urlscan.io logo urlscan.io
SecurityTrails logo

docs.google.com Open in urlscan Pro
2a00:1450:4001:819::200e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forms.gle/zBzARw53UGy2DmDo9
Effective URL: https://docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/viewform?usp=send_form
Submission Tags: phishing
Submission: On January 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2a00:1450:4001:819::200e, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is docs.google.com.
TLS certificate: Issued by GTS CA 1O1 on December 15th 2020. Valid for: 3 months.
This is the only time docs.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    151.101.65.195 (United States)

ASN54113 (FASTLY, US)
forms.gle
4    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
docs.google.com
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
Domain Requested by
4 www.gstatic.com forms.gle
www.gstatic.com
3 forms.gle forms.gle
www.gstatic.com
2 fonts.gstatic.com forms.gle
fonts.googleapis.com
1 ssl.gstatic.com docs.google.com
1 fonts.googleapis.com docs.google.com
1 docs.google.com www.gstatic.com
16 6

This site contains links to these domains. Also see Links.

Domain
www.google.com
support.google.com
Subject Issuer Validity Valid
forms.gle
GTS CA 1D2		 2021-01-14 -
2021-04-14		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/viewform?usp=send_form
Frame ID: 7C2BD0E684B8C55F08EA0849C05B11AA
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://forms.gle/zBzARw53UGy2DmDo9 Page URL
  2. https://docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/viewform?... Page URL

Page Statistics

16
Requests

75 %
HTTPS

83 %
IPv6

4
Domains

6
Subdomains

7
IPs

2
Countries

143 kB
Transfer

344 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forms.gle/zBzARw53UGy2DmDo9 Page URL
  2. https://docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/viewform?usp=send_form Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
zBzARw53UGy2DmDo9
forms.gle/ 		35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.gle/zBzARw53UGy2DmDo9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ESF /
Resource Hash
af85dad08d4cdaef9c6ea3dd503504c9d32277327dd54c9f294e17778bdc5fc9
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-2Y6gucXEDS1Wsc5eiWu08g' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
forms.gle
:scheme
https
:path
/zBzARw53UGy2DmDo9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'nonce-2Y6gucXEDS1Wsc5eiWu08g' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
content-type
text/html; charset=utf-8
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
0
accept-ranges
bytes
date
Mon, 18 Jan 2021 00:00:06 GMT
x-served-by
cache-cdg20736-CDG
x-cache
MISS
x-cache-hits
0
x-timer
S1610928006.222675,VS0,VE408
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, x-fh-requested-host, accept-encoding
cspreport
forms.gle/_/DurableDeepLinkUi/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://forms.gle/_/DurableDeepLinkUi/cspreport
Requested by
Host: forms.gle
URL: https://forms.gle/zBzARw53UGy2DmDo9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ESF /
Resource Hash
bd9370fa62c2f7c68738d9e1bdf7b8e0a87f4a3f2a0820c73b772f92c2fecae9
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-5NuZedplMg/nskVj7In6Cw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.gle/zBzARw53UGy2DmDo9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Content-Type
application/csp-report

Response headers

content-security-policy
script-src 'nonce-5NuZedplMg/nskVj7In6Cw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
x-cache
MISS
x-cache-hits
0
x-xss-protection
0
x-served-by
cache-cdg20736-CDG
pragma
no-cache
allow
HEAD, GET
server
ESF
x-timer
S1610928007.653756,VS0,VE333
date
Mon, 18 Jan 2021 00:00:06 GMT
vary
x-fh-requested-host, accept-encoding
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/ 		147 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/m=_b,_tp
Requested by
Host: forms.gle
URL: https://forms.gle/zBzARw53UGy2DmDo9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb490f0e64b77b80cdca9994c7b44e2f0abd805ab1ca31458361c71fd8b2fabf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.gle/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 12 Jan 2021 17:48:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454319
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52780
x-xss-protection
0
last-modified
Mon, 11 Jan 2021 23:29:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jan 2022 17:48:07 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: forms.gle
URL: https://forms.gle/zBzARw53UGy2DmDo9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://forms.gle
Referer
https://forms.gle/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 14 Jan 2021 14:29:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
293408
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10748
x-xss-protection
0
expires
Fri, 14 Jan 2022 14:29:58 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/ck=boq-devplatform.DurableDeepLinkUi.MWXq9V7OD68.L.W1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewd... 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/ck=boq-devplatform.DurableDeepLinkUi.MWXq9V7OD68.L.W1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP797I2qhxNLxq-K9cnFQ3PYtNfnxw/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64ea344452b25817ddf1bff008e132131f290e6085a4f1aa8560fb5d2642eb11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.gle/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 12 Jan 2021 17:48:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454319
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12973
x-xss-protection
0
last-modified
Fri, 08 Jan 2021 21:30:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jan 2022 17:48:07 GMT
m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,NwH0H,OmgaI,NpD4ec,x60fie,gychg,rE6Mgd,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,xcPxA
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/ck=boq-devplatform.DurableDeepLinkUi.MWXq9V7OD68.L.W1.O/am=BA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsj... 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/ck=boq-devplatform.DurableDeepLinkUi.MWXq9V7OD68.L.W1.O/am=BA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP797I2qhxNLxq-K9cnFQ3PYtNfnxw/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,NwH0H,OmgaI,NpD4ec,x60fie,gychg,rE6Mgd,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,xcPxA
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75b83ae78b2be3eb596a6397f99622f36703e9be020cac173dec12784c3607de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.gle/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 17 Jan 2021 18:16:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20638
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23843
x-xss-protection
0
last-modified
Fri, 08 Jan 2021 21:30:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Jan 2022 18:16:08 GMT
batchexecute
forms.gle/_/DurableDeepLinkUi/data/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.gle/_/DurableDeepLinkUi/data/batchexecute?rpcids=C2fiEc&f.sid=-3846120102319521226&bl=boq_durabledeeplinkserver_20210111.14_p0&hl=en-US&_reqid=3607&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-oBvOUEqQCNP3d0zSKylJtg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://forms.gle/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

content-security-policy
script-src 'nonce-oBvOUEqQCNP3d0zSKylJtg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
x-cache
MISS
x-cache-hits
0
x-xss-protection
0
x-served-by
cache-cdg20736-CDG
pragma
no-cache
allow
HEAD, GET
server
ESF
x-timer
S1610928007.789844,VS0,VE303
date
Mon, 18 Jan 2021 00:00:07 GMT
vary
x-fh-requested-host, accept-encoding
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,_latency,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/ck=boq-devplatform.DurableDeepLinkUi.MWXq9V7OD68.L.W1.O/am=BA/d=1/exm=COQbmf,KG2eXe,LEikZe,NpD... 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/ck=boq-devplatform.DurableDeepLinkUi.MWXq9V7OD68.L.W1.O/am=BA/d=1/exm=COQbmf,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,iTsyac,lPKSwe,lsjVmc,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,xcPxA,yDVVkb/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP797I2qhxNLxq-K9cnFQ3PYtNfnxw/m=Wt6vjf,_latency,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27b8c77059b7ab8e180ffe13ad172c97d493c2eb8d6d324b0cf2e5018eb97df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.gle/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 12 Jan 2021 17:48:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454319
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10840
x-xss-protection
0
last-modified
Fri, 08 Jan 2021 21:30:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jan 2022 17:48:07 GMT
reporthttp4xxerror
forms.gle/_/DurableDeepLinkUi/ 		0
0
jserror
forms.gle/_/DurableDeepLinkUi/ 		0
0
reporthttp4xxerror
forms.gle/_/DurableDeepLinkUi/ 		0
0
jserror
forms.gle/_/DurableDeepLinkUi/ 		0
0
Primary Request viewform
docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/viewform?usp=send_form
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb0ef2c1ffcd1b601b237dc486c84cadc4b7269f79489993fd0bbf07133b7300
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'self';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'nonce-/kkmMr20LNzLSx10xUaSVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
docs.google.com
:scheme
https
:path
/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/viewform?usp=send_form
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://forms.gle/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Referer
https://forms.gle/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 18 Jan 2021 00:00:07 GMT
content-type
text/html; charset=utf-8
content-encoding
gzip
x-chromium-appcache-fallback-override
disallow-fallback
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy
base-uri 'self';object-src 'self';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'nonce-/kkmMr20LNzLSx10xUaSVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
referrer-policy
origin
x-content-type-options
nosniff
x-xss-protection
1; mode=block
server
GSE
set-cookie
NID=207=MEjX_0wEMuD4rktyGG_S_7z9HdnzMKnlIMniX7XV_Xzt2Me6jELO7BMoxC4VkmJG0uckbGLKjKixfNQ_7RQKxeAFtC7ZnuSJuJV-u394rJl3hJpmsrobPmyj2FyAegt1fXz1UsuPD0mZaTzdbOzDiXgixc9saiE03JIC7nG0Kuo; expires=Tue, 20-Jul-2021 00:00:07 GMT; path=/; domain=.google.com; Secure; HttpOnly S=spreadsheet_forms=EV6lXtHExmv9CniK1SsJ3IOwS66dm_nmrhdgH-kSU8Q; Domain=.docs.google.com; Expires=Mon, 18-Jan-2021 01:00:07 GMT; Path=/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA; Secure; HttpOnly
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ 		1 KB
848 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Product+Sans
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/viewform?usp=send_form
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb2c0dfb197e55d15c46cbdd25edf0b3d4bb51a5fb1f154cd3a0f5e8cb215b8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
date
Mon, 18 Jan 2021 00:00:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 18 Jan 2021 00:00:07 GMT
googlelogo_color_116x41dp.png
ssl.gstatic.com/images/branding/googlelogo/1x/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_116x41dp.png
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/viewform?usp=send_form
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cef4d58336842dc12848055c5e8d17a02b2fef3eec87e5ad171dc699d49d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Jan 2021 08:48:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
227469
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2408
x-xss-protection
0
expires
Sat, 15 Jan 2022 08:48:58 GMT
pxiDypQkot1TnFhsFMOfGShVF9eOYktMqg.woff2
fonts.gstatic.com/s/productsans/v12/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/productsans/v12/pxiDypQkot1TnFhsFMOfGShVF9eOYktMqg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Product+Sans
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
253fad4d1c1855b84bf1e0f88e01314f1edcaea1ee474dc1d65f7155db9bb6ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://docs.google.com
Referer
https://fonts.googleapis.com/css?family=Product+Sans
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 15 Jan 2021 01:24:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Feb 2020 02:39:22 GMT
server
sffe
age
254127
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14140
x-xss-protection
0
expires
Sat, 15 Jan 2022 01:24:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forms.gle
URL
https://forms.gle/_/DurableDeepLinkUi/reporthttp4xxerror?url=https%3A%2F%2Ffirebasehostingproxy.page.link%2F_%2FDurableDeepLinkUi%2Fdata%2Fbatchexecute%3Frpcids%3DC2fiEc%26f.sid%3D-3846120102319521226%26bl%3Dboq_durabledeeplinkserver_20210111.14_p0%26hl%3Den-US%26_reqid%3D3607%26rt%3Dc&status=405&traceid
Domain
forms.gle
URL
https://forms.gle/_/DurableDeepLinkUi/jserror?script=https%3A%2F%2Fforms.gle%2FzBzARw53UGy2DmDo9&error=Fa%60https%3A%2F%2Ffirebasehostingproxy.page.link%2F_%2FDurableDeepLinkUi%2Fdata%2Fbatchexecute%3Frpcids%3DC2fiEc%26f.sid%3D-3846120102319521226%26bl%3Dboq_durabledeeplinkserver_20210111.14_p0%26hl%3Den-US%26_reqid%3D3607%26rt%3Dc%60405&line=Not%20available
Domain
forms.gle
URL
https://forms.gle/_/DurableDeepLinkUi/reporthttp4xxerror?url=https%3A%2F%2Ffirebasehostingproxy.page.link%2F_%2FDurableDeepLinkUi%2Fdata%2Fbatchexecute%3Frpcids%3DC2fiEc%26f.sid%3D-3846120102319521226%26bl%3Dboq_durabledeeplinkserver_20210111.14_p0%26hl%3Den-US%26_reqid%3D3607%26rt%3Dc&status=405&traceid
Domain
forms.gle
URL
https://forms.gle/_/DurableDeepLinkUi/jserror?script=https%3A%2F%2Fforms.gle%2FzBzARw53UGy2DmDo9&error=Fa%60https%3A%2F%2Ffirebasehostingproxy.page.link%2F_%2FDurableDeepLinkUi%2Fdata%2Fbatchexecute%3Frpcids%3DC2fiEc%26f.sid%3D-3846120102319521226%26bl%3Dboq_durabledeeplinkserver_20210111.14_p0%26hl%3Den-US%26_reqid%3D3607%26rt%3Dc%60405&line=Not%20available

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 207=MEjX_0wEMuD4rktyGG_S_7z9HdnzMKnlIMniX7XV_Xzt2Me6jELO7BMoxC4VkmJG0uckbGLKjKixfNQ_7RQKxeAFtC7ZnuSJuJV-u394rJl3hJpmsrobPmyj2FyAegt1fXz1UsuPD0mZaTzdbOzDiXgixc9saiE03JIC7nG0Kuo
.docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA Name: S
Value: spreadsheet_forms=EV6lXtHExmv9CniK1SsJ3IOwS66dm_nmrhdgH-kSU8Q

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/m=_b,_tp(Line 425)
Message:
%c%s color: red; background: yellow; font-size: 24px; WARNING!
console-api log URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/m=_b,_tp(Line 425)
Message:
%c%s font-size: 18px; Using this console may allow attackers to impersonate you and steal your information using an attack called Self-XSS. Do not enter or paste code that you do not understand.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'nonce-2Y6gucXEDS1Wsc5eiWu08g' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0