urlscan.io logo urlscan.io
SecurityTrails logo

www.panihcsurvey.payungnegeri.ac.id Open in urlscan Pro
194.233.67.185  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.panihcsurvey.payungnegeri.ac.id/
Submission: On March 28 via automatic, source certstream-suspicious — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 21 HTTP transactions. The main IP is 194.233.67.185, located in Singapore and belongs to CAPL-AS-AP Contabo Asia Private Limited, SG. The main domain is www.panihcsurvey.payungnegeri.ac.id.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 28th 2023. Valid for: 3 months.
This is the only time www.panihcsurvey.payungnegeri.ac.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    194.233.67.185 (Singapore)

ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG)
PTR: thaif.svr.web.id
www.panihcsurvey.payungnegeri.ac.id
3    2404:6800:4003:c03::65 (Singapore)

ASN15169 (GOOGLE, US)
goo.gl
play.google.com
2    2404:6800:4003:c00::66 (Singapore)

ASN15169 (GOOGLE, US)
docs.google.com
1    2404:6800:4003:c03::8d (Singapore)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
3    2404:6800:4003:c06::5f (Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2404:6800:4003:c03::84 (Singapore)

ASN15169 (GOOGLE, US)
lh6.googleusercontent.com
5    2404:6800:4003:c00::5e (Singapore)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
11 gstatic.com
www.gstatic.com
ssl.gstatic.com
fonts.gstatic.com
549 KB
4 google.com
docs.google.com — Cisco Umbrella Rank: 131
play.google.com — Cisco Umbrella Rank: 23
18 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
1 googleusercontent.com
lh6.googleusercontent.com — Cisco Umbrella Rank: 402
174 KB
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 583
1 goo.gl
goo.gl — Cisco Umbrella Rank: 9324
1 KB
1 payungnegeri.ac.id
www.panihcsurvey.payungnegeri.ac.id
586 B
21 7
Domain Requested by
6 www.gstatic.com docs.google.com
www.gstatic.com
4 fonts.gstatic.com fonts.googleapis.com
docs.google.com
3 fonts.googleapis.com docs.google.com
2 play.google.com www.gstatic.com
2 docs.google.com www.panihcsurvey.payungnegeri.ac.id
www.gstatic.com
1 ssl.gstatic.com www.gstatic.com
1 lh6.googleusercontent.com docs.google.com
1 csp.withgoogle.com www.panihcsurvey.payungnegeri.ac.id
1 goo.gl 1 redirects
1 www.panihcsurvey.payungnegeri.ac.id
21 10

This site contains no links.

Subject Issuer Validity Valid
panihcsurvey.payungnegeri.ac.id
cPanel, Inc. Certification Authority		 2023-03-28 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.panihcsurvey.payungnegeri.ac.id/
Frame ID: C1F36C98DD765C71FAF5D667076B4066
Requests: 2 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform?usp=send_form
Frame ID: EDBF1971BA9214865E56D1C4C3CF21BB
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kuesioner 1st Panihc 2018 - STIKes Payung Negeri

Page Statistics

21
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

10
Subdomains

8
IPs

1
Countries

745 kB
Transfer

2407 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://goo.gl/forms/HnhKdXv9BZUu6g6f1 HTTP 302
  • https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform?usp=send_form

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.panihcsurvey.payungnegeri.ac.id/ 		344 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.panihcsurvey.payungnegeri.ac.id/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.233.67.185 , Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
thaif.svr.web.id
Software
Apache /
Resource Hash
48086e4dc8e1e42953a6d2903b5810939df23f1cfd35d1b88200bfb519cd95b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
344
Content-Type
text/html
Date
Tue, 28 Mar 2023 17:12:43 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 25 Oct 2018 01:51:21 GMT
Server
Apache
viewform
docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/ Frame EDBF
Redirect Chain
  • https://goo.gl/forms/HnhKdXv9BZUu6g6f1
  • https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform?usp=send_form
91 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform?usp=send_form
Requested by
Host: www.panihcsurvey.payungnegeri.ac.id
URL: https://www.panihcsurvey.payungnegeri.ac.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::66 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3b5f2845ef5fbc7da1be8053b57abf1bca6d624623c8ca804cdab3cda29a469b
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-_rZxkWZC28uyR_CmufR_SQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.panihcsurvey.payungnegeri.ac.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-_rZxkWZC28uyR_CmufR_SQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
content-security-policy-report-only
report-uri https://csp.withgoogle.com/csp/forms/prod;frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Tue, 28 Mar 2023 17:12:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
GSE
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow, nosnippet
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport script-src 'report-sample' 'nonce-9gvNNUGzvuC2yTsOB1nIYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist
content-type
application/binary
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Tue, 28 Mar 2023 17:12:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform?usp=send_form
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
prod
csp.withgoogle.com/csp/forms/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/forms/prod
Requested by
Host: www.panihcsurvey.payungnegeri.ac.id
URL: https://www.panihcsurvey.payungnegeri.ac.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::8d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.panihcsurvey.payungnegeri.ac.id/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/csp-report

Response headers
icon
fonts.googleapis.com/ Frame EDBF 		616 B
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons+Extended
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform?usp=send_form
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c116c74efa19439bd2e6ad056ee930d82c0c8ac55330bbc5a9f63885601dec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Mar 2023 17:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 17:12:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Mar 2023 17:12:44 GMT
rs=AMjVe6i_cshCOrDttZ9v-FeAcvqFyRv3CA
www.gstatic.com/_/freebird/_/ss/k=freebird.v.9JYSdb0p-EU.L.W.O/d=1/ Frame EDBF 		832 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.9JYSdb0p-EU.L.W.O/d=1/rs=AMjVe6i_cshCOrDttZ9v-FeAcvqFyRv3CA
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform?usp=send_form
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37c3f7db3455ad7ac4c18acaf3007cecdfa928d99c084d3bb1e96df9b2f49dff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 15:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
524423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105768
x-xss-protection
0
last-modified
Tue, 21 Mar 2023 16:22:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Mar 2024 15:32:21 GMT
css
fonts.googleapis.com/ Frame EDBF 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform?usp=send_form
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4548ce798e2546339584a708ae10aaf5efdcdac171fe4b2cc4b3ebf530787fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Mar 2023 17:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 16:08:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Mar 2023 17:12:44 GMT
css
fonts.googleapis.com/ Frame EDBF 		1 KB
533 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform?usp=send_form
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
97b54aae9078f47a7db889be1425b587b0aa9531a414416b53143b619c3fd367
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Mar 2023 17:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 16:09:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Mar 2023 17:12:44 GMT
googlelogo_dark_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ Frame EDBF 		1 KB
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform?usp=send_form
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 23:22:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
689
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 24 Mar 2024 23:22:16 GMT
m=viewer_base
www.gstatic.com/_/freebird/_/js/k=freebird.v.zh_CN.2XW2h3N00jw.O/d=1/rs=AMjVe6jOGKn8-p7-H_X9_caZYqKG2E3oAQ/ Frame EDBF 		390 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.zh_CN.2XW2h3N00jw.O/d=1/rs=AMjVe6jOGKn8-p7-H_X9_caZYqKG2E3oAQ/m=viewer_base
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform?usp=send_form
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c07175072f1f06e46283544d6c92b38591326949156ed89f0b4c5be9b73314dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sun, 26 Mar 2023 16:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128026
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 20:35:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Mar 2024 16:35:08 GMT
dIj-_QKSlCzYbp6_8vVRLqivL1KqAcdpyRsnHvZt7WqCAl9tq0tmlnyhLEscq9EKU5wxyjJw7Jj5ApOAb5xzE7POLuNsyDWsbPLeJw49XWHvili9NJ4Dxv0suucxfKah=w1200
lh6.googleusercontent.com/ Frame EDBF 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/dIj-_QKSlCzYbp6_8vVRLqivL1KqAcdpyRsnHvZt7WqCAl9tq0tmlnyhLEscq9EKU5wxyjJw7Jj5ApOAb5xzE7POLuNsyDWsbPLeJw49XWHvili9NJ4Dxv0suucxfKah=w1200
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform?usp=send_form
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6e8df8298e67758a793bf68c8696631ee0eeeb72764816503603791b4073cec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 17:12:45 GMT
x-content-type-options
nosniff
server
fife
etag
"v2"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="10_beakers.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177735
x-xss-protection
0
expires
Wed, 29 Mar 2023 17:12:45 GMT
qp_sprite184.svg
ssl.gstatic.com/docs/forms/ Frame EDBF 		136 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/docs/forms/qp_sprite184.svg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.9JYSdb0p-EU.L.W.O/d=1/rs=AMjVe6i_cshCOrDttZ9v-FeAcvqFyRv3CA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cec5e5d04986de1b22a3ed992f50074540c28ec7a02b945bdcb2d17df42a117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 23:33:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
495531
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13894
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 15:18:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Thu, 21 Mar 2024 23:33:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EDBF 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 10:36:04 GMT
x-content-type-options
nosniff
age
455800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 10:36:04 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame EDBF 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 10:03:38 GMT
x-content-type-options
nosniff
age
371346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Mar 2024 10:03:38 GMT
pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v19/ Frame EDBF 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/productsans/v19/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2db6bc36808d43fa89029c652636e206fa3e889b35ecf71814ab85f8ba944af3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 13:56:08 GMT
x-content-type-options
nosniff
age
11796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35060
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 17:57:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 13:56:08 GMT
m=sy31,vGOnYd,sy51,IZT63,vfuNJf,MpJwZc,n73qwf,sy1y,ws9Tlc,sy6l,sy6q,sy6s,sy6x,sy71,sy6z,sy70,siKnQd,T8YtQb,sy0,sy7,sy6,sy8,sy1,sy9,sy1x,sy3d,sy3e,V3dDOb,sy4,sy5,syi,sye,syg,syd,syh,OShpD,syf,syl,sy...
www.gstatic.com/_/freebird/_/js/k=freebird.v.zh_CN.2XW2h3N00jw.O/d=0/rs=AMjVe6jOGKn8-p7-H_X9_caZYqKG2E3oAQ/ Frame EDBF 		586 KB
191 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.zh_CN.2XW2h3N00jw.O/d=0/rs=AMjVe6jOGKn8-p7-H_X9_caZYqKG2E3oAQ/m=sy31,vGOnYd,sy51,IZT63,vfuNJf,MpJwZc,n73qwf,sy1y,ws9Tlc,sy6l,sy6q,sy6s,sy6x,sy71,sy6z,sy70,siKnQd,T8YtQb,sy0,sy7,sy6,sy8,sy1,sy9,sy1x,sy3d,sy3e,V3dDOb,sy4,sy5,syi,sye,syg,syd,syh,OShpD,syf,syl,sym,syk,syj,syn,J8mJTc,gkf10d,j2YlP,sya,cEt90b,sy22,sy23,sy50,KUM7Z,yxTchf,sy6y,xQtZb,qddgKe,sy3k,sy52,sy32,sy33,sy6m,sy6p,sy6t,wR5FRb,pXdRYb,sy2,iFQyKf,sy54,sy4i,sy6j,sy6r,YNjGDd,sy6u,PrPYRd,hc6Ubd,sy72,SpsfSb,dIoSBb,zbML3c,zr1jrb,EmZ2Bf,sy4z,sy3l,Uas9Hd,WO9ee,sy1r,sy1w,sy1z,sy21,sy2b,sy47,A4UTCb,owcnme,UUJqVe,sy1i,KornIe,CP1oW,sy1u,gZjhIf,syu,sy10,syv,syz,sy2i,sy2j,sy2g,pxq3x,sy1c,sy1q,O6y8ed,syx,sy12,sy1v,Sk9apb,syy,sbHRWb,cNHZjb,syq,sy3p,sy3r,sy2s,sy3q,sy3s,sy3t,sy3u,Xhpexc,Q91hve,syp,sy2p,sy2q,sy2r,sy2t,sy2o,mRfQQ,sy3w,sy3v,sy3x,CFa0o,szrus,sy48,VXdfxd,sy34,sy37,sy38,sy4h,sy4j,s39S4,wPRNsd,sy2e,ENNBBf,L1AAkb,QvB8bb,bCfhJc,syw,sys,u9ZRK,pItcJd,yZuGp,eFy6Rc,aW3pY,mvo1oc,KFVhZe,sy36,sy39,sy35,sy3a,sy3b,sy3c,I6YDgd,sy26,sy25,sy27,sy28,sy2h,sy24,sy29,sy2a,sy2c,sy2d,sy2f,sy2k,fgj8Rb,sy49,N5Lqpc,IvDHfc,p2tbsc,sy30,LxALBf,sy3y,sy3z,sy41,sy44,sy40,sy45,sy3j,sy1t,i5dxUd,sy42,sy43,sy46,sy4b,sy4f,sy3h,wg1P6b,EcW08c,sy4a,sy4c,sy4d,sy4e,t8tqF,SM1lmd,sy3g,sy3i,sy5e,sy5f,vofJp,Vnjw0c,QwQO1b,sy14,sy19,yfEVte,sy11,sy2z,QMSdQb,X16vkb,WdhPgc,JCrucd,sy3n,sy3m,sy3o,Ibqgte,ok0nye,DhgO0d,oZECf,syb,akEJMc,zG2TEe,CNqcN,sy4g,TOfxwf,sy4n,sy4o,sy4p,sy2v,sy2y,sy4k,sy4q,sy4r,sy4w,sy55,sy5b,sy5c,A2m8uc,jjSbr,sy57,sy58,sy5a,sy56,riEgMd,sy5g,lSvzH,sy4s,yUS4Lc,KOZzeb,sy1a,sy1d,sy1e,sy1b,xKXrob,sy15,sy1k,sy2x,DPwS9e,D8e5bc,j0HcBf,sy4y,oCiKKc,sy4l,sy4v,sy4x,sy4u,RGrRJf,OkF2xb,sy18,sy2u,sy4t,xmYr4,UmOCme,ID6c7,sy5d,rmdjlf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.zh_CN.2XW2h3N00jw.O/d=1/rs=AMjVe6jOGKn8-p7-H_X9_caZYqKG2E3oAQ/m=viewer_base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f510b86c2a39fbef7b6614ce3c8afd7ddda6111eaa750058f21914e20c6341c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 20:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
421547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
195563
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 20:35:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://docs.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Mar 2024 20:06:57 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://docs.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://docs.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 28 Mar 2023 17:12:45 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ Frame EDBF 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.zh_CN.2XW2h3N00jw.O/d=0/rs=AMjVe6jOGKn8-p7-H_X9_caZYqKG2E3oAQ/m=sy31,vGOnYd,sy51,IZT63,vfuNJf,MpJwZc,n73qwf,sy1y,ws9Tlc,sy6l,sy6q,sy6s,sy6x,sy71,sy6z,sy70,siKnQd,T8YtQb,sy0,sy7,sy6,sy8,sy1,sy9,sy1x,sy3d,sy3e,V3dDOb,sy4,sy5,syi,sye,syg,syd,syh,OShpD,syf,syl,sym,syk,syj,syn,J8mJTc,gkf10d,j2YlP,sya,cEt90b,sy22,sy23,sy50,KUM7Z,yxTchf,sy6y,xQtZb,qddgKe,sy3k,sy52,sy32,sy33,sy6m,sy6p,sy6t,wR5FRb,pXdRYb,sy2,iFQyKf,sy54,sy4i,sy6j,sy6r,YNjGDd,sy6u,PrPYRd,hc6Ubd,sy72,SpsfSb,dIoSBb,zbML3c,zr1jrb,EmZ2Bf,sy4z,sy3l,Uas9Hd,WO9ee,sy1r,sy1w,sy1z,sy21,sy2b,sy47,A4UTCb,owcnme,UUJqVe,sy1i,KornIe,CP1oW,sy1u,gZjhIf,syu,sy10,syv,syz,sy2i,sy2j,sy2g,pxq3x,sy1c,sy1q,O6y8ed,syx,sy12,sy1v,Sk9apb,syy,sbHRWb,cNHZjb,syq,sy3p,sy3r,sy2s,sy3q,sy3s,sy3t,sy3u,Xhpexc,Q91hve,syp,sy2p,sy2q,sy2r,sy2t,sy2o,mRfQQ,sy3w,sy3v,sy3x,CFa0o,szrus,sy48,VXdfxd,sy34,sy37,sy38,sy4h,sy4j,s39S4,wPRNsd,sy2e,ENNBBf,L1AAkb,QvB8bb,bCfhJc,syw,sys,u9ZRK,pItcJd,yZuGp,eFy6Rc,aW3pY,mvo1oc,KFVhZe,sy36,sy39,sy35,sy3a,sy3b,sy3c,I6YDgd,sy26,sy25,sy27,sy28,sy2h,sy24,sy29,sy2a,sy2c,sy2d,sy2f,sy2k,fgj8Rb,sy49,N5Lqpc,IvDHfc,p2tbsc,sy30,LxALBf,sy3y,sy3z,sy41,sy44,sy40,sy45,sy3j,sy1t,i5dxUd,sy42,sy43,sy46,sy4b,sy4f,sy3h,wg1P6b,EcW08c,sy4a,sy4c,sy4d,sy4e,t8tqF,SM1lmd,sy3g,sy3i,sy5e,sy5f,vofJp,Vnjw0c,QwQO1b,sy14,sy19,yfEVte,sy11,sy2z,QMSdQb,X16vkb,WdhPgc,JCrucd,sy3n,sy3m,sy3o,Ibqgte,ok0nye,DhgO0d,oZECf,syb,akEJMc,zG2TEe,CNqcN,sy4g,TOfxwf,sy4n,sy4o,sy4p,sy2v,sy2y,sy4k,sy4q,sy4r,sy4w,sy55,sy5b,sy5c,A2m8uc,jjSbr,sy57,sy58,sy5a,sy56,riEgMd,sy5g,lSvzH,sy4s,yUS4Lc,KOZzeb,sy1a,sy1d,sy1e,sy1b,xKXrob,sy15,sy1k,sy2x,DPwS9e,D8e5bc,j0HcBf,sy4y,oCiKKc,sy4l,sy4v,sy4x,sy4u,RGrRJf,OkF2xb,sy18,sy2u,sy4t,xmYr4,UmOCme,ID6c7,sy5d,rmdjlf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e2852437bb0eec00cf23e37b2152a8716ed1454ad1cfe42a8291518acd9450c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 16:47:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34461
x-xss-protection
0
last-modified
Tue, 21 Mar 2023 20:36:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 17:37:23 GMT
m=sy4m,sWGJ4b
www.gstatic.com/_/freebird/_/js/k=freebird.v.zh_CN.2XW2h3N00jw.O/d=0/rs=AMjVe6jOGKn8-p7-H_X9_caZYqKG2E3oAQ/ Frame EDBF 		2 KB
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.zh_CN.2XW2h3N00jw.O/d=0/rs=AMjVe6jOGKn8-p7-H_X9_caZYqKG2E3oAQ/m=sy4m,sWGJ4b
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.zh_CN.2XW2h3N00jw.O/d=1/rs=AMjVe6jOGKn8-p7-H_X9_caZYqKG2E3oAQ/m=viewer_base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac7f61aff6ef61bac7172e8783e73ddd5b01ec93a5b828d09938a9a1b5d813fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 07:35:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
466664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
814
x-xss-protection
0
last-modified
Wed, 22 Mar 2023 20:35:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://docs.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Mar 2024 07:35:01 GMT
log
play.google.com/ Frame EDBF 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.zh_CN.2XW2h3N00jw.O/d=1/rs=AMjVe6jOGKn8-p7-H_X9_caZYqKG2E3oAQ/m=viewer_base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
X-Goog-AuthUser
0
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 28 Mar 2023 17:12:45 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://docs.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
naLogImpressions
docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/ Frame EDBF 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/naLogImpressions
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.zh_CN.2XW2h3N00jw.O/d=1/rs=AMjVe6jOGKn8-p7-H_X9_caZYqKG2E3oAQ/m=viewer_base
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::66 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-CsiyktA30tpQt6D1CuTjVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain
1
Referer
https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform?usp=send_form
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Mar 2023 17:12:45 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-CsiyktA30tpQt6D1CuTjVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu5GxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EDBF 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5GxK.woff2
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg/viewform
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00994f426cdca41eb2fbd87b0f3610e37acb3d641b4297a5cfa3e969cd95ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
Origin
https://docs.google.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 07:10:52 GMT
x-content-type-options
nosniff
age
122513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1756
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Mar 2024 07:10:52 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

3 Cookies

Domain/Path Name / Value
.docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg Name: S
Value: spreadsheet_forms=dgt9wTfAlzAnyq-b038n3OANf2z-bx158ssGfTGe0CM
.docs.google.com/forms/d/e/1FAIpQLSfVq1vOcY6W6mPd_ULFu79dD37cGkSSVV-9_P4zgfXM2D4Lzg Name: COMPASS
Value: spreadsheet_forms=CjIACWuJV4Lv_tDkiHOAVFP8NCdC2VS4P_IZSCT0UBTl83hCMfUC_Ly0I4nzFbfOo0Nm5hCc3IyhBho0AAlriVcpIdVmuCbJm2_LlVE7imx1AO78Mh2S_3o1pn-oB-AWoVM1dNln0mRsrNuJsRYOPQ==
.google.com/ Name: NID
Value: 511=Zy19a8CYwdp4qs3shuzAcKFsWjnsPOHCvMcNZ4tDSFg-6F7bhwtC-vki_5wOF6OQPRrZ7BncLoJ9DRSoZb8FmtTPnIce9Gm696wf_MtyrGPrDL0II_wolItKXR2z6KzmlNaxdM4rwl5nLnzp-oHA85dDexvwxceZHJZG-HCJ8oU

1 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://docs.google.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csp.withgoogle.com
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
goo.gl
lh6.googleusercontent.com
play.google.com
ssl.gstatic.com
www.gstatic.com
www.panihcsurvey.payungnegeri.ac.id
194.233.67.185
2404:6800:4003:c00::5e
2404:6800:4003:c00::66
2404:6800:4003:c03::65
2404:6800:4003:c03::84
2404:6800:4003:c03::8d
2404:6800:4003:c04::5e
2404:6800:4003:c06::5f
0c116c74efa19439bd2e6ad056ee930d82c0c8ac55330bbc5a9f63885601dec6
1cec5e5d04986de1b22a3ed992f50074540c28ec7a02b945bdcb2d17df42a117
2db6bc36808d43fa89029c652636e206fa3e889b35ecf71814ab85f8ba944af3
37c3f7db3455ad7ac4c18acaf3007cecdfa928d99c084d3bb1e96df9b2f49dff
3b5f2845ef5fbc7da1be8053b57abf1bca6d624623c8ca804cdab3cda29a469b
48086e4dc8e1e42953a6d2903b5810939df23f1cfd35d1b88200bfb519cd95b1
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
6c00994f426cdca41eb2fbd87b0f3610e37acb3d641b4297a5cfa3e969cd95ee
6e8df8298e67758a793bf68c8696631ee0eeeb72764816503603791b4073cec2
97b54aae9078f47a7db889be1425b587b0aa9531a414416b53143b619c3fd367
9e2852437bb0eec00cf23e37b2152a8716ed1454ad1cfe42a8291518acd9450c
ac7f61aff6ef61bac7172e8783e73ddd5b01ec93a5b828d09938a9a1b5d813fb
c07175072f1f06e46283544d6c92b38591326949156ed89f0b4c5be9b73314dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4548ce798e2546339584a708ae10aaf5efdcdac171fe4b2cc4b3ebf530787fc
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
f510b86c2a39fbef7b6614ce3c8afd7ddda6111eaa750058f21914e20c6341c0
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615