sites.google.com
Open in
urlscan Pro
2607:f8b0:4020:804::200e
Malicious Activity!
Public Scan
Submission: On April 28 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1C3 on April 3rd 2023. Valid for: 3 months.
This is the only time sites.google.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 2607:f8b0:402... 2607:f8b0:4020:804::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:402... 2607:f8b0:4020:805::200a | 15169 (GOOGLE) (GOOGLE) | |
9 | 2607:f8b0:402... 2607:f8b0:4020:807::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:402... 2607:f8b0:4020:806::2001 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 6 | 104.18.23.9 104.18.23.9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:9000:23c... 2600:9000:23ca:5600:8:2495:5540:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 2600:9000:21d... 2600:9000:21dd:3600:4:f6ce:61c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:202... 2600:9000:202c:e800:16:a497:9700:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 34.236.90.28 34.236.90.28 | 14618 (AMAZON-AES) (AMAZON-AES) | |
4 | 54.225.127.151 54.225.127.151 | 14618 (AMAZON-AES) (AMAZON-AES) | |
43 | 12 |
ASN15169 (GOOGLE, US)
sites.google.com | |
apis.google.com |
ASN16509 (AMAZON-02, US)
renderer-assets.typeform.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-90-28.compute-1.amazonaws.com
rudderstack-control-plane.cdp.prod.data.typeform.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-127-151.compute-1.amazonaws.com
rudderstack.cdp.prod.data.typeform.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
typeform.com
psf51mc35ch.typeform.com Failed images.typeform.com — Cisco Umbrella Rank: 68341 renderer-assets.typeform.com — Cisco Umbrella Rank: 60865 rudderstack-control-plane.cdp.prod.data.typeform.com — Cisco Umbrella Rank: 70595 rudderstack.cdp.prod.data.typeform.com — Cisco Umbrella Rank: 68469 |
578 KB |
11 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
805 KB |
10 |
google.com
sites.google.com — Cisco Umbrella Rank: 9827 apis.google.com — Cisco Umbrella Rank: 236 |
177 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119 |
3 KB |
1 |
rudderlabs.com
cdn.rudderlabs.com — Cisco Umbrella Rank: 15130 |
133 KB |
1 |
googleusercontent.com
lh6.googleusercontent.com — Cisco Umbrella Rank: 1213 |
167 KB |
43 | 6 |
Domain | Requested by | |
---|---|---|
9 | www.gstatic.com |
sites.google.com
www.gstatic.com |
7 | apis.google.com |
sites.google.com
apis.google.com www.gstatic.com |
6 | psf51mc35ch.typeform.com |
www.gstatic.com
psf51mc35ch.typeform.com renderer-assets.typeform.com |
5 | renderer-assets.typeform.com |
psf51mc35ch.typeform.com
renderer-assets.typeform.com |
4 | rudderstack.cdp.prod.data.typeform.com |
renderer-assets.typeform.com
|
3 | sites.google.com |
www.gstatic.com
|
2 | rudderstack-control-plane.cdp.prod.data.typeform.com |
renderer-assets.typeform.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
sites.google.com
|
1 | cdn.rudderlabs.com |
renderer-assets.typeform.com
|
1 | images.typeform.com |
psf51mc35ch.typeform.com
|
1 | lh6.googleusercontent.com |
sites.google.com
|
43 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
typeform.com Cloudflare Inc ECC CA-3 |
2022-06-27 - 2023-06-26 |
a year | crt.sh |
*.typeform.com Amazon RSA 2048 M01 |
2023-02-24 - 2023-10-29 |
8 months | crt.sh |
*.rudderlabs.com Amazon RSA 2048 M02 |
2023-02-21 - 2023-08-12 |
6 months | crt.sh |
cdp.prod.data.typeform.com Amazon RSA 2048 M02 |
2023-02-23 - 2024-02-01 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://sites.google.com/office-remittance.com/hgb?usp=sharing
Frame ID: 957A716C3D5BCD84FCB724483BFCA0A4
Requests: 18 HTTP requests in this frame
Frame:
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.yTSbWrSe458.O%2Fd%3D1%2Frs%3DAHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q%2Fm%3D__features__&r=911873636
Frame ID: CB5DF1E88E4C80CEA48942F8CCC8E96A
Requests: 6 HTTP requests in this frame
Frame:
https://psf51mc35ch.typeform.com/to/lmpfrRij
Frame ID: AB9892ED6F87E78D520AF632B343C1AA
Requests: 1 HTTP requests in this frame
Frame:
https://psf51mc35ch.typeform.com/to/lmpfrRij
Frame ID: D115CFE8E838A42BD6F6532AC3A1BA17
Requests: 12 HTTP requests in this frame
Frame:
https://psf51mc35ch.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
Frame ID: 04587BA079BE150F9F4D39F91C383F74
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
MlCROSOFT 0FFlCE 365 - MAlLDetected technologies
Google Sites (CMS) ExpandDetected patterns
- ^https?://sites\.google\.com
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Plus (Widgets) Expand
Detected patterns
- apis\.google\.com/js/[a-z]*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://psf51mc35ch.typeform.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://psf51mc35ch.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
43 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
hgb
sites.google.com/office-remittance.com/ |
62 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
23 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
12 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rs=AGEqA5n5BPWCeMGvuOyDHOfNlATIDU59zQ
www.gstatic.com/_/atari/_/ss/k=atari.vw.yCPfeKC3HvE.L.W.O/d=1/ |
1 MB 146 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.js
apis.google.com/js/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=view
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.zDmzD_Bp-Yo.O/d=1/rs=AGEqA5nUL071JClYJ_Wvjv72WNtLBU8_Dw/ |
559 KB 190 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/ |
315 KB 108 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VGtYrTTmx8iVKHwUdBE_2dbIi7TkbChTKRrCLmmI2OVh--f5xAMucfX1lXJnnpm0kpqdlJ_PzZlblxicQyqqxsQ=w16383
lh6.googleusercontent.com/ |
167 KB 167 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame CB5D |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
m=sy1b,sy1c,sy1a,FoQBg
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.zDmzD_Bp-Yo.O/d=0/rs=AGEqA5nUL071JClYJ_Wvjv72WNtLBU8_Dw/ |
37 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
m=sy2l,TRvtze
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.zDmzD_Bp-Yo.O/d=0/rs=AGEqA5nUL071JClYJ_Wvjv72WNtLBU8_Dw/ |
850 B 517 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy15,TGYpv,sy11,X85Uvc,syz,YXyON,sy2m,abQiW,W26a5e,hJUyqe,sy13,sy18,sy14,sy16,sy17,fuVYe,KUM7Z,XDKZTc,sy12,qkPXAf,qEW1W,oNFsLb,sy3k,yxTchf,sy3l,sy3m,xQtZb,yf2Bs,sy2,sy...
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.zDmzD_Bp-Yo.O/d=0/rs=AGEqA5nUL071JClYJ_Wvjv72WNtLBU8_Dw/ |
1 MB 389 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
m=sy3b,IZT63,vfuNJf,sy35,sy39,sy3c,sy3p,sy3n,sy3o,siKnQd,sy33,sy3a,sy3e,YNjGDd,sy3d,sy3f,PrPYRd,iFQyKf,hc6Ubd,sy3q,SpsfSb,sy36,sy38,wR5FRb,pXdRYb,dIoSBb,zbML3c
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.zDmzD_Bp-Yo.O/d=0/rs=AGEqA5nUL071JClYJ_Wvjv72WNtLBU8_Dw/ |
27 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
m=m9oV,sy3g,NTMZac,rCcCxc,mzzZzc,RAnnUd,sy2p,sy2q,uu7UOe,nAFL3,sy2i,gJzDyc,sy2r,sy2s,soHxf,syv,syu,HYv29e,sy2t,uY3Nvd
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.zDmzD_Bp-Yo.O/d=0/rs=AGEqA5nUL071JClYJ_Wvjv72WNtLBU8_Dw/ |
33 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
apis.google.com/js/ Frame CB5D |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
logImpressions
sites.google.com/_/view/ |
16 B 64 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/ |
261 B 201 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/ Frame CB5D |
50 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame CB5D |
2 KB 947 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
lmpfrRij
psf51mc35ch.typeform.com/to/ Frame AB98 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
apis.google.com/js/ Frame CB5D |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.yTSbWrSe458.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_5dpdVCMe_LPx1yH-hHA2M85TB-Q/ Frame CB5D |
50 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lmpfrRij
psf51mc35ch.typeform.com/to/ Frame D115 |
108 KB 35 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rPiZe7XpjxpF
images.typeform.com/images/ Frame D115 |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modern-renderer.6b1a38da991ee5c144be.js
renderer-assets.typeform.com/ Frame D115 |
787 KB 231 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
invisible.js
psf51mc35ch.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/ Frame 0458 Redirect Chain
|
26 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pica.js
psf51mc35ch.typeform.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 0458 |
6 KB 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
7bf039d49c6d8c93
psf51mc35ch.typeform.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 0458 |
2 B 723 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vendors~form~blocks-validation-phone_number~blocks-renderer-contact_info~blocks-renderer-phone_number.0c35a1c1193305df993f.renderer.js
renderer-assets.typeform.com/ Frame D115 |
107 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vendors~form.ea948ae7d71201d2d4ac.renderer.js
renderer-assets.typeform.com/ Frame D115 |
613 KB 187 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
form.1868976771794d8f2d98.renderer.js
renderer-assets.typeform.com/ Frame D115 |
245 KB 70 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
blocks-renderer-short_text.2f5d9a5943cb113d6b9d.renderer.js
renderer-assets.typeform.com/ Frame D115 |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
view-form-open
psf51mc35ch.typeform.com/forms/lmpfrRij/insights/events/v3/ Frame D115 |
2 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rudder-analytics.min.js
cdn.rudderlabs.com/v1/ Frame D115 |
464 KB 133 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame D115 |
610 B 744 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
logImpressions
sites.google.com/_/view/ |
16 B 64 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame D115 |
2 B 162 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame D115 |
2 B 162 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- psf51mc35ch.typeform.com
- URL
- https://psf51mc35ch.typeform.com/to/lmpfrRij
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| DOCS_timing function| _DumpException object| _docs_flag_initialData object| _docs_flag_cek function| gapiLoaded object| _at_config object| globals object| messages object| gapi object| ___jsl function| bgImgLoaded object| default_vw function| _F_installCss object| _bind object| closure_lm_988013 object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis function| _getTimingInstance function| _docsTiming function| MicroscopeImageMetadata object| MicroscopeMaximizeMode object| MicroscopeBackgroundStyle function| MicroscopeState function| MicroscopeSize object| MicroscopeResizeMode object| MicroscopeZoomWidgetMode function| Microscope number| closure_uid_1711131595 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.com/ | Name: NID Value: 511=ND3WG0T_edfDUxRlNkjTKQ0Wgjvkw7XapzO-1BfkJ9VScMUxFr-uXX2gRkJULXS388t7HtXIChuYHl-n0F26ow1Wwln4aVxCeg75aVRORAhIK5iIqjtnnUgxamfnzbwcr3rMsdXJ777ddNAU-BixunlnDg8mw6PFw2jrrsm1Nd0 |
|
.typeform.com/ | Name: __cf_bm Value: tZRfh_n8BPdwrM6Ics1fsOD3rTmmFpbc_HXXLm9yyJE-1682694562-0-ATn6f4yEAG3r5M5D0GnEzX9lI6kPA0jd8ZAeF9jMbMQ16rjCV88wmHp/QoA6FcIgKJTcNt95i8lEMMWBIhxzdXyqIgDbcHnseBfbbHRmfeesl3EK4JMDPLdGj8u0zI3VeLrUuQ4M3uSzdE/U1Lz3XSA= |
|
.typeform.com/ | Name: tf_respondent_cc Value: {%22groups%22:[%222%22]%2C%22timestamp%22:%222023-04-28T15:09:23.123Z%22%2C%22implicitConsent%22:true} |
|
.typeform.com/ | Name: attribution_user_id Value: e3ee9572-1ecf-4765-8902-b3d16a865e6f |
|
psf51mc35ch.typeform.com/ | Name: AWSALBTGCORS Value: 7+HyvumvueY6Is6/4Ks4bNrSorTP8QJAnuxSAU+dPMLGIO/rU2GWYkfvfeOXMCZCobH3vGX+a1Jez29R+lTMb1mGrZzepI2EPlPgxIehTQ83G8YyM9GfjoX8TZEGLsfSkXUYQR79m7SALDJx6zr7Ans+DWh2tGrPU3qWNExE+82j |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-LrrLBUPeNRd58g0akqOwwQ' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/ |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apis.google.com
cdn.rudderlabs.com
fonts.googleapis.com
fonts.gstatic.com
images.typeform.com
lh6.googleusercontent.com
psf51mc35ch.typeform.com
renderer-assets.typeform.com
rudderstack-control-plane.cdp.prod.data.typeform.com
rudderstack.cdp.prod.data.typeform.com
sites.google.com
www.gstatic.com
psf51mc35ch.typeform.com
104.18.23.9
2600:9000:202c:e800:16:a497:9700:93a1
2600:9000:21dd:3600:4:f6ce:61c0:93a1
2600:9000:23ca:5600:8:2495:5540:93a1
2607:f8b0:4006:808::2003
2607:f8b0:4020:804::200e
2607:f8b0:4020:805::200a
2607:f8b0:4020:806::2001
2607:f8b0:4020:807::2003
34.236.90.28
54.225.127.151
04d6f97d531bfc22beda5849186d094e22ea407cf803b10d50232874d300c62e
1374ed0999e594ca05e62750f619f749dea6ae9d1157dd9e9d7d7736524ad964
145607389b6d7d2f4e36c9c3fb075349cb3efa62dc0c067143e2faf3a5a5573c
1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bedc118ad4b8018e96dd64b927d0eb07ac64e56968548efd33705c1dddeafb2
2cdd4be55b26feb467f9ba3447bc01640934768ea0e11f889e0e31abfeff9ee0
2e112b8d7e1bca66830defdac4a77c51bfd64f0ef9453ed3496abf4326e1e87e
34dcca06e6cf458c6ff788be0257216800a1e00b53798869bcff220b73851af0
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4bc54bdf7044249c87f7f7d063004afbde1f8cb1d64b636c37ccee5fe34f11e6
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
63b03e4533c8c23547e03e6e0fb49e2de2bf597fb03750b9f094c6a758c3dd9f
6480150687761955065dbf8f3b8f168864b24cc0614720e4e56b51dea38d0d71
6e844e960df3006f917a873ce1be3e7b688ab3d68ab44bc5b47def0c9f796ed4
72cea6d0dfd1c92650fc29719a500b05c8f7b997e811b9bfe67af63348f46b17
79565b76118c015de001c3333f8dc9319ec6c601e18fa43965dadce214438a72
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
914fc1448fd890ce1d7feb66b5c7f29ab637ca1f55d9b7c1b5a2954eb404056b
9377b21ec3ae255d4a94095b52c670b0716d74a8e7a639b78957b9872d6ef244
aa4e1877e0b075dab24321e78f13452df0c7b9047f0d7e3b3e8e564c50da10b5
b5da8d57bc395d05f5067be7a863f2badbf3e32bb82ad3300216811fdc2aca2d
c683a0b24c9732c0eaa4f0e9552d815dde7e4e5eea1270da99e81dd703c950dc
c6dcc27d19122c1cb2d5b2c30730878fbb9e38e140cc4b49f51b97c729b14477
d70e2a9892066b77dd06a7ac3516bf647381306c606f702488780a64eb0cb56e
da4331fd642e6f5ab2fdb08f5041af6ed450f9177191ceedec6cf966753ab1bd
e0b5c7fb93860c848ff1e1bdaaeb5fe3536cfb40ea8073791ed6954526d21bfa
e19b426c5b1da8d92adaa1464433944c8241496e194d8a099358e6bd3d52ed5a
e383b6bc4a168320f6866b83e178fe7bc94612fb6ff925d2ca01c8880b475c68
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f86e9d891b3a08409094557c6011d1c514eca236292f8fb491a92f3d03b175cc
fa62c98e730e29e0c76279345adf39d3b95ce0ffe1695b0936ecfef47b1a7481