urlscan.io logo urlscan.io
SecurityTrails logo

firebasehostingproxy.page.link Open in urlscan Pro
2a00:1450:4001:810::200e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forms.gle/GNhTjZsyWikcqSFv7
Effective URL: https://firebasehostingproxy.page.link/198886819888/forms.gle/GNhTjZsyWikcqSFv7?_imcp=1
Submission: On March 02 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2a00:1450:4001:810::200e, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is firebasehostingproxy.page.link.
TLS certificate: Issued by GTS CA 1O1 on January 26th 2021. Valid for: 3 months.
This is the only time firebasehostingproxy.page.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 151.101.1.195 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 4
Apex Domain
Subdomains		 Transfer
3 gstatic.com
www.gstatic.com
71 KB
1 page.link
firebasehostingproxy.page.link
7 KB
1 forms.gle
forms.gle
11 KB
6 3
Domain Requested by
3 www.gstatic.com forms.gle
www.gstatic.com
1 firebasehostingproxy.page.link www.gstatic.com
1 forms.gle forms.gle
6 3

This site contains links to these domains. Also see Links.

Domain
firebase.google.com
Subject Issuer Validity Valid
forms.gle
GTS CA 1D2		 2021-01-14 -
2021-04-14		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.page.link
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://firebasehostingproxy.page.link/198886819888/forms.gle/GNhTjZsyWikcqSFv7?_imcp=1
Frame ID: 24FBE7E42C26067580B4D517F6E097BA
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://forms.gle/GNhTjZsyWikcqSFv7 Page URL
  2. https://firebasehostingproxy.page.link/198886819888/forms.gle/GNhTjZsyWikcqSFv7?_imcp=1 Page URL

Page Statistics

6
Requests

83 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

89 kB
Transfer

248 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forms.gle/GNhTjZsyWikcqSFv7 Page URL
  2. https://firebasehostingproxy.page.link/198886819888/forms.gle/GNhTjZsyWikcqSFv7?_imcp=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
GNhTjZsyWikcqSFv7
forms.gle/ 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.gle/GNhTjZsyWikcqSFv7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ESF /
Resource Hash
a83098bae9963c60ae73ee5793ba3c3204d8bc96a49c0d2029aa22c0d59678b8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sH75jlOQX+46pbnYjxMHiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',script-src 'nonce-sH75jlOQX+46pbnYjxMHiA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
forms.gle
:scheme
https
:path
/GNhTjZsyWikcqSFv7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-sH75jlOQX+46pbnYjxMHiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',script-src 'nonce-sH75jlOQX+46pbnYjxMHiA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
0
accept-ranges
bytes
date
Tue, 02 Mar 2021 01:12:51 GMT
x-served-by
cache-hhn4078-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1614647572.718983,VS0,VE274
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, x-fh-requested-host, accept-encoding
m=_b,_tp
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Oqfyu4WUhSg.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4ALKphljb6z9ck4MBeF7vEWHzR3g/ 		146 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Oqfyu4WUhSg.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4ALKphljb6z9ck4MBeF7vEWHzR3g/m=_b,_tp
Requested by
Host: forms.gle
URL: https://forms.gle/GNhTjZsyWikcqSFv7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27cee672d53465effc34cbc25e7b67673810a7d926a5eba31912a57956f2bdd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.gle/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 21:35:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272226
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52840
x-xss-protection
0
last-modified
Fri, 26 Feb 2021 13:29:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Feb 2022 21:35:46 GMT
cspreport
forms.gle/_/DurableDeepLinkUi/ 		0
0
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Oqfyu4WUhSg.es5.O/ck=boq-devplatform.DurableDeepLinkUi.-sTeOaceC4Y.L.B1.O/am=BAg/d=1/exm=_b,_tp/excm=_b,_tp,view... 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Oqfyu4WUhSg.es5.O/ck=boq-devplatform.DurableDeepLinkUi.-sTeOaceC4Y.L.B1.O/am=BAg/d=1/exm=_b,_tp/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP7dvhGbESWYJhw4ERSbI5katnhXwg/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Oqfyu4WUhSg.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4ALKphljb6z9ck4MBeF7vEWHzR3g/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22dcb2d3b370b277477ab05519bc443a7e968f4e01039dfb1c2a7e26dc84598a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.gle/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 22:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270509
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13410
x-xss-protection
0
last-modified
Fri, 26 Feb 2021 07:28:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Feb 2022 22:04:23 GMT
m=KjEEgd
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Oqfyu4WUhSg.es5.O/ck=boq-devplatform.DurableDeepLinkUi.-sTeOaceC4Y.L.B1.O/am=BAg/d=1/exm=LEikZe,_b,_tp,byfTOb,ls... 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Oqfyu4WUhSg.es5.O/ck=boq-devplatform.DurableDeepLinkUi.-sTeOaceC4Y.L.B1.O/am=BAg/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP7dvhGbESWYJhw4ERSbI5katnhXwg/m=KjEEgd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Oqfyu4WUhSg.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4ALKphljb6z9ck4MBeF7vEWHzR3g/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0ef2b758b1924c366bd76a255e6a9695f8ae406e18b5c48ce10362edf57cf29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.gle/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 10:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52744
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5789
x-xss-protection
0
last-modified
Fri, 26 Feb 2021 07:28:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Mar 2022 10:33:48 GMT
Primary Request GNhTjZsyWikcqSFv7
firebasehostingproxy.page.link/198886819888/forms.gle/ 		9 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://firebasehostingproxy.page.link/198886819888/forms.gle/GNhTjZsyWikcqSFv7?_imcp=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Oqfyu4WUhSg.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4ALKphljb6z9ck4MBeF7vEWHzR3g/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
148c9eec81cc74908bfde0c9114fa193b21c6c1b9eb9bd3bab919d6919ec418b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2O6HbIfV/c2rUPtl+ZdXJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-2O6HbIfV/c2rUPtl+ZdXJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
firebasehostingproxy.page.link
:scheme
https
:path
/198886819888/forms.gle/GNhTjZsyWikcqSFv7?_imcp=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://forms.gle/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://forms.gle/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 02 Mar 2021 01:12:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-2O6HbIfV/c2rUPtl+ZdXJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-2O6HbIfV/c2rUPtl+ZdXJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67efcb882356eaf3944d74a8bd3bd46f3a8012fe2defd64cc3281e26bf041eb5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forms.gle
URL
https://forms.gle/_/DurableDeepLinkUi/cspreport

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Oqfyu4WUhSg.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4ALKphljb6z9ck4MBeF7vEWHzR3g/m=_b,_tp(Line 421)
Message:
%c%s color: red; background: yellow; font-size: 24px; WARNING!
console-api log URL: https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Oqfyu4WUhSg.es5.O/am=BAg/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP4ALKphljb6z9ck4MBeF7vEWHzR3g/m=_b,_tp(Line 421)
Message:
%c%s font-size: 18px; Using this console may allow attackers to impersonate you and steal your information using an attack called Self-XSS. Do not enter or paste code that you do not understand.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'report-sample' 'nonce-sH75jlOQX+46pbnYjxMHiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',script-src 'nonce-sH75jlOQX+46pbnYjxMHiA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0