docs.google.com
192.178.218.100  Malicious Activity! Public Scan Open in urlscan Pro

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request pub Show response docs.google.com/presentation/d/e/2PACX-1vTnPrFU5qC0v7JoP4Is4-ZCkQXzxhFI-CMdbtuInbeYSCTfDk7FAO1gAz0WarPx244_CmcFKZpWqCmF/	162 KB 44 KB	250ms 248ms	Document text/html	192.178.218.100 Google LLC
General Check archive.org Show headers Download Go to Full URL https://docs.google.com/presentation/d/e/2PACX-1vTnPrFU5qC0v7JoP4Is4-ZCkQXzxhFI-CMdbtuInbeYSCTfDk7FAO1gAz0WarPx244_CmcFKZpWqCmF/pub?start=false&loop=false&delayms=3000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.178.218.100 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS yuiadtq-in-f100.1e100.net Software ESF / Resource Hash 02903fb2610c9563993a8ec100d75b281602dc8118c12fa4d5a966a6184e3e61 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-Cp3-TFb1HzLEsZKhPSe5oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob: Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Linux" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-Cp3-TFb1HzLEsZKhPSe5oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob: content-type text/html; charset=utf-8 date Wed, 29 Apr 2026 05:20:33 GMT document-policy include-js-call-stacks-in-crash-reports expires Mon, 01 Jan 1990 00:00:00 GMT link </static/presentation/client/css/833068961-viewer_css_ltr.css>;rel=preload;as=style;nonce=Cp3-TFb1HzLEsZKhPSe5oQ,</_/presentations/_/js/k=presentations.viewer.en.ubfcnrsS-ow.es5.O/am=AAAOGA/d=0/wt=0/rs=AB6fld3BIgYGNs2bhRBI9GfcnCcqchNaoQ/m=core>;rel=preload;as=script;nonce=Cp3-TFb1HzLEsZKhPSe5oQ p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." pragma no-cache referrer-policy strict-origin-when-cross-origin reporting-endpoints default="/presentation/d/e/2PACX-1vTnPrFU5qC0v7JoP4Is4-ZCkQXzxhFI-CMdbtuInbeYSCTfDk7FAO1gAz0WarPx244_CmcFKZpWqCmF/web-reports?bl=editors.presentations-frontend_20260415.00_p2&app=6&clss=1&context=eJwV1WdUVUcXBuDDvee8A3LpRRRBiiIkSrBi5CripUrEFj2gicSGDbGhiZqYqLHGEiO2aBRFFMUKYkkUYxcraqJiieVDpPdu4H5vfjxrz9p7z8yaNWvWtGn0MpNUaY-pKl1po0rzzVXpKGXqVGm9hSqlWKuSq60qNdirUhcHVbpKx9uq0pD2quTmrEqbXFRpB-13VaWZ7qo0yVOVsr1U6cNHqmTRVZU-7qZKv_iq0sruqrQsUJU2U8wwVUoeoUonqEu0KvmTNkaV7Ch3jCq9puo4VdJMUaWs6ap0jXrNUKVgavpalay-UaWnP6hSIQUvV6XPqe96VQqnzttUqTe1blclyx2qtHO_KqVT0G1VGk7n76vSHdLmcj8ST1SpLdn8o0rutIuO0GV6SNvyVekgZbxjjq7TYzpXqUo5dM4mWsqhtLbR0lnaMi5aSiXPuGipJ72bFS3VUe_Z0VIIpc6NlrJo_vxoaQV5L4iW-tIrhwfS-w4lmnpy_ahE40URV6o0w2n922rNFsrxrdE8IPfIGo0PufSo03Smj5fVaXpS1owGzQVar2_UbKHg_o2azyghrlGzgDavbdTspNjFTZqoW02a0RSS26QZQntsmzUHKWtZs-YC1Sc3a1rJv1OrJpBCJaMminI7GDVPKX6hUZNIGa8l7e90aJ-JVrffRGtPe5I12oO0-6pG28tHq9VTwwit1kiRo7TakXR7qVb7iHqu0moH0Ol3Wm02jW0ja-OozE3W1pF3RT_Zj5ZVBchryXGoXp6wTS9PJ5ejerkzmRTr5V59-8t6urOtv_yEpt0JlOdQXW6g3EJjEgbK0S5B8lf0JjxILiUlMki2oJgtQfJ4WlYSJP9C7QcNkj0o5dtBcqGjQa6k4QMMcgz9Oswgh8w2yENI-7VBNqcFxw3yErqUZZBf5BvkfBqWFixHU1FOsFxFrYRbwfJK2kAfbgfL2jvBsj8F0ij6klLpKNlVB8vOtMo1RN5If04LkW9S2ZwQuY7OXwiRr1JFTojcQNsLQuRkyu8dKpeSVWOYHO8QLjvOCJddqcE2QjZS93YRsp5uisFyLnXzHCw_GrpHMY7Yo4iRe5TSM3uUWgoOSFZW1CYr68lwfK8Sb7dPSaTGqH2KNHSfkrVon_LePkWpoPkvUpTv6E1FilJE96fuV55Qdvx-5Tohf79iSfXzUpVWOvdjqnKJup5MVXrRKvcDyu4LB5RD9O7Hg0oZeTmlKb5U5ZqmNNGkmDQlnlYeSVPMKw8pdnTu5GHlEmUUHVZ-p2nO6cocOtstXblCLpHpSmeaGZWuzKf336Ur1VS0JV2pouC8I8pn5PDzUaXPxGPKAJqQcEyZTmELipWh9Mf6YsU5r1jxpNhxJcoPt0qU1fQ2r0QppsfPS5R_SF9dogSTX2Cp0pdSkkuV-nOlSiv1vFyqBNCl6DIlh-7tKFMe09hfy5SJdFEqV-7Tgu-rlcXUJtWodM0wx8hmc0STX4IOfenKTh1u0qFdOhyjeWk6LKbsbB1O5epwnrptskB_On_KAldp91kLHKCJRRaYQY9KLPCUsi9a4joNvWYJlarirFBPLbutoOyxwod21tC2t0bSIWvsoJGHrRFNIz-ywVgyDLRBQ4YNjKT62SKW3gbY4j2VBNuihgzjbRFJ1Udt0Uy3M20RmGuLVxRmaYeh5ONhh-7U42M79KM9_nY4SN_2tcOP9Hy8Hf5HeGCHwTTmpT0m0Dk_B5hEOcCM8hc6oJR8FzmgD6WvdEAmDT7sgBF0L8MBo945wLDPEZG04rkj1pPdC0c405j4tphAIza2xZ-_tMVNasxrC-lZW5w2tkU2XXNzwl3qHOeEbjTwmBPCaepNJ8z-zy0nfENJz5ywi14kt0M-Wae0gxOt-b49NtHQte2hktv79vAmk8b2MKM_lznjh5-dsZqmDu6AmbTwagcspS4vOqArTXjZAVMoxMQFo-h6hAvukf-XLgikJ-tc4LrBBZ6EjS5wpMgMFwyjbx-74Ee64OuKy5Q41BULaWO6K449c0Um3X_hir8oucIVadS_yhWDqJoaaN_YjvCO68jzd8TpJR3xB7We6ghkdcQq4YaNNKSPG0aRyRg3mNHxaW5Ye9YNv9DOm25IoQlL3TGdbm9yRy7FbnHHmRR3XCSfN-7oTpHdPDCW0j7xwAnyCfOAL_Wf74EQurLSA7ep5xoPBNDtPR54RLfueuA-DbzHPiqmvvc5j-7TXxSb64FJtLDVA0vpE2tPXPP0xF26pPdEDu0K9MR-ujzKEzeoZaEnNIs8Mf6AJ-Jo-V-e-InMGz1hRzNXd8J3dPrXzsimgZ28EE4eqhc-opg8L4yn43VdcIqWyN5YSScVb5wjX0tv9KHn1t54TUdsWCPLrt5wpJbN3lCSvPHTPm94P_GGH7UWeAPvvdHB2gedKMnGB7vIx94H3ek9VdCBf_rhkyMB8KeMkwE4Qy4ZAfCg_XSILmQG4DLltNdjaZgeF6P0uEGvl-hRQK4FenjRF1v7YxKFPu6PDcEDsJV6rhnAOxiAo80D4G8WiEBK-DcQSyhSGoiRFHmVkVwMQbD8LQiOFLQ7CJ9fC8IkWncrCEk05EEQRtGW4iD8RrXpg7Aw3oCltPcbAw5R4Q8GpG834ARdoutUTjW05rQBm-jicwOu0oR8A6ZQeokBmSQaDLCij02CYeIYDDMyGRaMpcuCMboiGOPIyy4UvlQREYoGGjw7FGPIeWkoPOmr_aGYSoU3QlFJDytD8YRG6sOgnx2GILqWGIa71JweBs2RMNx6FIb812EoJdU3HLH_2RGOklfhqCG5YwS60CqvCKyj02vfIpv-Lv8fXlK_4fkYRD_RZrqSmI-bdKIwH1kUU5SPcZTdlI_r9HPnd7gR-A53yFEpgCuVdytALdlHFGDyoQLMpNHpBRhHHQsK0ImyygvwO-WfeY8iaphRCBFfiHWrCrGJ3FML4UPPLhTiFY2-XIhxNKhLEQZT9ogiXKHI3CIMp8Wvi7CcYkqLMZ6-616C5VQ-tQTpPUtxj8YPL8U0cj9bCh9qZyyFKzVPLoMmrgx9p5WhP8XuKsMkckougwtlPS3DBTqpL8c58jpTjnXLKmC7ugKdMyvwEX16qgJBZJlTATua078Sh7-sRAZ1mF0JdzKfWwk7OrK8Eja3KuFI215Uoux1JWJMq-DXqwr6T6tgIKFWwSS6CilTq5BJqbOqkE6Ht1TBcnsVRp6swtsbVXhPq15WYT0drWYvLZKrURpQjSrK1VfjKT3_rBp3plcjYnM1omg0jaWJNJWeJVXjFcVvqcYcEseqoaNR9jVIH16DTDKJrgGoILYGURNqUDy8FtVkMb4WdqQuqsXLxbV4cKgWT2j4lVp8TSEltQin6Y51WERhvnUYQhNpGs2hr-l7WkE7N9chma7n1OEOVb2vQz0VNNehhKzlepSH1KOe8pPqIbbUY9cf9dhL2rx6mNLfNfV4RgaXBoRT0xcNMPmyAXvHNeDjKQ1IMmnELjIXjbiua4SzSyMGejQi6PtGRJDzh0Z40rPgJrylmLlNuHW8CQNONCGQvshswp1rTXhANrebcORpE05R72dN6EfHxjQjk8y_aIY1bYptxlbCzGboyCK9GS1dP0Du9gHPx35A9jcfcIVs13-AE_k__ICTy__FGdqY8S-2kZNNC0THFuSMb8ED6pHVgn5092ELHlKBsQXl5CS3wpViY1qx4atW_omt2Eabz7diB_m9aUUfGm1rxBf00MGIPFrV1oj1ZCThZMQJVyPCPjFiCJ2_asQlqrtnRAslvDAikbw-GNGVbLpKoi1FBUtiNG1qYyK2UpJqIraRwzgTMXeyiVhEN66biI43TcSldxzTmn4asYGWp2nEanpzSiN-uqERO8n5lka4U1S5RjTaa0W-g1YUEQxaoSO_SK3oTddjtOIeZWZpRYJWFq4WsvjVThb7qMxDFjeGy-IuzUuQxUJqWCyLcctkcXGzLK6R_31ZBNMRKn4giz__Zn-eLB6SaQdFzOijiFERiviSGmMU0UoFrxRRT0ZTCMUMYpwjxER65QTREsCcHsI5DiKCdi6BSCGTwxCg-RkQi8jnCoQfHX4CkUHJfHppJE0U4uetQmyngw-EuBluKu7Snm9MRSodohN0hpKWmArdClNhQwErTcVf20xFHi08YCq-p96nTIVLjanY-6-pOEiFvcxEGS3wp3Az8S2doNM0ZbqZmEl16WaioMRMlNPaZjOxkWa0mInZVNyjjaig77a3ET9Sysk24hCNOd1GxNLYa4zv2og4SipsI_7ubC6ivMzFDB9zcT7EXDwKNxdPySLKXNiRe7656EJr6U25ufhFoxPbaUYvnZhLP-l14mdaOkgnpkTqhHO8TvjP0gk9rUvUic00aIVOhJNxv050uMD-R1yDmkqYo4fhFuIJ_f7EQvTKsxBd_7EQVe0sxSdelsKzv6X4dJulGECueZaiE-0OsxL76cYGK3GXntBLmr_VSrzdbSUKKXSflfiMll6zEqvpttFKNLlZCyOdHWotSsdZi1pyH28tvGjnZGuRTNop1sKMymezTl3TrIUvbfK3EdvJsq-NcKBlBhsxebSN-HuNjXhOqb_ZiMP05wkbcZPUczYilnr-ZSM-pWfutuIVPW5nL15Q7hx7MSzZXtiam-49fP0-rCtzqj9vbzZs_oT4afOmTp7k0W3ypGmJs-bO8509d_K8yQmJ4xOnzUqY1y1u7qyExMkJk2J7-PXo49ere29fP7_Y2T3-D1haG6c&browser-version=%22Chromium%22;v%3D%22147.0.0.0%22,+%22Google+Chrome%22;v%3D%22147.0.0.0%22,+%22Not-A.Brand%22;v%3D%2224.0.0.0%22&build-label=editors.presentations-frontend_20260415.00_p2&imp-sid=CJeTpI6okpQDFUELkQEdbbkDIA&is-cached-offline=false&wcrumsspbp=true" server ESF strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-frame-options SAMEORIGIN x-l2-request-path l2-managed-4 x-robots-tag noindex, nofollow, nosnippet x-xss-protection 0
GET H2	200	833068961-viewer_css_ltr.css docs.google.com/static/presentation/client/css/	946 KB 113 KB	19ms 15ms	Stylesheet text/css	192.178.218.100 Google LLC
General Check archive.org Show headers Download Go to Full URL https://docs.google.com/static/presentation/client/css/833068961-viewer_css_ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.178.218.100 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS yuiadtq-in-f100.1e100.net Software sffe / Resource Hash 89937d99ae6b3d10c8e8c43c16abb51966a8f530539720935360e7c06a755450 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/presentation/d/e/2PACX-1vTnPrFU5qC0v7JoP4Is4-ZCkQXzxhFI-CMdbtuInbeYSCTfDk7FAO1gAz0WarPx244_CmcFKZpWqCmF/pub?start=false&loop=false&delayms=3000 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip age 371018 report-to {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]} x-content-type-options nosniff expires Sat, 24 Apr 2027 22:16:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 24 Apr 2026 22:16:55 GMT last-modified Thu, 16 Apr 2026 21:15:03 GMT content-type text/css vary Accept-Encoding, Origin cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="docs" content-length 115462 x-xss-protection 0 server sffe
GET H2	200	m=core Show response docs.google.com/_/presentations/_/js/k=presentations.viewer.en.ubfcnrsS-ow.es5.O/am=AAAOGA/d=0/wt=0/rs=AB6fld3BIgYGNs2bhRBI9GfcnCcqchNaoQ/	1 MB 469 KB	31ms 28ms	Script text/javascript	192.178.218.100 Google LLC
General Check archive.org Show headers Download Go to Full URL https://docs.google.com/_/presentations/_/js/k=presentations.viewer.en.ubfcnrsS-ow.es5.O/am=AAAOGA/d=0/wt=0/rs=AB6fld3BIgYGNs2bhRBI9GfcnCcqchNaoQ/m=core Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.178.218.100 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS yuiadtq-in-f100.1e100.net Software sffe / Resource Hash 0ecf6566980d33c129b93defd292422a705a2bc07f3d92f7232dcf8a652ee59e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/presentation/d/e/2PACX-1vTnPrFU5qC0v7JoP4Is4-ZCkQXzxhFI-CMdbtuInbeYSCTfDk7FAO1gAz0WarPx244_CmcFKZpWqCmF/pub?start=false&loop=false&delayms=3000 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip age 406043 report-to {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]} x-content-type-options nosniff expires Sat, 24 Apr 2027 12:33:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 24 Apr 2026 12:33:10 GMT last-modified Thu, 16 Apr 2026 21:15:33 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="docs" content-length 479328 x-xss-protection 0 server sffe
GET		/ invalid/	0 0
GET H2	200	css fonts.googleapis.com/	5 KB 2 KB	215ms 168ms	Stylesheet text/css	142.251.163.95 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400 Requested by Host: docs.google.com URL: https://docs.google.com/presentation/d/e/2PACX-1vTnPrFU5qC0v7JoP4Is4-ZCkQXzxhFI-CMdbtuInbeYSCTfDk7FAO1gAz0WarPx244_CmcFKZpWqCmF/pub?start=false&loop=false&delayms=3000 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 142.251.163.95 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS wv-in-f95.1e100.net Software ESF / Resource Hash ae14e6cdbd03f18a4fa37ba5b905bd7e39ae0162d519ca372985aa209e8c42b2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 29 Apr 2026 05:20:33 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 29 Apr 2026 05:20:33 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 29 Apr 2026 04:43:40 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	AGV_vUcLvrRN3Jpw07OFp18TOvZt59EGjG-S1jXjjQAUoqftatepjVt2OEpc7Y6ad1AkNB_W_udTcCS2ntKGBSuFIwll6r70VEhB2FYtuzrS4G3g4Q8R5DHbJmIYc48XUX0eJWtRUmkj13EDBaLF-fVipvk=s2048 lh7-rt.googleusercontent.com/slidesz/	31 KB 31 KB	490ms 333ms	Image image/jpeg	142.251.111.132 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://lh7-rt.googleusercontent.com/slidesz/AGV_vUcLvrRN3Jpw07OFp18TOvZt59EGjG-S1jXjjQAUoqftatepjVt2OEpc7Y6ad1AkNB_W_udTcCS2ntKGBSuFIwll6r70VEhB2FYtuzrS4G3g4Q8R5DHbJmIYc48XUX0eJWtRUmkj13EDBaLF-fVipvk=s2048?key=Zaykd5WQyOhTa5Tsv-CCYg Requested by Host: docs.google.com URL: https://docs.google.com/presentation/d/e/2PACX-1vTnPrFU5qC0v7JoP4Is4-ZCkQXzxhFI-CMdbtuInbeYSCTfDk7FAO1gAz0WarPx244_CmcFKZpWqCmF/pub?start=false&loop=false&delayms=3000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.111.132 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS bk-in-f132.1e100.net Software fife / Resource Hash 1dc2b64094c9892ff2c706f00d62950d6523debd5bc89715ba3cacb39ff3a239 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers access-control-expose-headers Content-Length cache-control private, max-age=86400, no-transform etag "v0" x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31260 date Wed, 29 Apr 2026 05:20:33 GMT x-xss-protection 0 content-type image/jpeg vary Origin server fife content-disposition inline;filename="unnamed.jpg"
POST H2	204	26981ed0d57bbad37e728ff58134270c csp.withgoogle.com/csp/proto/	0 0	195ms 67ms	Ping text/html	172.253.122.141 Google LLC
General Check archive.org Show headers Download Go to Full URL https://csp.withgoogle.com/csp/proto/26981ed0d57bbad37e728ff58134270c Requested by Host: docs.google.com URL: https://docs.google.com/presentation/d/e/2PACX-1vTnPrFU5qC0v7JoP4Is4-ZCkQXzxhFI-CMdbtuInbeYSCTfDk7FAO1gAz0WarPx244_CmcFKZpWqCmF/pub?start=false&loop=false&delayms=3000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.141 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS bh-in-f141.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain;charset=UTF-8 sec-ch-ua-mobile ?0 Response headers
GET H2	200	css fonts.googleapis.com/	10 KB 2 KB	29ms 27ms	Stylesheet text/css	142.251.163.95 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google+Sans Requested by Host: docs.google.com URL: https://docs.google.com/static/presentation/client/css/833068961-viewer_css_ltr.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 142.251.163.95 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS wv-in-f95.1e100.net Software ESF / Resource Hash a5704a2c59946dd10ea8fecb69b31deb6e729501433422fbad8da4ac0abd58da Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 29 Apr 2026 05:20:33 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 29 Apr 2026 05:20:33 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 29 Apr 2026 04:17:30 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET		59170c1a-84eb-4dda-b89e-1893ecd50156 https://docs.google.com/	0 0
GET H2	200	punchviewer_material_sprite48_grey_medium.svg ssl.gstatic.com/docs/presentations/images/	36 KB 10 KB	87ms 28ms	Image image/svg+xml	172.253.122.94 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.gstatic.com/docs/presentations/images/punchviewer_material_sprite48_grey_medium.svg Requested by Host: docs.google.com URL: https://docs.google.com/static/presentation/client/css/833068961-viewer_css_ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 562748edaff2def65fa7fdc51472ad1f09dca8529a59b03a262d9a4d954d3c08 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding br age 394595 report-to {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]} x-content-type-options nosniff expires Sat, 24 Apr 2027 15:43:58 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 24 Apr 2026 15:43:58 GMT last-modified Tue, 14 Apr 2026 16:58:00 GMT content-type image/svg+xml vary Accept-Encoding, Origin cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="docs" content-length 9677 x-xss-protection 0 server sffe
GET H3	200	KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 fonts.gstatic.com/s/roboto/v48/	39 KB 39 KB	43ms 14ms	Font font/woff2	64.233.180.94 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 Requested by Host: docs.google.com URL: https://docs.google.com/presentation/d/e/2PACX-1vTnPrFU5qC0v7JoP4Is4-ZCkQXzxhFI-CMdbtuInbeYSCTfDk7FAO1gAz0WarPx244_CmcFKZpWqCmF/pub?start=false&loop=false&delayms=3000 Protocol H3 Security QUIC, , AES_128_GCM Server 64.233.180.94 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS on-in-f94.1e100.net Software sffe / Resource Hash 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://docs.google.com sec-ch-ua-platform "Linux" Referer https://docs.google.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers age 209134 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Mon, 26 Apr 2027 19:14:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 26 Apr 2026 19:14:59 GMT last-modified Thu, 29 May 2025 23:30:55 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 40128 x-xss-protection 0 server sffe
GET H2	200	punchviewer_material_sprite48_grey_dark.svg ssl.gstatic.com/docs/presentations/images/	36 KB 10 KB	65ms 29ms	Image image/svg+xml	172.253.122.94 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.gstatic.com/docs/presentations/images/punchviewer_material_sprite48_grey_dark.svg Requested by Host: docs.google.com URL: https://docs.google.com/static/presentation/client/css/833068961-viewer_css_ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 31875eac94bd2c95bff402309a140ede418219a56762d9645db05b7d4a37222b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding br age 394595 report-to {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]} x-content-type-options nosniff expires Sat, 24 Apr 2027 15:43:58 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 24 Apr 2026 15:43:58 GMT last-modified Tue, 14 Apr 2026 16:58:00 GMT content-type image/svg+xml vary Accept-Encoding, Origin cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="docs" content-length 9687 x-xss-protection 0 server sffe
GET H2	200	netcheck.gif ssl.gstatic.com/docs/common/	43 B 207 B	30ms 28ms	Image image/gif	172.253.122.94 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.gstatic.com/docs/common/netcheck.gif?zx=zuqn884nfmm Requested by Host: docs.google.com URL: https://docs.google.com/presentation/d/e/2PACX-1vTnPrFU5qC0v7JoP4Is4-ZCkQXzxhFI-CMdbtuInbeYSCTfDk7FAO1gAz0WarPx244_CmcFKZpWqCmF/pub?start=false&loop=false&delayms=3000&slide=id.p Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers report-to {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 29 Apr 2026 05:20:33 GMT content-type image/gif last-modified Thu, 02 Nov 2023 22:48:00 GMT cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="docs" content-length 43 x-xss-protection 0 server sffe
POST H3	200	log Show response play.google.com/	131 B 155 B	88ms 52ms	Fetch text/plain	142.251.111.113 Google LLC
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: docs.google.com URL: https://docs.google.com/_/presentations/_/js/k=presentations.viewer.en.ubfcnrsS-ow.es5.O/am=AAAOGA/d=0/wt=0/rs=AB6fld3BIgYGNs2bhRBI9GfcnCcqchNaoQ/m=core Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.111.113 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS bk-in-f113.1e100.net Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/ Content-Encoding gzip sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Content-Type application/binary X-Goog-AuthUser 0 Response headers x-frame-options SAMEORIGIN cache-control private content-encoding gzip cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Wed, 29 Apr 2026 05:20:34 GMT access-control-allow-origin https://docs.google.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." content-length 131 date Wed, 29 Apr 2026 05:20:34 GMT x-xss-protection 0 content-type text/plain; charset=UTF-8 server Playlog access-control-allow-headers X-Playlog-Web
OPTIONS H2	200	log play.google.com/	0 0	128ms 60ms	Preflight text/plain	142.251.111.113 Google LLC
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.111.113 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS bk-in-f113.1e100.net Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-encoding,content-type,x-goog-authuser Access-Control-Request-Method POST Origin https://docs.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://docs.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/plain; charset=UTF-8 date Wed, 29 Apr 2026 05:20:33 GMT server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
GET H3	200	m=secondary Show response docs.google.com/_/presentations/_/js/k=presentations.viewer.en.ubfcnrsS-ow.es5.O/am=AAAOGA/d=0/wt=0/rs=AB6fld3BIgYGNs2bhRBI9GfcnCcqchNaoQ/	467 KB 155 KB	29ms 28ms	Script text/javascript	192.178.218.100 Google LLC
General Check archive.org Show headers Download Go to Full URL https://docs.google.com/_/presentations/_/js/k=presentations.viewer.en.ubfcnrsS-ow.es5.O/am=AAAOGA/d=0/wt=0/rs=AB6fld3BIgYGNs2bhRBI9GfcnCcqchNaoQ/m=secondary Requested by Host: docs.google.com URL: https://docs.google.com/_/presentations/_/js/k=presentations.viewer.en.ubfcnrsS-ow.es5.O/am=AAAOGA/d=0/wt=0/rs=AB6fld3BIgYGNs2bhRBI9GfcnCcqchNaoQ/m=core Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.218.100 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS yuiadtq-in-f100.1e100.net Software sffe / Resource Hash 9cdf5e198f5c1bd88f8db92a2c6265ebc5a9cd3ee2cdf8553b5c6144b5ffde2a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/presentation/d/e/2PACX-1vTnPrFU5qC0v7JoP4Is4-ZCkQXzxhFI-CMdbtuInbeYSCTfDk7FAO1gAz0WarPx244_CmcFKZpWqCmF/pub?start=false&loop=false&delayms=3000&slide=id.p User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip age 265216 report-to {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]} x-content-type-options nosniff expires Mon, 26 Apr 2027 03:40:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 26 Apr 2026 03:40:17 GMT last-modified Thu, 16 Apr 2026 21:15:33 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="docs" content-length 158943 x-xss-protection 0 server sffe
GET H3	200	m=help Show response docs.google.com/_/presentations/_/js/k=presentations.viewer.en.ubfcnrsS-ow.es5.O/am=AAAOGA/d=0/wt=0/rs=AB6fld3BIgYGNs2bhRBI9GfcnCcqchNaoQ/	33 KB 12 KB	17ms 16ms	Script text/javascript	192.178.218.100 Google LLC
General Check archive.org Show headers Download Go to Full URL https://docs.google.com/_/presentations/_/js/k=presentations.viewer.en.ubfcnrsS-ow.es5.O/am=AAAOGA/d=0/wt=0/rs=AB6fld3BIgYGNs2bhRBI9GfcnCcqchNaoQ/m=help Requested by Host: docs.google.com URL: https://docs.google.com/_/presentations/_/js/k=presentations.viewer.en.ubfcnrsS-ow.es5.O/am=AAAOGA/d=0/wt=0/rs=AB6fld3BIgYGNs2bhRBI9GfcnCcqchNaoQ/m=core Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.218.100 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS yuiadtq-in-f100.1e100.net Software sffe / Resource Hash 433a3d73e017ca385c774d15d42fd69f5a4deb89a496c614a400a16e967b9205 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/presentation/d/e/2PACX-1vTnPrFU5qC0v7JoP4Is4-ZCkQXzxhFI-CMdbtuInbeYSCTfDk7FAO1gAz0WarPx244_CmcFKZpWqCmF/pub?start=false&loop=false&delayms=3000&slide=id.p User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip age 371026 report-to {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]} x-content-type-options nosniff expires Sat, 24 Apr 2027 22:16:48 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 24 Apr 2026 22:16:48 GMT last-modified Thu, 16 Apr 2026 21:15:33 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="docs" content-length 12414 x-xss-protection 0 server sffe
GET H3	200	favicon-2023q4.ico ssl.gstatic.com/docs/presentations/images/	24 KB 2 KB	20ms 19ms	Other image/x-icon	172.253.122.94 Google LLC
General Check archive.org Show headers Download Go to Full URL https://ssl.gstatic.com/docs/presentations/images/favicon-2023q4.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash 1d2b1bf6c2921393f0eeb1b21613bb9e1c9144dfda918306ef99dbf0d9d2aee4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding br age 281203 report-to {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]} x-content-type-options nosniff expires Sun, 25 Apr 2027 23:13:51 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 25 Apr 2026 23:13:51 GMT last-modified Mon, 30 Oct 2023 14:18:00 GMT content-type image/x-icon vary Accept-Encoding, Origin cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="docs" content-length 1593 x-xss-protection 0 server sffe
POST H3	200	log Show response play.google.com/	131 B 151 B	32ms 28ms	Fetch text/plain	142.251.111.113 Google LLC
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: docs.google.com URL: https://docs.google.com/_/presentations/_/js/k=presentations.viewer.en.ubfcnrsS-ow.es5.O/am=AAAOGA/d=0/wt=0/rs=AB6fld3BIgYGNs2bhRBI9GfcnCcqchNaoQ/m=core Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.111.113 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS bk-in-f113.1e100.net Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://docs.google.com/ Content-Encoding gzip sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Content-Type application/binary X-Goog-AuthUser 0 Response headers x-frame-options SAMEORIGIN content-encoding gzip cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://docs.google.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 131 date Wed, 29 Apr 2026 05:20:36 GMT x-xss-protection 0 content-type text/plain; charset=UTF-8 server Playlog access-control-allow-headers X-Playlog-Web

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

invalid

URL

chrome-extension://invalid/

Domain

docs.google.com

URL

blob:https://docs.google.com/59170c1a-84eb-4dda-b89e-1893ecd50156

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Shaw (Telecommunication)

38 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| ppConfig object| DOCS_timing object| WIZ_global_data object| _docs_flag_initialData function| _F_toggles_initialize function| a object| b object| d string| e object| _F_toggles function| DOCS_attachInitialMaterialFontLoadListener object| DOCS_timingPromises object| _docs_yt_api_youtube_ready_promise object| _$sk object| _F_toggles__$sk object| CLOSURE_DEFINES object| CLOSURE_UNCOMPILED_DEFINES function| DOCS_initializeModules number| U3bHHf function| DOCS_initDocsMobileWeb function| DOCS_initSlidesMobileWeb function| DOCS_initSheetsMobileWeb function| DOCS_installLinkReferrerSanitizer function| onYouTubeIframeAPIReady function| init_viewer object| __punchViewerWorkerInstance object| viewerData object| SK_viewerApp object| DOCS_initialLoadTiming object| closure_lm_187376 object| wizBind object| SK_viewerToastService object| SK_editorEventListener boolean| sup_wp_key number| SK_modelChunkLoadStart number| SK_modelChunkParseStart object| userfeedback function| startFeedback

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-21 18:07:31	Name: NID Value: 531=KdS-1EUCdWTEVzgEHUnyRdJPg9Epoik4Z5sMKfK2rftOOaZrI29l9ZhnKUwWpT4Dqv7vjrNlC-UgQhX59rxzHLHfzogBk-FEH7tHiMx0Ay8wKrvEZE793-rr6pbdKbAuSnxUpLoe1z3kajZOBa-kDR-NlWaQQHmRRRS6o41IBQceDfOc0KjRGSYuDnq_e85on86yALCFq99iWzmR7w5CfTxR

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
rendering	warning	URL: https://docs.google.com/presentation/d/e/2PACX-1vTnPrFU5qC0v7JoP4Is4-ZCkQXzxhFI-CMdbtuInbeYSCTfDk7FAO1gAz0WarPx244_CmcFKZpWqCmF/pub?start=false&loop=false&delayms=3000(Line 9) Message: The key "target-densitydpi" is not supported.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-Cp3-TFb1HzLEsZKhPSe5oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csp.withgoogle.com
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
invalid
lh7-rt.googleusercontent.com
play.google.com
ssl.gstatic.com
docs.google.com
invalid
142.251.111.113
142.251.111.132
142.251.163.95
172.253.122.141
172.253.122.94
192.178.218.100
64.233.180.94
02903fb2610c9563993a8ec100d75b281602dc8118c12fa4d5a966a6184e3e61
0ecf6566980d33c129b93defd292422a705a2bc07f3d92f7232dcf8a652ee59e
1d2b1bf6c2921393f0eeb1b21613bb9e1c9144dfda918306ef99dbf0d9d2aee4
1dc2b64094c9892ff2c706f00d62950d6523debd5bc89715ba3cacb39ff3a239
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31875eac94bd2c95bff402309a140ede418219a56762d9645db05b7d4a37222b
433a3d73e017ca385c774d15d42fd69f5a4deb89a496c614a400a16e967b9205
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
562748edaff2def65fa7fdc51472ad1f09dca8529a59b03a262d9a4d954d3c08
89937d99ae6b3d10c8e8c43c16abb51966a8f530539720935360e7c06a755450
9cdf5e198f5c1bd88f8db92a2c6265ebc5a9cd3ee2cdf8553b5c6144b5ffde2a
a5704a2c59946dd10ea8fecb69b31deb6e729501433422fbad8da4ac0abd58da
ae14e6cdbd03f18a4fa37ba5b905bd7e39ae0162d519ca372985aa209e8c42b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855