urlscan.io logo urlscan.io
SecurityTrails logo

storage.googleapis.com Open in urlscan Pro
142.250.64.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/mailgooo/nobotgogomailbali.html#cl/1159_md/1/798/27/19/5666
Effective URL: https://storage.googleapis.com/mailgooo/nobotgogomailbali.html
Submission: On August 28 via manual from IN — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 142.250.64.91, located in Plainview, United States and belongs to GOOGLE, US. The main domain is storage.googleapis.com. The Cisco Umbrella rank of the primary domain is 492.
TLS certificate: Issued by WR2 on July 30th 2024. Valid for: 3 months.
This is the only time storage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.250.64.91 15169 (GOOGLE)
1 3 104.18.94.41 13335 (CLOUDFLAR...)
4 3
Apex Domain
Subdomains		 Transfer
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3877
15 KB
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 492
3 KB
0 twimg.com Failed
pbs.twimg.com Failed
4 3
Domain Requested by
3 challenges.cloudflare.com 1 redirects storage.googleapis.com
challenges.cloudflare.com
1 storage.googleapis.com
0 pbs.twimg.com Failed storage.googleapis.com
4 3

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
challenges.cloudflare.com
E5		 2024-07-17 -
2024-10-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://storage.googleapis.com/mailgooo/nobotgogomailbali.html
Frame ID: 5442D1F7677C985473DCD6F0B86022FF
Requests: 3 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bcx6y/0x4AAAAAAAWyD8kIgIxaOYq5/auto/fbE/normal/auto/
Frame ID: 7DC7AA92BECE82227979E9BE0AE1CAEC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Confirmation Page

Page Statistics

4
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

18 kB
Transfer

46 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nobotgogomailbali.html
storage.googleapis.com/mailgooo/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/mailgooo/nobotgogomailbali.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.91 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f27.1e100.net
Software
UploadServer /
Resource Hash
38a10944720bc48fa58a881f5fd3d1b0933e9f985fd43085e356ff3241107d20

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
2313
content-type
text/html
date
Wed, 28 Aug 2024 16:13:59 GMT
etag
"2fc0ce91527bf0f082e9a6408f5136a9"
expires
Wed, 28 Aug 2024 17:13:59 GMT
last-modified
Wed, 10 Apr 2024 03:41:53 GMT
server
UploadServer
x-goog-generation
1712720513628512
x-goog-hash
crc32c=cJ7JpQ== md5=L8DOkVJ78PCC6aZAj1E2qQ==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2313
x-guploader-uploadid
AHxI1nPo3hjqniBPdZqQ3vX8GNPiZDY8CZl-AVHT1o17JsIy1YTBFJaj3P3WV5lIZHwiTvrpa-E
api.js
challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js
44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/mailgooo/nobotgogomailbali.html
Protocol
H2
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55

Request headers

Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 16:13:59 GMT
content-encoding
br
last-modified
Thu, 15 Aug 2024 16:28:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy
cross-origin
cf-ray
8ba5977eba0936a6-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 28 Aug 2024 16:13:59 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/b/6790c32b9fc9/api.js
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy
cross-origin
cf-ray
8ba5977e89d436a6-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
GKWG_bwbgAA9ZS3
pbs.twimg.com/media/ 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bcx6y/0x4AAAAAAAWyD8kIgIxaOYq5/auto/fbE/normal/auto/ Frame 7DC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bcx6y/0x4AAAAAAAWyD8kIgIxaOYq5/auto/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://storage.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8ba5977f3e6bab0a-YYZ
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 28 Aug 2024 16:13:59 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pbs.twimg.com
URL
https://pbs.twimg.com/media/GKWG_bwbgAA9ZS3?format=png&name=small

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| redirectToNewUrl object| turnstile

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
pbs.twimg.com
storage.googleapis.com
pbs.twimg.com
104.18.94.41
142.250.64.91
38a10944720bc48fa58a881f5fd3d1b0933e9f985fd43085e356ff3241107d20
7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55