storage.googleapis.com Open in urlscan Pro
2a00:1450:400e:807::2010 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
Submission: On November 14 via manual (November 14th 2019, 3:58:54 pm UTC) from US

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 14 HTTP transactions. The main IP is 2a00:1450:400e:807::2010, located in Ireland and belongs to GOOGLE - Google LLC, US. The main domain is storage.googleapis.com.
TLS certificate: Issued by GTS CA 1O1 on October 16th 2019. Valid for: 3 months.

This is the only time storage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OneDrive (Online)

Domain & IP information

	IP Address	AS Autonomous System
12	2a00:1450:400... 2a00:1450:400e:807::2010	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
14	2

12 2a00:1450:400e:807::2010 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googleapis.com storage.googleapis.com ajax.googleapis.com	1 MB
14	1

	Domain	Requested by
12	storage.googleapis.com	ajax.googleapis.com
2	ajax.googleapis.com	storage.googleapis.com ajax.googleapis.com
14	2

This site contains no links.

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
Frame ID: FD644B43407F5AADAAB34A24EFED4817
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

1321 kB
Transfer

1427 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.html Show response
storage.googleapis.com/aonedrive-calodemon-223286165/ 2 KB
3 KB 421ms
397ms Document
text/html 2a00:1450:400e:807::2010
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:807::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a7486447f9423c14fa0fba8e8788dcb5425215f041d4676f20cdc8a68a384b95

Request headers

:method: GET
:authority: storage.googleapis.com
:scheme: https
:path: /aonedrive-calodemon-223286165/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
x-guploader-uploadid: AEnB2Uo8pkao68M7pQ4RBZF2C2XyrJfca_gvHI9h1RmKAGNGGoMsUe0pqrowBHEIUVZH6Ju_2Y8Bo4kSL3MJI5OGLHlfbYJlRKBlrPD6wRSoUeDVbZocsPg
expires: Thu, 14 Nov 2019 16:58:37 GMT
date: Thu, 14 Nov 2019 15:58:37 GMT
cache-control: public, max-age=3600
last-modified: Thu, 14 Nov 2019 04:13:23 GMT
etag: "ba2cfbb6a7821795ec44d6136b1102dd"
x-goog-generation: 1573704803429557
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2155
content-type: text/html
x-goog-hash: crc32c=dmrWLw== md5=uiz7tqeCF5XsRNYTaxEC3Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 2155
server: UploadServer
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 31 Oct 2019 13:55:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1217001
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Thu, 25 Jan 2018 15:33:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Oct 2020 13:55:16 GMT

GET
H2 200 index-home.html Show response
storage.googleapis.com/aonedrive-calodemon-223286165/ 3 KB
3 KB 300ms
300ms XHR
text/html 2a00:1450:400e:807::2010
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/aonedrive-calodemon-223286165/index-home.html
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:807::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a0ffe9efea49b5b56d69a6ff9e0a7d2374412bc529e53f76e9533d1f1328004d

Request headers

Accept: */*
Referer: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 14 Nov 2019 15:58:37 GMT
x-guploader-uploadid: AEnB2UqfYd_2_CNvPrKcLV6TPA0vBwIcHfLi44Wn1-clD-l3TTsorycwSGaDHp409yZqd7oGtCnuufR3_yTeJ2k0DB6q74n_4ICrQxrbvrEuLrLzhsMwSiY
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2764
last-modified: Thu, 14 Nov 2019 04:13:22 GMT
server: UploadServer
etag: "2505c37d697897285db17e3873768d4e"
x-goog-hash: crc32c=7V3IkA==, md5=JQXDfWl4lyhdsX44c3aNTg==
x-goog-generation: 1573704802790898
cache-control: public, max-age=3600
x-goog-stored-content-length: 2764
accept-ranges: bytes
content-type: text/html
expires: Thu, 14 Nov 2019 16:58:37 GMT

GET
H2 200 bootstrap.min.css
storage.googleapis.com/aonedrive-calodemon-223286165/css/ 118 KB
119 KB 433ms
432ms Stylesheet
text/css 2a00:1450:400e:807::2010
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/aonedrive-calodemon-223286165/css/bootstrap.min.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:807::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 Nov 2019 15:58:38 GMT
x-guploader-uploadid: AEnB2UpKzTQVtm8vFQQy2IMC38g4xn_3mfo4-M4ZZOM2Das6AvkDlkQhprgyK4-_YgDvFgZdCVc6hEBHDkntYWLY6UI5SAHZODb85LvYBJ7-8NyIhXcSN6U
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 121200
last-modified: Thu, 14 Nov 2019 04:13:24 GMT
server: UploadServer
etag: "ec3bb52a00e176a7181d454dffaea219"
x-goog-hash: crc32c=AvMCtw==, md5=7Du1KgDhdqcYHUVN/66iGQ==
x-goog-generation: 1573704804259065
cache-control: public, max-age=3600
x-goog-stored-content-length: 121200
accept-ranges: bytes
content-type: text/css
expires: Thu, 14 Nov 2019 16:58:38 GMT

GET
H2 200 style.css
storage.googleapis.com/aonedrive-calodemon-223286165/css/ 992 B
1 KB 414ms
414ms Stylesheet
text/css 2a00:1450:400e:807::2010
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/aonedrive-calodemon-223286165/css/style.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:807::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1d30b68954878271ca8dfff15bb33ed400770bd96e457ed1d37e0d2ea7a0e398

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 Nov 2019 15:58:38 GMT
x-guploader-uploadid: AEnB2UpMbOs-GJgEr3xsxB5Z1TB8H5dGIbP4rwrS_j_nWI8Ph9dzDLs20hmwXFXaVgrxOO_5N6hZRyE2BUqcjds4yr_vyXRHQQ
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 992
last-modified: Thu, 14 Nov 2019 04:13:24 GMT
server: UploadServer
etag: "bce233d334f4ba000637c82fe5e84382"
x-goog-hash: crc32c=FaMWpA==, md5=vOIz0zT0ugAGN8gv5ehDgg==
x-goog-generation: 1573704804790045
cache-control: public, max-age=3600
x-goog-stored-content-length: 992
accept-ranges: bytes
content-type: text/css
expires: Thu, 14 Nov 2019 16:58:38 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 31 Oct 2019 13:55:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1217001
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Thu, 25 Jan 2018 15:33:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Oct 2020 13:55:16 GMT

GET
H2 200 8.png
storage.googleapis.com/aonedrive-calodemon-223286165/images/ 15 KB
15 KB 383ms
382ms Image
image/png 2a00:1450:400e:807::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/aonedrive-calodemon-223286165/images/8.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:807::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 427befa297ada1b44c408e44888c338414e97308315bb1aa8aa9755a82a67b47

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 Nov 2019 15:58:38 GMT
x-guploader-uploadid: AEnB2UoTzSE-b2pdNKb1zWEx284pwvuOsGHqB3VQ94h9DygvyfUFlqNYenSYhH1UVFAikwRd0ekKsODPe4a1-x3G_ZI2ntN2nB1lhD99wG_FWXImLBSnxhE
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15429
last-modified: Thu, 14 Nov 2019 04:13:29 GMT
server: UploadServer
etag: "da2200fd231f860d38eb3aa532fb2699"
x-goog-hash: crc32c=C/YzlQ==, md5=2iIA/SMfhg046zqlMvsmmQ==
x-goog-generation: 1573704809788580
cache-control: public, max-age=3600
x-goog-stored-content-length: 15429
accept-ranges: bytes
content-type: image/png
expires: Thu, 14 Nov 2019 16:58:38 GMT

GET
H2 200 2.png
storage.googleapis.com/aonedrive-calodemon-223286165/images/ 8 KB
8 KB 441ms
441ms Image
image/png 2a00:1450:400e:807::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/aonedrive-calodemon-223286165/images/2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:807::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 10bf0d6373b9cbb951ddee37d25be762f1a15fd3efef55508d9ae00ad8f2f633

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 Nov 2019 15:58:38 GMT
x-guploader-uploadid: AEnB2UrEFe9AQ4ZovhMtkOpw1NsoX7sQvANq1ZMeLO0PaYTjC-N6Bb0sweOPqt_MNGg2iYxg78sEVfGrAxwtVPOLwo579mYDSi9_1omatr4yHE7vAM_zzPU
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7723
last-modified: Thu, 14 Nov 2019 04:13:26 GMT
server: UploadServer
etag: "946a53db076afa1bf9598e3c4a5e6bb4"
x-goog-hash: crc32c=uHY+0g==, md5=lGpT2wdq+hv5WY48Sl5rtA==
x-goog-generation: 1573704806313862
cache-control: public, max-age=3600
x-goog-stored-content-length: 7723
accept-ranges: bytes
content-type: image/png
expires: Thu, 14 Nov 2019 16:58:38 GMT

GET
H2 200 3.png
storage.googleapis.com/aonedrive-calodemon-223286165/images/ 9 KB
9 KB 335ms
335ms Image
image/png 2a00:1450:400e:807::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/aonedrive-calodemon-223286165/images/3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:807::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6b4cd5347b1e94d1d4d9be5dc4a6d5680e8977572f0f3ff63a8725018022f091

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 Nov 2019 15:58:38 GMT
x-guploader-uploadid: AEnB2Uqyx_GgStHwpddcy54ce28sRiUnNnDI0u_VH5MrHSHSEzYShdeCfoJXpQTe--Wuh1IgbS3_2dhBhcoN1d49EkJtgDKhig
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8785
last-modified: Thu, 14 Nov 2019 04:13:26 GMT
server: UploadServer
etag: "87108a185f60d59b3fdd466a3a73a7c0"
x-goog-hash: crc32c=f1nL6g==, md5=hxCKGF9g1Zs/3UZqOnOnwA==
x-goog-generation: 1573704806786221
cache-control: public, max-age=3600
x-goog-stored-content-length: 8785
accept-ranges: bytes
content-type: image/png
expires: Thu, 14 Nov 2019 16:58:38 GMT

GET
H2 200 4.png
storage.googleapis.com/aonedrive-calodemon-223286165/images/ 7 KB
7 KB 423ms
423ms Image
image/png 2a00:1450:400e:807::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/aonedrive-calodemon-223286165/images/4.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:807::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9b87979075cb3ae7efc8368049ed4ee4bd81dfac2ef7e7d28c439443dc5f2e10

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 Nov 2019 15:58:38 GMT
x-guploader-uploadid: AEnB2UohRjMqZz3NplGGxX_JIThVfnBtglT8-ixTXwsHnTcmKxcuy-COhyBWyAvpEgo9H1vldYKuJTc24Z51wE87B1cqEFiBXYB5np-evgzbD-h0VaFX-SU
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6971
last-modified: Thu, 14 Nov 2019 04:13:27 GMT
server: UploadServer
etag: "2395532e8d28487bb6240548c74e6daa"
x-goog-hash: crc32c=9ETQsQ==, md5=I5VTLo0oSHu2JAVIx05tqg==
x-goog-generation: 1573704807397119
cache-control: public, max-age=3600
x-goog-stored-content-length: 6971
accept-ranges: bytes
content-type: image/png
expires: Thu, 14 Nov 2019 16:58:38 GMT

GET
H2 200 5.png
storage.googleapis.com/aonedrive-calodemon-223286165/images/ 7 KB
7 KB 393ms
392ms Image
image/png 2a00:1450:400e:807::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/aonedrive-calodemon-223286165/images/5.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:807::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d07a2d8e8c4b08af3bf22911cc5bf9a28b29ea1fcfc9f7ac776910d611ca53f7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 Nov 2019 15:58:38 GMT
x-guploader-uploadid: AEnB2UoLyRv93uJ5WRwLP0Rd79Xa8ntazaacBOiNNbS3yo2o55HuDCFW2hyBQEW7Y8nzoUOmEPvO0Rk__FAJUJmZoZOKECLzyhhT7t_UuKm-DbXwwMAYMXE
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7308
last-modified: Thu, 14 Nov 2019 04:13:27 GMT
server: UploadServer
etag: "edebd1f8bd61cf230a4e9cd82b7e39ef"
x-goog-hash: crc32c=SjsRcg==, md5=7evR+L1hzyMKTpzYK3457w==
x-goog-generation: 1573704807925776
cache-control: public, max-age=3600
x-goog-stored-content-length: 7308
accept-ranges: bytes
content-type: image/png
expires: Thu, 14 Nov 2019 16:58:38 GMT

GET
H2 200 6.png
storage.googleapis.com/aonedrive-calodemon-223286165/images/ 7 KB
7 KB 414ms
413ms Image
image/png 2a00:1450:400e:807::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/aonedrive-calodemon-223286165/images/6.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:807::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c708fb2fb7d15014dd7c8229647751de58c5c22d810ee186bebc36344493f4f7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 Nov 2019 15:58:38 GMT
x-guploader-uploadid: AEnB2UrzhQawTKQlCXexS1QvZ8PuFlry2M5Tn8AwB0YaBj1E960HHUAmxSXqxLQtQIh20jXOsGfO8TeRdyxXJk8XjNJHkkYkGA
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6880
last-modified: Thu, 14 Nov 2019 04:13:28 GMT
server: UploadServer
etag: "e81e915ab131ac77142433e2f28e7362"
x-goog-hash: crc32c=llwYlg==, md5=6B6RWrExrHcUJDPi8o5zYg==
x-goog-generation: 1573704808624706
cache-control: public, max-age=3600
x-goog-stored-content-length: 6880
accept-ranges: bytes
content-type: image/png
expires: Thu, 14 Nov 2019 16:58:38 GMT

GET
H2 200 7.png
storage.googleapis.com/aonedrive-calodemon-223286165/images/ 9 KB
9 KB 406ms
406ms Image
image/png 2a00:1450:400e:807::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/aonedrive-calodemon-223286165/images/7.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:807::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6b6dcdeb7302f82729e8bc885a2ef208c7bfeda3a0e7c9cf86712f35e986681c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://storage.googleapis.com/aonedrive-calodemon-223286165/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 Nov 2019 15:58:38 GMT
x-guploader-uploadid: AEnB2UpWeiySYsK5Sbhk-Txz7hkMQncKTZaAAXo1WT50ZzPM0tWddb8f-gl_hDWGepulkOWug5Oj9u81u5uWYx2BM1TxZ5Rtkg
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9073
last-modified: Thu, 14 Nov 2019 04:13:29 GMT
server: UploadServer
etag: "7a1c0d1f89e79ed2c42bb6c492780962"
x-goog-hash: crc32c=QaZaTg==, md5=ehwNH4nnntLEK7bEkngJYg==
x-goog-generation: 1573704809089928
cache-control: public, max-age=3600
x-goog-stored-content-length: 9073
accept-ranges: bytes
content-type: image/png
expires: Thu, 14 Nov 2019 16:58:38 GMT

GET
H2 200 1.png
storage.googleapis.com/aonedrive-calodemon-223286165/images/ 1 MB
1 MB 439ms
438ms Image
image/png 2a00:1450:400e:807::2010
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/aonedrive-calodemon-223286165/images/1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:807::2010 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a80c0be328d6fafc28660d8df69d9cd6fb89cb888b95d2da9dc1b47296c4dbfc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://storage.googleapis.com/aonedrive-calodemon-223286165/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 Nov 2019 15:58:38 GMT
x-guploader-uploadid: AEnB2UrvrTzBdTJtFtE-_aYWWNhZ2cfvUoYc1kzZMyDc53-nU0ifcEkElihXZA6Pa_YPWqiTqVy4KJLyGgAJqnIA1s6MYvjWXNIq4VsyfnH3rVqCLsMVP3w
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1097791
last-modified: Thu, 14 Nov 2019 04:13:25 GMT
server: UploadServer
etag: "6a85a0b05b1d046bd5efe80d6a6bd7fc"
x-goog-hash: crc32c=OjDM9g==, md5=aoWgsFsdBGvV7+gNamvX/A==
x-goog-generation: 1573704805750520
cache-control: public, max-age=3600
x-goog-stored-content-length: 1097791
accept-ranges: bytes
content-type: image/png
expires: Thu, 14 Nov 2019 16:58:38 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
storage.googleapis.com
2a00:1450:4001:820::200a
2a00:1450:400e:807::2010
10bf0d6373b9cbb951ddee37d25be762f1a15fd3efef55508d9ae00ad8f2f633
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1d30b68954878271ca8dfff15bb33ed400770bd96e457ed1d37e0d2ea7a0e398
427befa297ada1b44c408e44888c338414e97308315bb1aa8aa9755a82a67b47
6b4cd5347b1e94d1d4d9be5dc4a6d5680e8977572f0f3ff63a8725018022f091
6b6dcdeb7302f82729e8bc885a2ef208c7bfeda3a0e7c9cf86712f35e986681c
9b87979075cb3ae7efc8368049ed4ee4bd81dfac2ef7e7d28c439443dc5f2e10
a0ffe9efea49b5b56d69a6ff9e0a7d2374412bc529e53f76e9533d1f1328004d
a7486447f9423c14fa0fba8e8788dcb5425215f041d4676f20cdc8a68a384b95
a80c0be328d6fafc28660d8df69d9cd6fb89cb888b95d2da9dc1b47296c4dbfc
c708fb2fb7d15014dd7c8229647751de58c5c22d810ee186bebc36344493f4f7
d07a2d8e8c4b08af3bf22911cc5bf9a28b29ea1fcfc9f7ac776910d611ca53f7
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

storage.googleapis.com Open in urlscan Pro 2a00:1450:400e:807::2010 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

100 %IPv6

1 Domains

2 Subdomains

2 IPs

2 Countries

1321 kBTransfer

1427 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Indicators

storage.googleapis.com Open in urlscan Pro
2a00:1450:400e:807::2010 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

1321 kB
Transfer

1427 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!