urlscan.io logo urlscan.io
SecurityTrails logo

docs.google.com Open in urlscan Pro
172.217.222.101  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://imagestash.pics/image.php?id=5FGK28.link
Effective URL: https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv...
Submission: On June 02 via manual from GB — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 18 HTTP transactions. The main IP is 172.217.222.101, located in United States and belongs to GOOGLE, US. The main domain is docs.google.com. The Cisco Umbrella rank of the primary domain is 127.
TLS certificate: Issued by GTS CA 1C3 on May 13th 2024. Valid for: 3 months.
This is the only time docs.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.173.151.229 8075 (MICROSOFT...)
1 1 104.21.15.56 13335 (CLOUDFLAR...)
7 104.26.8.202 13335 (CLOUDFLAR...)
1 104.16.80.73 13335 (CLOUDFLAR...)
1 173.194.204.157 15169 (GOOGLE)
1 172.217.222.101 15169 (GOOGLE)
2 74.125.192.95 15169 (GOOGLE)
1 173.194.66.132 15169 (GOOGLE)
2 142.251.174.101 15169 (GOOGLE)
2 172.217.222.94 15169 (GOOGLE)
1 173.194.205.94 15169 (GOOGLE)
18 9
1    52.173.151.229 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
imagestash.pics
1    104.21.15.56 (None, )

ASN13335 (CLOUDFLARENET, US)
grabify.world
7    104.26.8.202 (None, )

ASN13335 (CLOUDFLARENET, US)
grabify.link
1    104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    173.194.204.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f157.1e100.net
pagead2.googlesyndication.com
1    172.217.222.101 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f101.1e100.net
docs.google.com
2    74.125.192.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f95.1e100.net
fonts.googleapis.com
1    173.194.66.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f132.1e100.net
themes.googleusercontent.com
2    142.251.174.101 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f101.1e100.net
play.google.com
2    172.217.222.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f94.1e100.net
fonts.gstatic.com
1    173.194.205.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f94.1e100.net
ssl.gstatic.com
Apex Domain
Subdomains		 Transfer
7 grabify.link
grabify.link — Cisco Umbrella Rank: 770209
67 KB
3 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
39 KB
3 google.com
docs.google.com — Cisco Umbrella Rank: 127
play.google.com — Cisco Umbrella Rank: 34
43 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
3 KB
1 googleusercontent.com
themes.googleusercontent.com — Cisco Umbrella Rank: 11608
988 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
51 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 804
7 KB
1 grabify.world
grabify.world
549 B
1 imagestash.pics
imagestash.pics
375 B
18 9
Domain Requested by
7 grabify.link grabify.link
static.cloudflareinsights.com
2 fonts.gstatic.com fonts.googleapis.com
2 play.google.com docs.google.com
2 fonts.googleapis.com docs.google.com
1 ssl.gstatic.com
1 themes.googleusercontent.com docs.google.com
1 docs.google.com grabify.link
1 pagead2.googlesyndication.com grabify.link
1 static.cloudflareinsights.com grabify.link
1 grabify.world 1 redirects
1 imagestash.pics 1 redirects
18 11

This site contains links to these domains. Also see Links.

Domain
drive.google.com
support.google.com
Subject Issuer Validity Valid
grabify.link
E1		 2024-05-08 -
2024-08-06		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub
Frame ID: 70F7DAADCB9D25164B184338F0219509
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hello i would like you to translate this text thanks

Page URL History Show full URLs

  1. https://imagestash.pics/image.php?id=5FGK28.link HTTP 302
    https://grabify.world/image.php?id=5FGK28.link HTTP 302
    https://grabify.link/image.php?id=5FGK28.link Page URL
  2. https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

9
IPs

2
Countries

210 kB
Transfer

563 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://imagestash.pics/image.php?id=5FGK28.link HTTP 302
    https://grabify.world/image.php?id=5FGK28.link HTTP 302
    https://grabify.link/image.php?id=5FGK28.link Page URL
  2. https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://imagestash.pics/image.php?id=5FGK28.link HTTP 302
  • https://grabify.world/image.php?id=5FGK28.link HTTP 302
  • https://grabify.link/image.php?id=5FGK28.link

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
image.php
grabify.link/
Redirect Chain
  • https://imagestash.pics/image.php?id=5FGK28.link
  • https://grabify.world/image.php?id=5FGK28.link
  • https://grabify.link/image.php?id=5FGK28.link
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grabify.link/image.php?id=5FGK28.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
117d95eedcbe335064e60224c4ba76b0c4616fa60c11ac320b3d3cb565d8d074

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
88da755dc83b53e9-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 02 Jun 2024 21:15:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=efPjMWFC38mUTFceVYsQ3eZOPiH5M6bqQx7hJn9bYLymx2C%2BkQ9oXaW%2FeTssJ7ZeIDa%2F30B1SHKahv7YKfcuEl5oiXJA3O%2BccXFIVH%2BlKbt4Sv28HqilomLOFMrTiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-ratelimit-limit
15
x-ratelimit-remaining
14

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
88da755d4c6caad0-YYZ
content-length
143
content-type
text/html
date
Sun, 02 Jun 2024 21:15:23 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://grabify.link/image.php?id=5FGK28.link
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PtVrIGWOElYMDBGfh8JzwtKFQQJlROG6ywZ%2FX0Typj%2FjQ%2FI6eGAcuAkpHwSlq2bRy%2FlTTO%2B2vgGpP3axD6Ejorz5ORV4bifO6iScTfBM44Crkq2Ms8bRu9aFMRqbX5di"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ads.js
grabify.link/js/ 		19 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/ads.js
Requested by
Host: grabify.link
URL: https://grabify.link/image.php?id=5FGK28.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 21:15:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
796
cf-polished
origSize=22
alt-svc
h3=":443"; ma=86400
content-length
19
cf-bgj
minify
last-modified
Mon, 22 Jan 2024 08:59:40 GMT
server
cloudflare
etag
"16-60f850cd8071e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PZlv2n2q6T8m%2F%2BW5b%2FzLVTf%2BOGVXi2QOl0vd8gEXIziRonyYAjtDai2AXanHjTBFATYz5PKtzwpHOKZle18BDC8TQikkZC66wPLmXcV4LeC6x%2B6T4arYVpA2jq4flA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
accept-ranges
bytes
cf-ray
88da7569baa253e9-YYZ
jquery-2.5.1.min.js
grabify.link/js/ 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2
Requested by
Host: grabify.link
URL: https://grabify.link/image.php?id=5FGK28.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c35a7a44bd9babd6b30cef4289a636689e037daebc33fbc918d9984c6d08623c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 21:15:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sat, 13 Apr 2024 05:23:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2ab19-615f395c2cfcc-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=92l42Po%2FicpIBATQK%2BvP55uJIqonJOS7lmtrEnz%2FaBePvGQamyw6o%2BOAZaBG%2Bi%2FOI81m6M5pFJ2vVmgNTF28MjDB75E11lOl%2FSBJMaDG%2BNE5HWdmYJKkIUS40EybHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
accept-ranges
bytes
cf-ray
88da7569baa453e9-YYZ
alt-svc
h3=":443"; ma=86400
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by
Host: grabify.link
URL: https://grabify.link/image.php?id=5FGK28.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://grabify.link
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 21:15:25 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 19:01:13 GMT
server
cloudflare
etag
W/"2024.5.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88da756a6a94aa9c-YYZ
jquery-2.5.2.min.js
grabify.link/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/jquery-2.5.2.min.js
Requested by
Host: grabify.link
URL: https://grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90c47288479a5e1f475bad913b7e0eced1479ceaa7e7761c332d278f5634f52a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 21:15:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Sat, 13 Apr 2024 05:23:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"31c3-615f395cd0130-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80dLPVr%2BOEZTevbT0XzTsrptF2k1uKUpKVVWZbC5Q61uNmiFnyjrfn6ZZvVwzvv4npkJWm1g%2Bk9hJMHQyCBuTM7iD%2B3xdjsRCbale17NijjzrvErOhuLPBG6XgDZuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
accept-ranges
bytes
cf-ray
88da756e4866ac2e-YYZ
alt-svc
h3=":443"; ma=86400
content-length
4453
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: grabify.link
URL: https://grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f157.1e100.net
Software
cafe /
Resource Hash
945fb31f616b7d84710d037386b24b9406525aca86370c294edec7fba1232e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 21:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51952
x-xss-protection
0
server
cafe
etag
207719935273360614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 02 Jun 2024 21:15:26 GMT
rum
grabify.link/cdn-cgi/ 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grabify.link/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 02 Jun 2024 21:15:26 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://grabify.link
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
88da7574af50ac2e-YYZ
favicon.ico
grabify.link/ 		22 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://grabify.link/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00b8cd633d0a635c5840a2ae401724999d670fad974758220521143263b8d21

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 21:15:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Mar 2023 08:48:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5318
etag
W/"576e-5f5e6e55d2ad7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kmAPpif1kA%2Fg3m0HHqp4XvLVdC5VNTgFzYgvVKtcspWiVJvm6k9HnehHKAiz%2F3m0X1Uyd%2B0jAy01SusNxTmTXcbnj2xYmYELWYajrky%2F6KFCPBwWMi6En5H09JbpNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cf-ray
88da7574af51ac2e-YYZ
alt-svc
h3=":443"; ma=86400
js
grabify.link/api/ 		16 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grabify.link/api/js
Requested by
Host: grabify.link
URL: https://grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.8.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-CSRF-TOKEN
7ZyuR43UyZCQmmmdrWjUQNCD2g1AwehvGcqpaCoB
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
User-Agents
N1p5dVI0M1V5WkNRbW1tZHJXalVRTkNEMmcxQXdlaHZHY3FwYUNvQg==
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 21:15:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-ratelimit-remaining
8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUMH3acUoBDGbAJGNwnZmYdC5jETfxZuEyKwJC9de9Vv48IY8a7tZCo8he%2BV3X4Vuvca%2FWtzt%2Bs%2B89ZQe7AinLB2xTAOBonk92VQolvw4lqPOprskHS4W35HYw6bPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
10
cf-ray
88da7574ffa7ac2e-YYZ
alt-svc
h3=":443"; ma=86400
Primary Request pub
docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/ 		106 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub
Requested by
Host: grabify.link
URL: https://grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.222.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f101.1e100.net
Software
GSE /
Resource Hash
a6a46570150ab2bc62d370bc35152cb26124496134f09c0fd8bec29250bccf1b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-18wuFNUASbKTd8PyKCH7Fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Reduced
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-18wuFNUASbKTd8PyKCH7Fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
content-type
text/html; charset=utf-8
date
Sun, 02 Jun 2024 21:15:28 GMT
expires
Sun, 02 Jun 2024 21:15:28 GMT
origin-trial
Arlbm3aYP4F8jryBe5TXZ49CJDmGTgEpjkLwYKtvJpvg65pxTRq/0LtrY3S/FMwogUWu6GvOhoCX1WWtJ8wVXQkAAABpeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlVzZXJBZ2VudFJlZHVjdGlvbiIsImV4cGlyeSI6MTY1MDQxMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
referrer-policy
strict-origin-when-cross-origin
reporting-endpoints
default="/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/web-reports?context=eJwV0ndU1UcWB_DL_O5orCB2FATBEgMqCrGAwuOVPNhjxEScX1yRlSJLcMEgmqxdo25EiQfWxBL1vUexRY5C4kZBJAoWFNcSxbLRWCImQXQFHwgmsN_943PuzJ05U-5M18293dtm0V7Y1EnRtDcU2WB5N0VF8E13RQY3Rfng5a5oRF9FRqiCef0UVfRX5D9A0dcwzUOR9yBFswYr8vRUVOClKGWIotdDFSX6Kuo-HHk4CVPeRH6Uoh7-inrBfngrQFHuaEUbAhVZghVlwVboeFvR9AmKfpio6GcIm6poRgzOoiuaAFdmK7oPtrmKbs5T9AS6JCoaCDeSFAWlKjKBI11RMdQvxt4Q8AnuBrdWK_oF9q9RdAz-vVbRPTB9qmgm1K1T1AzFWYpOwcRsRVbI-lLRThi2TVEwtG9X1HOHorW7cA9Ya0MEf7uiUPiqAHWCC0WK7kCfI4r8gEoUucHxo4qq4W65ogbwOasoEFZANkSfUxQPkecVfQCGi6gDWGpQc9gBB8BxCWeFUVcUTYby64ouQVOtIu2mos9vK9oDhXcUHYXjUA2n7ym6Bl4PFI2GbT8r2geujxUNgRI4DWehFp78oqgFZjTgL8AfL_CejXhP8IF4yIA6aIY13XXKgXhXnb6HK9DdTafB8KS_TlEeOs0GtyCdvCHubZ0WQRlchNpJOtVBl2k6TY3W6V3YChnv67QBvoTvdJ3WxGIfMMzTaQa4LcJ6MDNTpx-X6fQUxizXKQw2rsRcqINnMGiVTr5QCRfhFtyHBnDCT32v0uxR9SIeNs95IbbCneQX4iH0XPVC9IP1lS9ENlTkNopzkPywUaTDwDFNwgeiZzUJHdavahLZcHi0U5wa6xReVqcYDjErnCIWBq92Cj_ov9YphkBzqVO0w64zTlEA1akt4ir8PfSVWAP6lFfiLzB7_isRD2VZr0Ql1MS0iuswYVmrCAP3C63CA7pcaRW9IMS9TRhh4KdtwgeyNrWJXPg9F9HeJk442kTyzt9FRtEfYik8H9ou1r3XLjZDc0e7aIcTgztEFcxM7RBzQCztEF0hxo20WPBLJ80fCjJIOwR37pP2EL7Ic9GsBS5aNAzJFtoIOGcX2mU4WyU04yWh_QnO3xfaNTinadplKHtP0yohLkbTkuHoBk2rgOpsTUuv0rSPofGxprXB4q6snfFm7RI8fTaZX4J7y2T2gNOuIXwBbqwK4btQ82sIX4ec30J4B2x8hjY0vgzhNqidHsr9toeyFzw4FMq_QrLHFE6HJeOn8ko4mTiVz0KtDON7kBUexrkwbUsYx0D7-TDuVB3GB66GcTEMCgpnX2j9MJxdUsP52MFw_h4MN8J5sKeB_SDmHQPHwmurgWWkgR1RBj4Au1YbuAAuPzXwT3C0wcDl0CkignvCge0RXAyH90dwBdR8HcHXoVtRBPeGqlrkwK-_kf3ht2gjN0L5QiOfgedLjNwCwcuMPAValxvZZYWRQ3OMbII7h438EE7cMHIVxNYbOQkCG4w8CR65mrgeLD4mfhecQ00sfU0cHWFiHZ7uM_FLiDlu4lh4VIH5sLXexLvAs9nEwyAQJsF0UJAAqfANlIGvMPNbEC_N_CH84Gnm_8D4EWY2wlcJZr6eYuYfYfdHZi6E8CVmtkLXHDO7Q6nNzKchocjM606aeTP4V5g5FPacM7Phmpkj4VCdmb-Fcm8Ln4EFwRbOhMcTLOyEpjgLv4Yj8y18DOo2WfgZjN9i4RDIqbHwDnBUvMPFML-zldOgpIeVS2FnXyufh1uQ5mnllbAWcv8v2co391j5Ady1Wfkx-NZaOQD-3DuSEyC-TyRXw20oGxDJZ6Dz0kh2hZLPIrkUBrVEsi9sdIniHEjsHMULIMczindAl_dtshf8Y7VNboGq72yyBtafsMkvwL3SJj2g8K5NHoUVjzAGuc9scieM6WKXYeDuapcjwTXJLvvDwlS7_AR8VttlIDz4p10OPIg-7C61y0JIK7PLJWCrtMs5D-wyEXq8tMu-kNlsl-tgm4tD7oPOfRzSFQ54OmQxDJ_rkAMcDjkS_pXvkCch6IhDTgXvS8hDv8sO6QVje-fJifA4IE82QMn4PFkK_YLy5HAonJIni6D7rjzZB4btzpMB4NORJ6198qX33Hw5Ep58ni-fw8GT-bIU2urzpXiaL1Oe58uPYPaCAhkPR4yFsjZqr7wHx8r3ytPgMmqf7AWX1-yXt8G92xv_PdVU0snts5Z23aNv9OL4BSmL_pqUOCsl6WNDQmZKetqscUPfTEpMyUzPWDQ6MT1h8d-S0jIXBczPSE_LTEpLjBs3dlzQ2OBxgaPHjotbGPw_VYyEtA&browser-version=%22Google+Chrome%22;v%3D%22125.0.6422.112%22,+%22Chromium%22;v%3D%22125.0.6422.112%22,+%22Not.A/Brand%22;v%3D%2224.0.0.0%22&build-label=editors.documents-frontend_20240521.02_p5&imp-sid=CNrfo7rrvYYDFeoPEgcdflUJKw&is-cached-offline=false"
server
GSE
x-content-type-options
nosniff
x-l2-request-path
l2-managed-5
x-robots-tag
noindex, nofollow, nosnippet
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans
Requested by
Host: docs.google.com
URL: https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f95.1e100.net
Software
ESF /
Resource Hash
497faabf80f6bd2b350bdb228346b454799dc28c364368efb74d12726bd176de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.112"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://docs.google.com/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Jun 2024 21:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 02 Jun 2024 19:58:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Jun 2024 21:15:28 GMT
css
fonts.googleapis.com/ 		2 KB
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: docs.google.com
URL: https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.192.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f95.1e100.net
Software
ESF /
Resource Hash
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.112"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://docs.google.com/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Jun 2024 21:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 02 Jun 2024 19:22:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Jun 2024 21:15:28 GMT
css
themes.googleusercontent.com/fonts/ 		2 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://themes.googleusercontent.com/fonts/css?kit=OPeqXG-QxW3ZD8BtmPikfA
Requested by
Host: docs.google.com
URL: https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.66.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f132.1e100.net
Software
ESF /
Resource Hash
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.112"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://docs.google.com/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 21:15:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 02 Jun 2024 21:15:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Jun 2024 21:15:28 GMT
log
play.google.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.174.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f101.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://docs.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://docs.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 02 Jun 2024 21:15:28 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ 		131 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: docs.google.com
URL: https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.101 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f101.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-Type
text/plain;charset=UTF-8
sec-ch-ua-full-version
"125.0.6422.112"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://docs.google.com/
X-Goog-AuthUser
0
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 02 Jun 2024 21:15:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://docs.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 02 Jun 2024 21:15:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.222.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Origin
https://docs.google.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.112"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://fonts.googleapis.com/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 06:10:06 GMT
x-content-type-options
nosniff
age
140722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jun 2025 06:10:06 GMT
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v59/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v59/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.222.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f94.1e100.net
Software
sffe /
Resource Hash
8cd3f9f312e86bade2e77eb25c28eba805707909441d49e29288944677ce6d47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Origin
https://docs.google.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.112"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://fonts.googleapis.com/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 06:02:01 GMT
x-content-type-options
nosniff
age
141207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21324
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 23:38:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jun 2025 06:02:01 GMT
kix-favicon-2023q4.ico
ssl.gstatic.com/docs/documents/images/ 		24 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/docs/documents/images/kix-favicon-2023q4.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.205.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f94.1e100.net
Software
sffe /
Resource Hash
3d45292eef3c671fcafb8ce679c08fcced09a3835e46f9ed51c7fa9af2e0e11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.112"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://docs.google.com/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 01:27:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
157682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1821
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 14:18:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
image/x-icon
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Sun, 01 Jun 2025 01:27:26 GMT

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| DOCS_timing object| DOCS_drawing_load object| DOCS_drawing_decode function| _DOCS_record_fn function| DOCS_record_drawing_load function| _F_toggles_initialize function| k function| aa function| ba object| ca function| da function| m undefined| n undefined| ea undefined| fa function| ha function| p object| q object| ia function| ja function| ka function| la function| ma function| na function| oa function| r function| w function| x function| y function| ta function| B function| C function| va function| z function| ya function| za function| Ba function| Ca function| A function| Ea function| ua function| xa number| pa function| wa function| Ga function| Ha function| Ia function| Ja function| Fa function| Da function| sa function| ra function| qa function| E function| t function| Ka function| D function| F undefined| La undefined| Ma function| Na function| G function| H function| I function| u function| v function| Oa function| Pa function| Qa undefined| Ua function| Sa function| Ra function| Va function| Ta function| Wa boolean| Za boolean| $a object| J object| ab undefined| K number| bb object| cb boolean| db object| eb object| fb object| gb object| hb object| ib object| jb object| kb object| lb object| L object| mb function| M function| N function| nb function| ob function| pb function| Ya function| qb boolean| rb boolean| Xa boolean| sb undefined| tb boolean| ub function| vb function| O function| wb function| P object| yb object| xb undefined| Q function| R object| zb function| Ab function| Bb function| S object| Cb object| Db object| Eb function| T function| Fb function| Gb function| Hb boolean| Ib function| U object| Jb string| Kb number| Lb function| Mb function| Nb function| Ob string| Pb object| Qb number| Rb function| Sb function| Vb function| Xb function| Tb function| $b function| Yb function| Zb function| Wb string| ac function| Ub function| V object| bc function| cc function| dc function| ec object| X object| Y string| Z object| _F_toggles function| DOCS_installLinkReferrerSanitizer object| _docs_flag_initialData string| _docs_flag_cek object| _pubi function| DOCS_initPublishImpressionTracker function| DOCS_notifyDrawingLoad function| DOCS_notifyDrawingDecode

3 Cookies

Domain/Path Name / Value
grabify.link/ Name: XSRF-TOKEN
Value: eyJpdiI6IlBmWjRXMTU0VnZ3ZXZJbVRRT0s0R3c9PSIsInZhbHVlIjoiYnk0djA1SDdLaGlIV2NRYnpiNXhjRHE4aHNPN3JvVXF5ZXJqNXRNdmJrZXJrSG5mOERJNlpZdzBmY0taUGRrOEZPNnFpZnlrbXlQYlZGeldValBiMDBaK2VWbFMyZ1pQQTE2c1hXeGFieUZYR1oxUWdQQUtxSFRkQVl5TDM3VEgiLCJtYWMiOiI1NDM0ZDVjY2U4NmNhZGViNDNmM2JiZmVjZTYyODAxNjI1ODlkM2Y0ZDZkZDY4M2RkOGQ2ZjY1ZWZmMjI2OWY1IiwidGFnIjoiIn0%3D
grabify.link/ Name: g_session
Value: eyJpdiI6IkRnUTlCblRCdG9jR2pPQ3NYZE1ZZWc9PSIsInZhbHVlIjoiVXovaDBoeFV5RFFpbkg2VkcvN3NyNkdQQm53UytlZTZMdjEzRVJNVm5SM2hxZEE3YklzRTJlRjZWN0VmVWxwcEd3a1k5OUgzRU1vbG9QK1BXL2tBc1ByVFNkMG1hN0hWcmRzZ1FqdDRaSFZzQXEzTXVTcThjYmZMTVovMC9RVXMiLCJtYWMiOiJmMTRiMTA2N2ZlNzRkNDA2YmQxMmRkM2M0OTEzYjgyNjVhOGM4ZTgxZjA1ZjJhOThiOGE1YmM5MmUxYTg4ZGYxIiwidGFnIjoiIn0%3D
.google.com/ Name: NID
Value: 514=RSiqM-NyRpPm7BqGwRvBk4XrL8W3egr35DrkxInhagsN7T_aCu0EI8pRF6H_MWTAPEpDcTk1MF4Y-QwG-216Jcq8aGXxDH6qseicHgXzaRAn0J1RHQC6mL4LSY--P0KHiVE9Aj2KF3uIQ4owl-Hks0ldGiBzlGoEWUQxECHCcGo

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

docs.google.com
fonts.googleapis.com
fonts.gstatic.com
grabify.link
grabify.world
imagestash.pics
pagead2.googlesyndication.com
play.google.com
ssl.gstatic.com
static.cloudflareinsights.com
themes.googleusercontent.com
104.16.80.73
104.21.15.56
104.26.8.202
142.251.174.101
172.217.222.101
172.217.222.94
173.194.204.157
173.194.205.94
173.194.66.132
52.173.151.229
74.125.192.95
117d95eedcbe335064e60224c4ba76b0c4616fa60c11ac320b3d3cb565d8d074
3d45292eef3c671fcafb8ce679c08fcced09a3835e46f9ed51c7fa9af2e0e11f
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
497faabf80f6bd2b350bdb228346b454799dc28c364368efb74d12726bd176de
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a
8cd3f9f312e86bade2e77eb25c28eba805707909441d49e29288944677ce6d47
90c47288479a5e1f475bad913b7e0eced1479ceaa7e7761c332d278f5634f52a
945fb31f616b7d84710d037386b24b9406525aca86370c294edec7fba1232e55
a6a46570150ab2bc62d370bc35152cb26124496134f09c0fd8bec29250bccf1b
b00b8cd633d0a635c5840a2ae401724999d670fad974758220521143263b8d21
c35a7a44bd9babd6b30cef4289a636689e037daebc33fbc918d9984c6d08623c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7