLmnRbZwnljHFzmA==
x-cache-hits
1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online) Adobe (Consumer) Generic Email (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| Popper object| bootstrap

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://storage.googleapis.com/staging.yuksdcbjsdbkdcbsdjh3.appspot.com/hover.css
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
i.imgur.com
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
storage.googleapis.com
use.fontawesome.com
146.75.36.193
2001:4de0:ac18::1:a:1a
2606:4700::6811:180e
2606:4700::6812:bcf
2606:4700:e0::ac40:660b
2607:f8b0:4006:81f::200a
2607:f8b0:4020:805::200a
2607:f8b0:4020:805::2010
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785
5e74d6beeaf8fcf8179879c1fa1aaaf559baa6849c04ea6c8d832b95c63d62e7
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8e20009cccb8d6669b5a182a8c4bd12041308470aee71e6a340f28434acc6842
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9eb3a370bc76d512ae18f480e617c5f80272bb22bc773f6396c1e78a739f1da0
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a9b4cc67632d1fea91d3ebb1f3672aab91a4d8cc5abd862e352c4e873eb16dc9
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae
bcdf4efedbeffffb053002efc736dd5b9c7c8966a1d23e1168d35f2721d3a276
cd853b098c9424ebb951f5cebaa206ffbb290eb54c76e85c9bda16de99e36a0a
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
e5a91f9f4dd250eeaa23728e98eb79256b96bdd2291de3685072e565fce2263c
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b