employee-covidnotice.aegpresents.com Open in urlscan Pro
35.202.254.90  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response employee-covidnotice.aegpresents.com/	2 KB 2 KB	515ms 118ms	Document text/html	35.202.254.90 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://employee-covidnotice.aegpresents.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 35.202.254.90 , United States, ASN15169 (GOOGLE, US), Reverse DNS 90.254.202.35.bc.googleusercontent.com Software nginx/1.16.1 / PHP/7.3.22 Resource Hash 497e62a14e2925e55890f64271cbcf198f7f61a248407b158b2ba5e0032d0283 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx/1.16.1 Date Sat, 30 Oct 2021 00:30:45 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.3.22
GET H2	200	AEG%20Presents%20Logo.jpg www.aegworldwide.com/sites/default/files/styles/large/public/press-release/2019-03/	53 KB 53 KB	80ms 37ms	Image image/jpeg	104.18.12.244 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aegworldwide.com/sites/default/files/styles/large/public/press-release/2019-03/AEG%20Presents%20Logo.jpg?itok=DfKmBLg4 Requested by Host: employee-covidnotice.aegpresents.com URL: https://employee-covidnotice.aegpresents.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.18.12.244 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6d68e7225c8fbb638917ec7f72073a5dbf5c96edf6f711ef970b56e9717f2f2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://employee-covidnotice.aegpresents.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 30 Oct 2021 00:30:45 GMT via varnish x-content-type-options nosniff cf-cache-status HIT x-geo-country DE x-cache MISS cf-bgj h2pri x-ah-environment prod content-length 54088 x-request-id v-7dd3bb90-3837-11ec-8dc2-c381a764327b last-modified Wed, 13 Mar 2019 22:25:36 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary X-Geo-Country, Accept-Encoding content-type image/jpeg cache-control max-age=1209600 accept-ranges bytes cf-ray 6a60896d38fafad4-DUS expires Thu, 11 Nov 2021 21:39:12 GMT
GET H2	200	viewform Show response docs.google.com/forms/d/e/1FAIpQLScFZkQM2mWVfoBx7PvI7EtkxouhW5AUQ_vL6CI-NdepusQbzw/ Frame E8FA	264 KB 39 KB	329ms 291ms	Document text/html	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://docs.google.com/forms/d/e/1FAIpQLScFZkQM2mWVfoBx7PvI7EtkxouhW5AUQ_vL6CI-NdepusQbzw/viewform?embedded=true Requested by Host: employee-covidnotice.aegpresents.com URL: https://employee-covidnotice.aegpresents.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software GSE / Resource Hash 1c0a5e15adb64a70939986fb41348d50db7ed2eda1e01cabc64a07787680b9be Security Headers Name Value Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-EiPm8fPC8OVRjH92n48CXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval' X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://employee-covidnotice.aegpresents.com/ Response headers content-type text/html; charset=utf-8 x-robots-tag noindex, nofollow, nosnippet cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sat, 30 Oct 2021 00:30:45 GMT content-encoding gzip p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." content-security-policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-EiPm8fPC8OVRjH92n48CXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval' referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff x-xss-protection 1; mode=block server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	icon fonts.googleapis.com/ Frame E8FA	616 B 464 B	59ms 23ms	Stylesheet text/css	142.250.185.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons+Extended Requested by Host: docs.google.com URL: https://docs.google.com/forms/d/e/1FAIpQLScFZkQM2mWVfoBx7PvI7EtkxouhW5AUQ_vL6CI-NdepusQbzw/viewform?embedded=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f10.1e100.net Software ESF / Resource Hash 9210819afdf10794a5bb0820bbe365d32fa74b835929bc8952378acdefc1797e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://docs.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 30 Oct 2021 00:30:45 GMT server ESF date Sat, 30 Oct 2021 00:30:45 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Sat, 30 Oct 2021 00:30:45 GMT
GET H2	200	rs=AMjVe6gdHUfjZcOk8F9OP0lkf_4-8wzwSQ www.gstatic.com/_/freebird/_/ss/k=freebird.v.70tapx5yuzop.L.W.O/d=1/ Frame E8FA	406 KB 50 KB	52ms 16ms	Stylesheet text/css	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.70tapx5yuzop.L.W.O/d=1/rs=AMjVe6gdHUfjZcOk8F9OP0lkf_4-8wzwSQ Requested by Host: docs.google.com URL: https://docs.google.com/forms/d/e/1FAIpQLScFZkQM2mWVfoBx7PvI7EtkxouhW5AUQ_vL6CI-NdepusQbzw/viewform?embedded=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash cd95651f142cc623728ad286ab93b529898142a9b9be905dd67c055ad846486f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://docs.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 26 Oct 2021 20:40:22 GMT content-encoding gzip x-content-type-options nosniff age 273023 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 50941 x-xss-protection 0 last-modified Tue, 26 Oct 2021 14:21:14 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="apps-forms" expires Wed, 26 Oct 2022 20:40:22 GMT
GET H2	200	css fonts.googleapis.com/ Frame E8FA	13 KB 1 KB	58ms 22ms	Stylesheet text/css	142.250.185.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext Requested by Host: docs.google.com URL: https://docs.google.com/forms/d/e/1FAIpQLScFZkQM2mWVfoBx7PvI7EtkxouhW5AUQ_vL6CI-NdepusQbzw/viewform?embedded=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f10.1e100.net Software ESF / Resource Hash a8e157462bbb323e3c3b14d0248476188057c5ed0ef62aac748c1110a17fc19f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://docs.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 29 Oct 2021 23:18:58 GMT server ESF date Sat, 30 Oct 2021 00:30:45 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Sat, 30 Oct 2021 00:30:45 GMT
GET H2	200	css fonts.googleapis.com/ Frame E8FA	1 KB 1 KB	57ms 22ms	Stylesheet text/css	142.250.185.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext Requested by Host: docs.google.com URL: https://docs.google.com/forms/d/e/1FAIpQLScFZkQM2mWVfoBx7PvI7EtkxouhW5AUQ_vL6CI-NdepusQbzw/viewform?embedded=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f10.1e100.net Software ESF / Resource Hash 8815526f7d2667c75297c2094dace87a1aeb879f5f79e17195cd077a783b03c5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://docs.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 29 Oct 2021 23:13:10 GMT server ESF date Sat, 30 Oct 2021 00:30:45 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Sat, 30 Oct 2021 00:30:45 GMT
GET H2	200	googlelogo_dark_clr_74x24px.svg www.gstatic.com/images/branding/googlelogo/svg/ Frame E8FA	1 KB 958 B	20ms 20ms	Image image/svg+xml	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg Requested by Host: docs.google.com URL: https://docs.google.com/forms/d/e/1FAIpQLScFZkQM2mWVfoBx7PvI7EtkxouhW5AUQ_vL6CI-NdepusQbzw/viewform?embedded=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://docs.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sun, 24 Oct 2021 12:10:02 GMT content-encoding gzip x-content-type-options nosniff age 476443 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 689 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/svg+xml cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 24 Oct 2022 12:10:02 GMT
GET H2	200	m=viewer_base Show response www.gstatic.com/_/freebird/_/js/k=freebird.v.de.IgAQK4t4CdQ.O/d=1/rs=AMjVe6gPwedtL9EeHyBkT0VOhHBUseJ4-Q/ Frame E8FA	339 KB 110 KB	16ms 15ms	Script text/javascript	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.IgAQK4t4CdQ.O/d=1/rs=AMjVe6gPwedtL9EeHyBkT0VOhHBUseJ4-Q/m=viewer_base Requested by Host: docs.google.com URL: https://docs.google.com/forms/d/e/1FAIpQLScFZkQM2mWVfoBx7PvI7EtkxouhW5AUQ_vL6CI-NdepusQbzw/viewform?embedded=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash 9f31fb94a0d8fd985d3a130287d8999bee1ebd2d44a6969c5e5a6110a61fe529 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://docs.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 27 Oct 2021 17:31:34 GMT content-encoding gzip x-content-type-options nosniff age 197951 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112463 x-xss-protection 0 last-modified Tue, 26 Oct 2021 14:21:14 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]} content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="apps-forms" expires Thu, 27 Oct 2022 17:31:34 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/ Frame E8FA	15 KB 16 KB	57ms 16ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://docs.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 27 Oct 2021 16:31:41 GMT x-content-type-options nosniff age 201544 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 27 Oct 2022 16:31:41 GMT
GET DATA	200 OK	truncated / Frame E8FA	266 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	qp_sprite154.svg ssl.gstatic.com/docs/forms/ Frame E8FA	115 KB 14 KB	58ms 17ms	Image image/svg+xml	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.gstatic.com/docs/forms/qp_sprite154.svg Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.70tapx5yuzop.L.W.O/d=1/rs=AMjVe6gdHUfjZcOk8F9OP0lkf_4-8wzwSQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash f515960b6c24cee30cfcaec3652938ad3fd8f0b21b19a17515d3770e78af2c6c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gstatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 20:20:53 GMT content-encoding br x-content-type-options nosniff age 101392 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13435 x-xss-protection 0 last-modified Fri, 15 Oct 2021 19:48:00 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]} content-type image/svg+xml cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="docs" expires Fri, 28 Oct 2022 20:20:53 GMT
GET H2	200	4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 fonts.gstatic.com/s/googlesans/v36/ Frame E8FA	21 KB 21 KB	62ms 31ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://docs.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 25 Oct 2021 18:21:26 GMT x-content-type-options nosniff age 367759 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21424 x-xss-protection 0 last-modified Wed, 01 Sep 2021 18:08:24 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 25 Oct 2022 18:21:26 GMT
GET H2	200	4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 fonts.gstatic.com/s/googlesans/v36/ Frame E8FA	21 KB 21 KB	70ms 40ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://docs.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 02:15:39 GMT x-content-type-options nosniff age 166506 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21660 x-xss-protection 0 last-modified Wed, 01 Sep 2021 18:07:18 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 28 Oct 2022 02:15:39 GMT
GET H2	200	pxiDypQkot1TnFhsFMOfGShVF9eO.woff2 fonts.gstatic.com/s/productsans/v13/ Frame E8FA	34 KB 34 KB	78ms 49ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/productsans/v13/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://docs.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 08:56:07 GMT x-content-type-options nosniff age 142478 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35140 x-xss-protection 0 last-modified Mon, 19 Apr 2021 22:53:52 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 28 Oct 2022 08:56:07 GMT
GET H3	200	m=MpJwZc,n73qwf,sy18,ws9Tlc,sy0,syx,syy,syz,sy1,sy10,sy17,sy30,sy31,V3dDOb,sy2l,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy1y,OShpD,syw,sy14,sy19,sy11,sy1a,sy1l,sy3h,A4UTCb,sy2,owcnme,sy24,sy25,sy2q,sy2s,Sk9ap... Show response www.gstatic.com/_/freebird/_/js/k=freebird.v.de.IgAQK4t4CdQ.O/d=0/rs=AMjVe6gPwedtL9EeHyBkT0VOhHBUseJ4-Q/ Frame E8FA	468 KB 145 KB	76ms 54ms	XHR text/javascript	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.IgAQK4t4CdQ.O/d=0/rs=AMjVe6gPwedtL9EeHyBkT0VOhHBUseJ4-Q/m=MpJwZc,n73qwf,sy18,ws9Tlc,sy0,syx,syy,syz,sy1,sy10,sy17,sy30,sy31,V3dDOb,sy2l,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy1y,OShpD,syw,sy14,sy19,sy11,sy1a,sy1l,sy3h,A4UTCb,sy2,owcnme,sy24,sy25,sy2q,sy2s,Sk9apb,J8mJTc,UUJqVe,CP1oW,eFy6Rc,syq,KornIe,syi,syg,sy1q,sy15,sy1r,sy2o,pxq3x,syu,sy2m,O6y8ed,sy37,sy38,sy3a,syb,sy39,sy3b,Xhpexc,Q91hve,sy9,sy3,sy2u,sy2v,mRfQQ,sy3d,sy3c,CFa0o,sy3i,VXdfxd,sy3j,sy4p,sy4q,YwHGTd,sy3r,sy3s,sy3p,sy3v,sy3q,sy3t,sy3w,sy3u,sy3x,sy3y,s39S4,wPRNsd,sy1o,ENNBBf,L1AAkb,sy1b,KUM7Z,QvB8bb,bCfhJc,sy2p,syc,u9ZRK,pItcJd,yZuGp,aW3pY,sy2x,sy2y,sy2z,I6YDgd,N5Lqpc,sy1f,sy1g,sy1c,sy1h,sy1i,sy1s,sy1d,sy1e,sy1j,sy1k,sy1m,sy1n,sy1p,sy1t,fgj8Rb,sy5m,sy5n,sy5o,xQtZb,IvDHfc,sy3e,sy35,sy2n,i5dxUd,sy3f,sy3g,sy3k,sy34,wg1P6b,EcW08c,sy3l,sy3m,sy3n,t8tqF,sy13,p2tbsc,sy1z,sy20,sy21,sy22,LxALBf,sy33,sy46,sy4c,vofJp,sy4g,SM1lmd,QwQO1b,WdhPgc,sy27,sy2a,QMSdQb,JCrucd,ok0nye,sy29,xmYr4,sy1w,sy1u,sy2w,sy3o,sy42,sy4d,sy4e,sy3z,sy43,sy4b,sy40,sy36,sy4i,sy48,sy49,sy4a,sy1x,sbHRWb,hYei2d,sy4j,sy1v,sy44,sy45,sy47,pFu8T,TOfxwf,riEgMd,sy4h,RGrRJf,lSvzH,OkF2xb,oZECf,ID6c7,sy41,sy4n,sy4o,rmdjlf,A2m8uc,yUS4Lc,KOZzeb,sy4f,oCiKKc,rxfmRc,OZjhxc,lLliLe,D8e5bc,j0HcBf,lWjoT,sW52Ae,liFoG,UmOCme Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.IgAQK4t4CdQ.O/d=1/rs=AMjVe6gPwedtL9EeHyBkT0VOhHBUseJ4-Q/m=viewer_base Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash fa86fbe372b720814ebc890f5470f5f7e131c1202f388f9b679e846aa31091fc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://docs.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 30 Oct 2021 00:30:45 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 148292 x-xss-protection 0 last-modified Tue, 26 Oct 2021 14:21:14 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin https://docs.google.com cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="apps-forms" expires Sun, 30 Oct 2022 00:30:45 GMT
GET H3	200	lazy.min.js Show response www.gstatic.com/feedback/js/help/prod/service/ Frame E8FA	80 KB 29 KB	17ms 16ms	Script text/javascript	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.IgAQK4t4CdQ.O/d=0/rs=AMjVe6gPwedtL9EeHyBkT0VOhHBUseJ4-Q/m=MpJwZc,n73qwf,sy18,ws9Tlc,sy0,syx,syy,syz,sy1,sy10,sy17,sy30,sy31,V3dDOb,sy2l,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy1y,OShpD,syw,sy14,sy19,sy11,sy1a,sy1l,sy3h,A4UTCb,sy2,owcnme,sy24,sy25,sy2q,sy2s,Sk9apb,J8mJTc,UUJqVe,CP1oW,eFy6Rc,syq,KornIe,syi,syg,sy1q,sy15,sy1r,sy2o,pxq3x,syu,sy2m,O6y8ed,sy37,sy38,sy3a,syb,sy39,sy3b,Xhpexc,Q91hve,sy9,sy3,sy2u,sy2v,mRfQQ,sy3d,sy3c,CFa0o,sy3i,VXdfxd,sy3j,sy4p,sy4q,YwHGTd,sy3r,sy3s,sy3p,sy3v,sy3q,sy3t,sy3w,sy3u,sy3x,sy3y,s39S4,wPRNsd,sy1o,ENNBBf,L1AAkb,sy1b,KUM7Z,QvB8bb,bCfhJc,sy2p,syc,u9ZRK,pItcJd,yZuGp,aW3pY,sy2x,sy2y,sy2z,I6YDgd,N5Lqpc,sy1f,sy1g,sy1c,sy1h,sy1i,sy1s,sy1d,sy1e,sy1j,sy1k,sy1m,sy1n,sy1p,sy1t,fgj8Rb,sy5m,sy5n,sy5o,xQtZb,IvDHfc,sy3e,sy35,sy2n,i5dxUd,sy3f,sy3g,sy3k,sy34,wg1P6b,EcW08c,sy3l,sy3m,sy3n,t8tqF,sy13,p2tbsc,sy1z,sy20,sy21,sy22,LxALBf,sy33,sy46,sy4c,vofJp,sy4g,SM1lmd,QwQO1b,WdhPgc,sy27,sy2a,QMSdQb,JCrucd,ok0nye,sy29,xmYr4,sy1w,sy1u,sy2w,sy3o,sy42,sy4d,sy4e,sy3z,sy43,sy4b,sy40,sy36,sy4i,sy48,sy49,sy4a,sy1x,sbHRWb,hYei2d,sy4j,sy1v,sy44,sy45,sy47,pFu8T,TOfxwf,riEgMd,sy4h,RGrRJf,lSvzH,OkF2xb,oZECf,ID6c7,sy41,sy4n,sy4o,rmdjlf,A2m8uc,yUS4Lc,KOZzeb,sy4f,oCiKKc,rxfmRc,OZjhxc,lLliLe,D8e5bc,j0HcBf,lWjoT,sW52Ae,liFoG,UmOCme Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash 5fa8123ad37955bf3a3b55c995796b191ec472f67601c18e422f91292580cd56 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://docs.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 30 Oct 2021 00:29:21 GMT content-encoding gzip x-content-type-options nosniff age 84 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29364 x-xss-protection 0 last-modified Thu, 28 Oct 2021 16:26:19 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]} content-type text/javascript cache-control public, max-age=3000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="product-feedback-gathering" expires Sat, 30 Oct 2021 01:19:21 GMT
GET H3	200	m=sWGJ4b,syn,sym,syo,EGNJFf,iSvg6e,uY3Nvd Show response www.gstatic.com/_/freebird/_/js/k=freebird.v.de.IgAQK4t4CdQ.O/d=0/rs=AMjVe6gPwedtL9EeHyBkT0VOhHBUseJ4-Q/ Frame E8FA	22 KB 22 KB	16ms 16ms	XHR text/javascript	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.IgAQK4t4CdQ.O/d=0/rs=AMjVe6gPwedtL9EeHyBkT0VOhHBUseJ4-Q/m=sWGJ4b,syn,sym,syo,EGNJFf,iSvg6e,uY3Nvd Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.IgAQK4t4CdQ.O/d=1/rs=AMjVe6gPwedtL9EeHyBkT0VOhHBUseJ4-Q/m=viewer_base Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash 4683cfb3aaefb3b27736d56fac558fe20455538b756e005c2d9eaeb0e670d3dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://docs.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 02:53:52 GMT x-content-type-options nosniff age 164213 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22595 x-xss-protection 0 last-modified Tue, 26 Oct 2021 14:21:14 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin https://docs.google.com cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="apps-forms" expires Fri, 28 Oct 2022 02:53:52 GMT
POST H3	204	naLogImpressions Show response docs.google.com/forms/d/e/1FAIpQLScFZkQM2mWVfoBx7PvI7EtkxouhW5AUQ_vL6CI-NdepusQbzw/ Frame E8FA	0 13 B	162ms 126ms	XHR text/plain	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://docs.google.com/forms/d/e/1FAIpQLScFZkQM2mWVfoBx7PvI7EtkxouhW5AUQ_vL6CI-NdepusQbzw/naLogImpressions Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.IgAQK4t4CdQ.O/d=1/rs=AMjVe6gPwedtL9EeHyBkT0VOhHBUseJ4-Q/m=viewer_base Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software GSE / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-6zcBBf8MX+MDwFYPe71Vlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval' Request headers X-Same-Domain 1 Referer https://docs.google.com/forms/d/e/1FAIpQLScFZkQM2mWVfoBx7PvI7EtkxouhW5AUQ_vL6CI-NdepusQbzw/viewform?embedded=true Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers pragma no-cache date Sat, 30 Oct 2021 00:30:46 GMT cache-control no-cache, no-store, max-age=0, must-revalidate content-security-policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-6zcBBf8MX+MDwFYPe71Vlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server GSE expires Mon, 01 Jan 1990 00:00:00 GMT

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.docs.google.com/forms/d/e/1FAIpQLScFZkQM2mWVfoBx7PvI7EtkxouhW5AUQ_vL6CI-NdepusQbzw	1970-01-19 22:19:17	Name: S Value: spreadsheet_forms=dmm197xNhjMs6StqeBfAv0qLlAOVogyUEv0GeAlz2g0
			.google.com/	1970-01-20 02:42:45	Name: NID Value: 511=ikrokrDjW3U7SW7sYmmWeL_reJCWZNuI2DXu0Ee9TFqSrOD-d0bQf-sGPlMyrusdmKqy2YjeAZPVLusfkUPqG5sklC81IM2vlkPEyIs2ef9oZQKJNs6Dn6yhbJwwNx4zgo6wrtR1vcvi2b5hxHlBo1T1UhOxKeO_qwtUcsjuiQc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

docs.google.com
employee-covidnotice.aegpresents.com
fonts.googleapis.com
fonts.gstatic.com
ssl.gstatic.com
www.aegworldwide.com
www.gstatic.com
104.18.12.244
142.250.184.227
142.250.185.163
142.250.185.234
142.250.186.35
142.250.186.46
35.202.254.90
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1c0a5e15adb64a70939986fb41348d50db7ed2eda1e01cabc64a07787680b9be
4683cfb3aaefb3b27736d56fac558fe20455538b756e005c2d9eaeb0e670d3dd
497e62a14e2925e55890f64271cbcf198f7f61a248407b158b2ba5e0032d0283
57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43
5fa8123ad37955bf3a3b55c995796b191ec472f67601c18e422f91292580cd56
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
8815526f7d2667c75297c2094dace87a1aeb879f5f79e17195cd077a783b03c5
9210819afdf10794a5bb0820bbe365d32fa74b835929bc8952378acdefc1797e
9f31fb94a0d8fd985d3a130287d8999bee1ebd2d44a6969c5e5a6110a61fe529
a6d68e7225c8fbb638917ec7f72073a5dbf5c96edf6f711ef970b56e9717f2f2
a8e157462bbb323e3c3b14d0248476188057c5ed0ef62aac748c1110a17fc19f
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd95651f142cc623728ad286ab93b529898142a9b9be905dd67c055ad846486f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
f515960b6c24cee30cfcaec3652938ad3fd8f0b21b19a17515d3770e78af2c6c
fa86fbe372b720814ebc890f5470f5f7e131c1202f388f9b679e846aa31091fc