storage.googleapis.com
Open in
urlscan Pro
2a00:1450:4001:819::2010
Malicious Activity!
Public Scan
Submission: On January 30 via manual from US
Summary
TLS certificate: Issued by GTS CA 1O1 on January 14th 2020. Valid for: 3 months.
This is the only time storage.googleapis.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Dropbox (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 2a00:1450:400... 2a00:1450:4001:819::2010 | 15169 (GOOGLE) (GOOGLE) | |
12 | 1 |
ASN15169 (GOOGLE, US)
storage.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
googleapis.com
storage.googleapis.com |
574 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
12 | storage.googleapis.com |
storage.googleapis.com
|
12 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.storage.googleapis.com GTS CA 1O1 |
2020-01-14 - 2020-04-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://storage.googleapis.com/adropbox-chatelet-308055081/index.html
Frame ID: 93FDA05CF99C4FBAE9BC01B2149A465F
Requests: 12 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
storage.googleapis.com/adropbox-chatelet-308055081/ |
11 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
storage.googleapis.com/adropbox-chatelet-308055081/files/ |
118 KB 119 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1B.png
storage.googleapis.com/adropbox-chatelet-308055081/files/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.png
storage.googleapis.com/adropbox-chatelet-308055081/files/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.png
storage.googleapis.com/adropbox-chatelet-308055081/files/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.png
storage.googleapis.com/adropbox-chatelet-308055081/files/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.png
storage.googleapis.com/adropbox-chatelet-308055081/files/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.png
storage.googleapis.com/adropbox-chatelet-308055081/files/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8.png
storage.googleapis.com/adropbox-chatelet-308055081/files/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js.download
storage.googleapis.com/adropbox-chatelet-308055081/files/ |
85 KB 85 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1C.png
storage.googleapis.com/adropbox-chatelet-308055081/files/ |
246 KB 246 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
storage.googleapis.com/adropbox-chatelet-308055081/ |
11 KB 11 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Dropbox (Consumer)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| window_opener_xc function| get_extra_data function| GetURLParameter0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
storage.googleapis.com
2a00:1450:4001:819::2010
0326d957f752809b16d35319ba5789911c22d9fa10d8edb3cb67c83c94afd03b
11aef2e5a51810af880fcbbc9a2c58547a44521b7894fef46a69b2de09fd9ecf
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1af338f2bb62b25d2292c33877c5117da2d7a52e8785e8bdf86cc652fe794536
1f12249d7a2761faeb1cae4c3e3eaedeb379b54c092f6456ad781ba8943d566b
26d8f8a3415ebd7d2eea2d3379a4ef545e43c13502c15a5edd7d0ce80c67e012
6efb6839add2750420c12fb17639747f0c9fdedd8b15b62b82baa7e4a449c4f2
89c4b15bccb75fb8da560dfeb0f314bb0b440c43eb883739767471727e2abe9f
92e190deeb9380bea445d14984095d2521fac4fe0435350cd44b5fd5bf8754ca
e9754b306ec09a16c393bfd05018cc45c3550fcaa7bb42fd8940c50e8d2c29ed
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c