ScanMalware.com

Security Scan Report: storage.googleapis.com

Submitted: Apr 22, 2026, 7:00:06 AMCompleted: Apr 22, 2026, 7:01:25 AMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 1 country across 2 domains to perform 8 HTTP transactions. The main domain is storage.googleapis.com and was registered NaN years ago.

Submitted URL: https://storage.googleapis.com/domain-notification.autos/Index.html#[email protected]

The Cisco Umbrella rank of the primary domain is #36 of the top 1 million websitesTop 100 Site

AI Security Verdict

Moderate Risk

Confidence: 95%

5
Risk Score

The site uses Google Cloud storage to host a fake Roundcube login page, harvesting credentials via a password field and embedding a victim email in the URL – confirmed phishing scam.

Risk Factors
Cloud storage domain used for credential collection
Email address in URL fragment targeting users
Brand impersonation of Roundcube Webmail
Password field present without legitimate backend
Cross‑origin POST to external service (api.ipify.org) without clear purpose
Safety Factors
Domain age >20 years (well‑established)
High Cisco Umbrella ranking (Top 100)
No malicious Indicators of Compromise detected
No JavaScript malware YARA matches
No network IDS alerts
Established domain (7756 days old) with no strong malicious indicators — risk clamped from 10 to 5
Domain age information unavailable

Details

Page Title

Roundcube Webmail :: Welcome to Roundcube Webmail

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

phishing scam

(46%)

Domain Information

Within the commercial generic top-level domain (.com), 'storage.googleapis.com' is registered; it also runs on subdomain 'storage'. The second-level label 'googleapis' is 10 characters long holding 5 vowels versus five consonants. It segments into 2 words: google, apis. Median word length is five characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://storage.googleapis.com/domain-notification.autos/Index.html#rfranklin@secure-u.com

Page Load Overview

1.26s
Total Load Time
8
HTTP Requests
2
Domains
71 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:210 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing scam46% confidence
Type: webapp
Method: ml+structural

All Detected Categories

phishing scam
46%
technology software
45%
documentation technical
44%
news media journalism
41%
government public service
35%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
444.218.65.239Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
23.224.96.112Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
2142.251.127.207United States
AS15169Google LLC
83--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T11BB1B54364F50C250B6341F1365692013BE9C1179F05EC58B9FD826E2F89E2A89BB3DD

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:nxcTSMeoRmGe3UeGDMcDcAmySffsBp2tQasVmiP75aRiyWN7n:xcTSMeoMGeEecMcwAmLnsBp2Wasr0Ryn

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:5442:DgAESAAYAJAiOEAAWIEtIwCGJQIIeACgMWJIlAwISgEAiEAFBCASAgkQESkQQghAAgiEUCgEUgQxOBABMCAgdXTAIAAWc0SB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:e7c3c3e7ffffffff
Perceptual Hash:b333c4cccccc3399
Difference Hash:4c4d4d4cb245a8a2
Wavelet Hash:6300c342b5bde77a
Color Hash:#3a7848

Other Hashes

Crop Resistant:4c4d4d4cb245a8a2,68017e7e6a72330f

Scan History

Scan history not available

Unable to load historical scan data