urlscan.io logo urlscan.io
SecurityTrails logo

storage.googleapis.com Open in urlscan Pro
142.250.186.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/d2i7c4n0i8z9i7f5/s4f8u8r3c1z9w5j5.html#PJ4DUJ3XT93SB?dhVjyTccs3cKcyGplcdcYWcJcDPPzcHj7cbbb4W
Effective URL: https://storage.googleapis.com/d2i7c4n0i8z9i7f5/s4f8u8r3c1z9w5j5.html
Submission: On July 16 via manual from SE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 5 domains to perform 2 HTTP transactions. The main IP is 142.250.186.80, located in United States and belongs to GOOGLE, US. The main domain is storage.googleapis.com. The Cisco Umbrella rank of the primary domain is 506.
TLS certificate: Issued by GTS CA 1C3 on June 19th 2023. Valid for: 3 months.
This is the only time storage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.250.186.80 15169 (GOOGLE)
1 1 212.193.4.246 210773 (HOSTNETWORK)
1 1 23.251.142.1 15169 (GOOGLE)
1 1 34.90.119.27 396982 (GOOGLE-CL...)
1 34.117.79.165 396982 (GOOGLE-CL...)
2 2
1    142.250.186.80 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f16.1e100.net
storage.googleapis.com
1    212.193.4.246 (Brooklyn, United States)

ASN210773 (HOSTNETWORK, IR)
PTR: allworldcruise.com
allworldcruise.com
1    23.251.142.1 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 1.142.251.23.bc.googleusercontent.com
toaltrk.com
1    34.90.119.27 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 27.119.90.34.bc.googleusercontent.com
eradopal.com
1    34.117.79.165 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 165.79.117.34.bc.googleusercontent.com
www.landingpageredirect1.com
Apex Domain
Subdomains		 Transfer
1 landingpageredirect1.com
www.landingpageredirect1.com
1 eradopal.com
eradopal.com
736 B
1 toaltrk.com
toaltrk.com
338 B
1 allworldcruise.com
allworldcruise.com
301 B
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 506
594 B
2 5
Domain Requested by
1 www.landingpageredirect1.com storage.googleapis.com
1 eradopal.com 1 redirects
1 toaltrk.com 1 redirects
1 allworldcruise.com 1 redirects
1 storage.googleapis.com
2 5

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
hb6trk.com
Starfield Secure Certificate Authority - G2		 2023-05-23 -
2024-05-23		 a year crt.sh

This page contains 1 frames:

Frame: https://www.landingpageredirect1.com/B1Z33J/JFLK4T4/?sub2=316022093&source_id=996
Frame ID: 2F5E6BB53C9771E2F6BA31245BD69996
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

2
IPs

3
Countries

1 kB
Transfer

0 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://allworldcruise.com/anchorPJ4DUJ3XT93SB?dhVjyTccs3cKcyGplcdcYWcJcDPPzcHj7cbbb4W HTTP 302
  • https://toaltrk.com/?a=996&oc=18394&c=49941&p=r&m=3&s1=2_97684_2766772&s2=2648_2033498_4755836_37&s3=423387946_185-147-213-56&s5=1fhojeg HTTP 302
  • https://eradopal.com/?a=996&oc=18394&c=49941&p=r&m=3&s1=2_97684_2766772&s2=2648_2033498_4755836_37&s3=423387946_185-147-213-56&s5=1fhojeg&ckmguid=a7860f54-4f36-43c1-b0ad-d48d1d5c2378 HTTP 302
  • https://www.landingpageredirect1.com/B1Z33J/JFLK4T4/?sub2=316022093&source_id=996

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request s4f8u8r3c1z9w5j5.html
storage.googleapis.com/d2i7c4n0i8z9i7f5/ 		112 B
594 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/d2i7c4n0i8z9i7f5/s4f8u8r3c1z9w5j5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.80 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f16.1e100.net
Software
UploadServer /
Resource Hash
afbfdc733c343a55677015076be1664eb5c8fbd042279ebc7caa08271d055f7f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
112
content-type
text/html
date
Sun, 16 Jul 2023 16:51:06 GMT
etag
"b0434c04a2ea077785f3b92ecf7ba965"
expires
Sun, 16 Jul 2023 17:51:06 GMT
last-modified
Thu, 22 Jun 2023 13:43:22 GMT
server
UploadServer
x-goog-generation
1687441402851973
x-goog-hash
crc32c=8oDPWA== md5=sENMBKLqB3eF87kuz3upZQ==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
112
x-guploader-uploadid
ADPycdvCSvptbEyldjQW-MlR-SBD15KfteDjdrjMpOrAPIGOGNLASP2olTPwrDOtsfLwZl3-1VPS9IfvVN5zpi_FWrSFkg
/
www.landingpageredirect1.com/B1Z33J/JFLK4T4/
Redirect Chain
  • http://allworldcruise.com/anchorPJ4DUJ3XT93SB?dhVjyTccs3cKcyGplcdcYWcJcDPPzcHj7cbbb4W
  • https://toaltrk.com/?a=996&oc=18394&c=49941&p=r&m=3&s1=2_97684_2766772&s2=2648_2033498_4755836_37&s3=423387946_185-147-213-56&s5=1fhojeg
  • https://eradopal.com/?a=996&oc=18394&c=49941&p=r&m=3&s1=2_97684_2766772&s2=2648_2033498_4755836_37&s3=423387946_185-147-213-56&s5=1fhojeg&ckmguid=a7860f54-4f36-43c1-b0ad-d48d1d5c2378
  • https://www.landingpageredirect1.com/B1Z33J/JFLK4T4/?sub2=316022093&source_id=996
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.landingpageredirect1.com/B1Z33J/JFLK4T4/?sub2=316022093&source_id=996
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/d2i7c4n0i8z9i7f5/s4f8u8r3c1z9w5j5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.79.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
165.79.117.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://storage.googleapis.com/d2i7c4n0i8z9i7f5/s4f8u8r3c1z9w5j5.html#PJ4DUJ3XT93SB?dhVjyTccs3cKcyGplcdcYWcJcDPPzcHj7cbbb4W
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ch
Sec-Ch-Ua-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 16 Jul 2023 16:51:09 GMT
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
241d8e56-92cc-4b95-95da-e0654668559a

Redirect headers

cache-control
private
content-length
202
content-type
text/html; charset=utf-8
date
Sun, 16 Jul 2023 16:51:09 GMT
location
https://www.landingpageredirect1.com/B1Z33J/JFLK4T4/?sub2=316022093&source_id=996
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

3 Cookies

Domain/Path Name / Value
.eradopal.com/ Name: sfd
Value: LWHl78xHnDs+Cf0nJR/ki5hi3BhHrm5FeGxromRaUTLI0PWYdpcZjw==
.eradopal.com/ Name: tym
Value: TS3roKK4o0M+Cf0nJR/ki5hi3BhHrm5FeGxromRaUTLI0PWYdpcZjw==
.eradopal.com/ Name: c18342
Value: LWHl78xHnDtkSHNThPZH7TbcRek7d2dvlhD77Zah9HBphxFtoydJPg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allworldcruise.com
eradopal.com
storage.googleapis.com
toaltrk.com
www.landingpageredirect1.com
142.250.186.80
212.193.4.246
23.251.142.1
34.117.79.165
34.90.119.27
afbfdc733c343a55677015076be1664eb5c8fbd042279ebc7caa08271d055f7f