docs.google.com
Open in
urlscan Pro
2a00:1450:4001:819::200e
Public Scan
Effective URL: https://docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/viewform?usp=send_form
Submission Tags: phishing
Submission: On January 18 via api from US
Summary
TLS certificate: Issued by GTS CA 1O1 on December 15th 2020. Valid for: 3 months.
This is the only time docs.google.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 151.101.65.195 151.101.65.195 | 54113 (FASTLY) (FASTLY) | |
4 | 2a00:1450:400... 2a00:1450:4001:81c::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:819::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE) | |
16 | 7 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
gstatic.com
www.gstatic.com fonts.gstatic.com ssl.gstatic.com |
127 KB |
3 |
forms.gle
forms.gle |
13 KB |
1 |
googleapis.com
fonts.googleapis.com |
848 B |
1 |
google.com
docs.google.com |
2 KB |
16 | 4 |
Domain | Requested by | |
---|---|---|
4 | www.gstatic.com |
forms.gle
www.gstatic.com |
3 | forms.gle |
forms.gle
www.gstatic.com |
2 | fonts.gstatic.com |
forms.gle
fonts.googleapis.com |
1 | ssl.gstatic.com |
docs.google.com
|
1 | fonts.googleapis.com |
docs.google.com
|
1 | docs.google.com |
www.gstatic.com
|
16 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.google.com |
support.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.gle GTS CA 1D2 |
2021-01-14 - 2021-04-14 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/viewform?usp=send_form
Frame ID: 7C2BD0E684B8C55F08EA0849C05B11AA
Requests: 16 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://forms.gle/zBzARw53UGy2DmDo9 Page URL
- https://docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/viewform?... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: Google Drive-Hilfe
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://forms.gle/zBzARw53UGy2DmDo9 Page URL
- https://docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/viewform?usp=send_form Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
zBzARw53UGy2DmDo9
forms.gle/ |
35 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
cspreport
forms.gle/_/DurableDeepLinkUi/ |
2 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=_b,_tp
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/am=BA/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP6Osri3pl6Br0BFUJA-mXSKpaxj6g/ |
147 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/ck=boq-devplatform.DurableDeepLinkUi.MWXq9V7OD68.L.W1.O/am=BA/d=1/exm=_b,_tp/excm=_b,_tp,viewd... |
35 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,NwH0H,OmgaI,NpD4ec,x60fie,gychg,rE6Mgd,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,xcPxA
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/ck=boq-devplatform.DurableDeepLinkUi.MWXq9V7OD68.L.W1.O/am=BA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsj... |
67 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
batchexecute
forms.gle/_/DurableDeepLinkUi/data/ |
2 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
m=Wt6vjf,_latency,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.TnbW9Z1CcB8.es5.O/ck=boq-devplatform.DurableDeepLinkUi.MWXq9V7OD68.L.W1.O/am=BA/d=1/exm=COQbmf,KG2eXe,LEikZe,NpD... |
26 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
reporthttp4xxerror
forms.gle/_/DurableDeepLinkUi/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
jserror
forms.gle/_/DurableDeepLinkUi/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
reporthttp4xxerror
forms.gle/_/DurableDeepLinkUi/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
jserror
forms.gle/_/DurableDeepLinkUi/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
viewform
docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 848 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googlelogo_color_116x41dp.png
ssl.gstatic.com/images/branding/googlelogo/1x/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pxiDypQkot1TnFhsFMOfGShVF9eOYktMqg.woff2
fonts.gstatic.com/s/productsans/v12/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- forms.gle
- URL
- https://forms.gle/_/DurableDeepLinkUi/reporthttp4xxerror?url=https%3A%2F%2Ffirebasehostingproxy.page.link%2F_%2FDurableDeepLinkUi%2Fdata%2Fbatchexecute%3Frpcids%3DC2fiEc%26f.sid%3D-3846120102319521226%26bl%3Dboq_durabledeeplinkserver_20210111.14_p0%26hl%3Den-US%26_reqid%3D3607%26rt%3Dc&status=405&traceid
- Domain
- forms.gle
- URL
- https://forms.gle/_/DurableDeepLinkUi/jserror?script=https%3A%2F%2Fforms.gle%2FzBzARw53UGy2DmDo9&error=Fa%60https%3A%2F%2Ffirebasehostingproxy.page.link%2F_%2FDurableDeepLinkUi%2Fdata%2Fbatchexecute%3Frpcids%3DC2fiEc%26f.sid%3D-3846120102319521226%26bl%3Dboq_durabledeeplinkserver_20210111.14_p0%26hl%3Den-US%26_reqid%3D3607%26rt%3Dc%60405&line=Not%20available
- Domain
- forms.gle
- URL
- https://forms.gle/_/DurableDeepLinkUi/reporthttp4xxerror?url=https%3A%2F%2Ffirebasehostingproxy.page.link%2F_%2FDurableDeepLinkUi%2Fdata%2Fbatchexecute%3Frpcids%3DC2fiEc%26f.sid%3D-3846120102319521226%26bl%3Dboq_durabledeeplinkserver_20210111.14_p0%26hl%3Den-US%26_reqid%3D3607%26rt%3Dc&status=405&traceid
- Domain
- forms.gle
- URL
- https://forms.gle/_/DurableDeepLinkUi/jserror?script=https%3A%2F%2Fforms.gle%2FzBzARw53UGy2DmDo9&error=Fa%60https%3A%2F%2Ffirebasehostingproxy.page.link%2F_%2FDurableDeepLinkUi%2Fdata%2Fbatchexecute%3Frpcids%3DC2fiEc%26f.sid%3D-3846120102319521226%26bl%3Dboq_durabledeeplinkserver_20210111.14_p0%26hl%3Den-US%26_reqid%3D3607%26rt%3Dc%60405&line=Not%20available
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.com/ | Name: NID Value: 207=MEjX_0wEMuD4rktyGG_S_7z9HdnzMKnlIMniX7XV_Xzt2Me6jELO7BMoxC4VkmJG0uckbGLKjKixfNQ_7RQKxeAFtC7ZnuSJuJV-u394rJl3hJpmsrobPmyj2FyAegt1fXz1UsuPD0mZaTzdbOzDiXgixc9saiE03JIC7nG0Kuo |
|
.docs.google.com/forms/d/e/1FAIpQLSeJhBYai7XuaHmrWYXFPEgHPiVPcqZbhmyicP0eFVmvTZb3yA | Name: S Value: spreadsheet_forms=EV6lXtHExmv9CniK1SsJ3IOwS66dm_nmrhdgH-kSU8Q |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src 'nonce-2Y6gucXEDS1Wsc5eiWu08g' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
forms.gle
ssl.gstatic.com
www.gstatic.com
forms.gle
151.101.65.195
2a00:1450:4001:809::2003
2a00:1450:4001:819::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81f::2003
2a00:1450:4001:825::200a
253fad4d1c1855b84bf1e0f88e01314f1edcaea1ee474dc1d65f7155db9bb6ba
27b8c77059b7ab8e180ffe13ad172c97d493c2eb8d6d324b0cf2e5018eb97df4
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
64ea344452b25817ddf1bff008e132131f290e6085a4f1aa8560fb5d2642eb11
75b83ae78b2be3eb596a6397f99622f36703e9be020cac173dec12784c3607de
a9cef4d58336842dc12848055c5e8d17a02b2fef3eec87e5ad171dc699d49d23
af85dad08d4cdaef9c6ea3dd503504c9d32277327dd54c9f294e17778bdc5fc9
bb0ef2c1ffcd1b601b237dc486c84cadc4b7269f79489993fd0bbf07133b7300
bb2c0dfb197e55d15c46cbdd25edf0b3d4bb51a5fb1f154cd3a0f5e8cb215b8b
bd9370fa62c2f7c68738d9e1bdf7b8e0a87f4a3f2a0820c73b772f92c2fecae9
fb490f0e64b77b80cdca9994c7b44e2f0abd805ab1ca31458361c71fd8b2fabf