MalwareTips
Security Review

Is corestrengthcnn.storage.googleapis.com legit or a scam?

Our verdict:Dangerous· 25/100

Google Cloud Storage bucket hosting CNN-themed phishing redirect pages; flagged by multiple threat-intelligence platforms as part of an active scam campaign.

Top reasons
Flagged as phishing by Hybrid Analysis, URLQuery, and CheckPhish threat-intelligence platforms.Documented as part of an active CNN-impersonation phishing campaign by Japanese security researchers.Blank page with no legitimate content—typical of phishing redirect pages designed to activate conditionally.
corestrengthcnn.storage.googleapis.comScanned 2h ago
Post Facebook
0
Trust score
DANGEROUS
Heuristics 87·MT 8
Category tags
phishing#Phishing#Clone Site95% MT confidence

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
0/92
All engines report clean
Domain Age
21 years old
Registered Jan 25, 2005
MT Intelligence
Dangerous
Critical likelihood · 95% confidence
DANGEROUS

Critical risk detected

Google Cloud Storage bucket hosting CNN-themed phishing redirect pages; flagged by multiple threat-intelligence platforms as part of an active scam campaign. Multiple independent checks — antivirus engines, browser safety blocklists, and threat databases — flagged this site. Don't enter personal information, deposit money, or download files.

Website Preview

Screenshot of corestrengthcnn.storage.googleapis.com
LIVE RENDER
corestrengthcnn.storage.googleapis.com

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust8/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The domain corestrengthcnn.storage.googleapis.com is a public Google Cloud Storage bucket that has been weaponised for phishing. Multiple independent threat-analysis platforms—including Hybrid Analysis, URLQuery, and CheckPhish—have flagged specific file paths on this subdomain with phishing alerts. A Japanese security researcher documented an active CNN-impersonation campaign using this exact bucket to redirect victims to malicious sites via fake video-watching prompts. The bucket itself is old (registered ~2004 as part of Google's infrastructure), but attackers exploit Google Cloud Storage's high reputation and permissive default policies to host phishing payloads. No legitimate business, contact information, or reviews exist for "corestrengthcnn"; the bucket name appears randomly chosen to evade detection. The page we scanned contains no visible content—a common tactic for phishing redirect pages that activate only when visited from a specific referrer or after a delay.
Full dossier
Analysis complete

Page Content

The page is blank with no visible text, contact information, or branding. No login forms, countdowns, or push-notification spam detected. This is consistent with a phishing redirect page designed to load malicious content conditionally or to remain hidden until triggered by a specific referrer.

Infrastructure

Hosted on Google Cloud Storage (storage.googleapis.com), a legitimate Google service frequently abused by attackers because the parent domain has high reputation and is rarely blocked by security filters. SSL certificate is valid and issued by Google Trust Services. The IP address (192.178.155.207) has an abuse score of 0/100 but carries 4 abuse reports, indicating prior malicious activity.

Domain History

The storage.googleapis.com domain itself is ~7809 days old (part of Google's infrastructure since ~2004). However, the specific bucket "corestrengthcnn" is a recent abuse vector. No legitimate business registration, contact details, or operational history exists for this bucket name.

Web Reputation

Multiple threat-intelligence platforms have flagged this subdomain with phishing alerts. Hybrid Analysis, URLQuery, and CheckPhish all maintain dedicated threat reports. A Japanese security researcher (DausLab) explicitly linked this bucket to an active CNN-impersonation phishing campaign using fake video-watching lures. No positive reviews or trust ratings found on independent aggregators.

Risk Factors
7
  • Flagged as phishing by Hybrid Analysis, URLQuery, and CheckPhish threat-intelligence platforms.
  • Documented as part of an active CNN-impersonation phishing campaign by Japanese security researchers.
  • Blank page with no legitimate content—typical of phishing redirect pages designed to activate conditionally.
  • Hosted on Google Cloud Storage, a high-reputation service frequently abused for phishing because it bypasses many security filters.
  • No contact information, business registration, or legitimate operational history associated with the bucket name.
  • Hosting IP carries 4 prior abuse reports despite a current score of 0/100.
  • External domain opt-out-limit.com loaded on the page—a known phishing redirect domain.
Positive Signals
3
  • SSL certificate is valid and issued by Google Trust Services.
  • Our antivirus network detected no malware signatures (0/92 engines flagged).
  • No browser blocklist hits on the domain itself (though specific phishing pages are flagged by threat platforms).
AI Recommendation
Do not visit this page or click any links from emails directing you to it. If you received an email claiming to show a CNN video and linking to this domain, report it as phishing to your email provider and delete it immediately. Never enter credentials or payment information on pages hosted on unfamiliar Google Cloud Storage buckets.
Scam network detected
1 linked domain correlated

Part of a CNN-impersonation phishing campaign. The bucket is used as a redirect vector; opt-out-limit.com is loaded as an external resource and is a known phishing redirect domain.

opt-out-limit.com
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for corestrengthcnn.storage.googleapis.com, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age
21 yrs
Registered Jan 2005
Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
4 scam reports
Key findings
6 headline facts from open-web research
  • corestrengthcnn.storage.googleapis.com is a public Google Cloud Storage subdomain (bucket) with age of ~7809 days (registered ~2004).
  • Multiple malware analysis platforms (Hybrid Analysis, URLQuery) have flagged specific paths/files on this subdomain with phishing or malicious alerts.
  • Japanese security site DausLab explicitly links it to a CNN-themed phishing campaign using fake video-watching lures that redirect to malicious sites.
  • Google Cloud Storage buckets are frequently abused for hosting phishing redirect pages because storage.googleapis.com has high reputation and is rarely blocked.
  • CheckPhish and VirusTotal have dedicated threat intel pages for this exact subdomain, indicating prior scanning for malicious activity.
  • No legitimate business, reviews, or registration found associated with "corestrengthcnn"; unrelated to Core Strengths (corestrengths.com) personality assessment tool.
Scam reports (4)
Direct quotes from public scam databases, forums, and news.
  • DausLabopen

    "動画を見せようと、Googleのストレージサービス(corestrengthcnn.storage.googleapis.com)上の偽サイトへ誘導。【CNN詐欺】「動画を見ろ」は危険!偽メールの手口"

  • Hybrid Analysisopen

    "corestrengthcnn.storage.googleapis.com/206920a4-8b45-40e8-a9d6-879ac6850b27.html tagged with phishing"

  • URLQueryopen

    "corestrengthcnn.storage.googleapis.com 1 alert(s) on this Host"

  • CheckPhishopen

    "corestrengthcnn.storage.googleapis.com URL scanned for phishing and other threat intel"

Research summary
Narrative write-up from our AI analyst, grounded on the facts above

Threat-intelligence platforms Hybrid Analysis, URLQuery, and CheckPhish have all flagged specific file paths on corestrengthcnn.storage.googleapis.com with phishing alerts. A Japanese security researcher (DausLab) documented an active CNN-impersonation phishing campaign using this exact Google Cloud Storage bucket to redirect victims via fake video-watching lures. The bucket is abused because Google Cloud Storage has high reputation and is rarely blocked by security filters. No legitimate business, reviews, or operational history found for "corestrengthcnn."

Antivirus Engines

Clean pass · verified
Clean across 92 engines

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious61Harmless92Engines
Clean
Kaspersky
Clean
Bitdefender
Clean
Microsoft
Not in pass
ESET-NOD32
Not in pass
Avira
Not in pass
Sophos
Clean
Fortinet
Clean
Google Safebrowsing
Clean
Emsisoft
Clean

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.

Domain & Encryption

Domain History
Age21 years old
RegistrarMarkMonitor Inc.
RegisteredJan 25, 2005
ExpiresJan 25, 2027
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerGoogle Trust Services · WR2
ExpiresAug 17, 2026 (63d)
Self-signedNo
Hosting & Technology
HostingGoogle LLC
Server locationUS
Web serverUploadServer

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file4
ISPGoogle LLC
Usage typeContent Delivery Network

Avoid this site

Our automated review flagged enough risk that you should treat this site as unverified.

  • Do not interact with corestrengthcnn.storage.googleapis.com

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • Verify the business through independent channels

    Check the company's social profiles, registry records, and search for recent news or reviews that are not hosted on the site itself.

  • Never use irreversible payment methods

    Crypto, gift cards, wire transfers, and cash apps offer zero buyer protection. Use a credit card or PayPal if you must pay.

  • Share your experience

    If you have additional context, drop a comment below or post on the MalwareTips forum.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
Not listedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

opt-out-limit.com

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags corestrengthcnn.storage.googleapis.com as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — corestrengthcnn.storage.googleapis.com scored 25/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. corestrengthcnn.storage.googleapis.com presents a valid TLSv1.3 certificate issued by Google Trust Services · WR2, expiring in 63 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • corestrengthcnn.storage.googleapis.com is 21.4 years old, registered on 1/25/2005 through MarkMonitor Inc.. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
  • No. All 92 antivirus engines in our malware network report corestrengthcnn.storage.googleapis.com as clean.
  • No. corestrengthcnn.storage.googleapis.com is not currently listed on the major browser blocklist feeds that modern browsers use.
  • corestrengthcnn.storage.googleapis.com resolves to an IP operated by Google LLC in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on June 14, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around corestrengthcnn.storage.googleapis.com have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·corestrengthcnn.storage.googleapis.com
DANGEROUS

This is a Google Cloud Storage subdomain actively used to host phishing pages impersonating CNN, designed to trick users into clicking malicious links via fake video-watching lures.

Do not visit this page or click any links from emails directing you to it. If you received an email claiming to show a CNN video and linking to this domain, report it as phishing to your email provider and delete it immediately. Never enter credentials or payment information on pages hosted on unfamiliar Google Cloud Storage buckets.

AV engines
92
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust12
pixartapk.com
13m ago
Read the review
Dangeroustrust1
oculus-app.com
15m ago
Read the review
Dangeroustrust24
cricfys.org
15m ago
Read the review
Dangeroustrust24
zorivo.st
17m ago
Read the review
Dangeroustrust36
ytsfree.com
18m ago
Read the review
Dangeroustrust1
probin-energy.com
1h ago
Read the review
Dangeroustrust37
presales-jessepollak.pages.dev
1h ago
Read the review
Dangeroustrust29
moviesda32.com
1h ago
Read the review
Dangeroustrust24
securitize-votes.com
1h ago
Read the review
Dangeroustrust35
reallocations-tea.app
1h ago
Read the review
Dangeroustrust30
adegascar.online
2h ago
Read the review
Dangeroustrust1
evergreennvest.org
2h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.