urlscan.io logo urlscan.io
SecurityTrails logo

www.gscgh.com Open in urlscan Pro
35.209.15.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://covidpaychecks.com/
Effective URL: https://www.gscgh.com/covidpaychecks-com/
Submission: On March 09 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 86 HTTP transactions. The main IP is 35.209.15.6, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.gscgh.com.
TLS certificate: Issued by R3 on February 5th 2021. Valid for: 3 months.
This is the only time www.gscgh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)
covidpaychecks.com
41    35.209.15.6 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 6.15.209.35.bc.googleusercontent.com
www.gscgh.com
5    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
docs.google.com
www.google-analytics.com
11    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
15    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
7    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
41 www.gscgh.com www.gscgh.com
15 www.gstatic.com docs.google.com
www.gstatic.com
www.google.com
11 fonts.gstatic.com fonts.googleapis.com
www.google.com
8 www.google.com docs.google.com
www.gstatic.com
www.google.com
5 fonts.googleapis.com www.gscgh.com
docs.google.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 docs.google.com www.gscgh.com
www.gstatic.com
1 ssl.gstatic.com www.gstatic.com
1 www.googletagmanager.com www.gscgh.com
1 covidpaychecks.com 1 redirects
86 10

This site contains no links.

Subject Issuer Validity Valid
*.gscgh.com
R3		 2021-02-05 -
2021-05-06		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.gscgh.com/covidpaychecks-com/
Frame ID: EC9104779397A0D46D6A21BDC391FFC5
Requests: 49 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/viewform?embedded=true
Frame ID: 7053C8C4F84862A60390D354D7A43416
Requests: 20 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&badge=inline&cb=gnrccdog8efo
Frame ID: 1786E3927A656FFB0B7DCBF9D04476E9
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&cb=18kdycephltw
Frame ID: F8E5389E794400787D0AABDB1B8620C9
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://covidpaychecks.com/ HTTP 301
    https://www.gscgh.com/covidpaychecks-com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

86
Requests

100 %
HTTPS

91 %
IPv6

7
Domains

10
Subdomains

10
IPs

2
Countries

2345 kB
Transfer

4527 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://covidpaychecks.com/ HTTP 301
    https://www.gscgh.com/covidpaychecks-com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gscgh.com/covidpaychecks-com/
Redirect Chain
  • https://covidpaychecks.com/
  • https://www.gscgh.com/covidpaychecks-com/
78 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e1b174a46697585258c75895816623b47cb42525fe9835ad8839d0c472e39e69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
www.gscgh.com
:scheme
https
:path
/covidpaychecks-com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Tue, 09 Mar 2021 14:59:06 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
link
<https://www.gscgh.com/wp-json/>; rel="https://api.w.org/", <https://www.gscgh.com/wp-json/wp/v2/pages/26826>; rel="alternate"; type="application/json", <https://www.gscgh.com/?p=26826>; rel=shortlink
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
content-encoding
br

Redirect headers

location
https://www.gscgh.com/covidpaychecks-com/
date
Tue, 09 Mar 2021 14:59:05 GMT
content-type
text/html; charset=UTF-8
server
ghs
content-length
238
x-xss-protection
0
x-frame-options
SAMEORIGIN
style.min.css
www.gscgh.com/wp-content/themes/astra/assets/css/minified/ 		77 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.1.1
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0874c37e5c69aba47780801dddc594681ef5d3c583822f5d181f1b2b64fcf873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Sat, 06 Mar 2021 14:43:24 GMT
server
nginx
etag
W/"13442-5bcdf390ce74b"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
css
fonts.googleapis.com/ 		5 KB
753 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C%7CRoboto%3A700%2C500&display=fallback&ver=3.1.1
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0930e79737dd3423e1cbd6da2fa83e4a8f636718e13d77f207af3c639593579d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gscgh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Mar 2021 14:59:06 GMT
server
ESF
date
Tue, 09 Mar 2021 14:59:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Mar 2021 14:59:06 GMT
menu-animation.min.css
www.gscgh.com/wp-content/themes/astra/assets/css/minified/ 		3 KB
595 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=3.1.1
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b6e169ac07a49b2c9d2b726bb3c384097badcc093dc6322c9a2ba066ae8e06a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Sat, 06 Mar 2021 14:43:24 GMT
server
nginx
etag
W/"d54-5bcdf390ce74b"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
style.min.css
www.gscgh.com/wp-includes/css/dist/block-library/ 		50 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Tue, 23 Feb 2021 01:55:35 GMT
server
nginx
etag
W/"c88a-5bbf736e5e730"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
header-footer-elementor.css
www.gscgh.com/wp-content/plugins/header-footer-elementor/assets/css/ 		776 B
515 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.5.6
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Tue, 19 Jan 2021 15:05:13 GMT
server
nginx
etag
W/"308-5b9422a646ee6"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
elementor-icons.min.css
www.gscgh.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"4350-5bcd005f9ed92"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
animations.min.css
www.gscgh.com/wp-content/plugins/elementor/assets/lib/animations/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.1.3
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"4824-5bcd005fa188b"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
frontend-legacy.min.css
www.gscgh.com/wp-content/plugins/elementor/assets/css/ 		4 KB
698 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.1.3
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
237b283acb14c3a3f8d959bda8906c6d16ff7d765457b925978b4a2d0e0b37b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"f0e-5bcd005f9d23a"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
frontend.min.css
www.gscgh.com/wp-content/plugins/elementor/assets/css/ 		112 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.1.3
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2f0be5a55767208b950f45d9d08309fca187fd69a7ca3fd959fe8476869e56c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"1c173-5bcd005f9e1da"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
post-24888.css
www.gscgh.com/wp-content/uploads/elementor/css/ 		1 KB
593 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/uploads/elementor/css/post-24888.css?ver=1614976622
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
28f3655012fb59d4485f89405ddac8f209a31e9e054939aa1733bf5e4ebbf9c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:37:02 GMT
server
nginx
etag
W/"436-5bcd00be8722f"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
all.min.css
www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		58 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.3
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"e7d0-5bcd005fa14a3"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
v4-shims.min.css
www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.1.3
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"684e-5bcd005fa14a3"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
post-26826.css
www.gscgh.com/wp-content/uploads/elementor/css/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/uploads/elementor/css/post-26826.css?ver=1614996276
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
72384bab294462956c518b5311ef24cfbfd5fff9bad72fb48e9d4eb4c9f4615d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Sat, 06 Mar 2021 02:04:36 GMT
server
nginx
etag
W/"3fe7-5bcd49f60f30d"
vary
Accept-Encoding
x-proxy-cache-info
0 NC:000000 UP:
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache
MISS
frontend.css
www.gscgh.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/ 		73 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.5.6
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9a3caa688a90c6003a918ebee1b156afb87aaa2c2c6d6d04330645f5f265a364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Tue, 19 Jan 2021 15:05:13 GMT
server
nginx
etag
W/"1248f-5b9422a648a3e"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
post-24787.css
www.gscgh.com/wp-content/uploads/elementor/css/ 		31 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/uploads/elementor/css/post-24787.css?ver=1614976622
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9de0d24d4aeb885b71dbfc156a3ea03993827e238dbf2661550f4be667525e60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:37:02 GMT
server
nginx
etag
W/"7a9c-5bcd00beae338"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
css
fonts.googleapis.com/ 		42 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.6.2
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f07b87051e09aa8fc48e692839f5747df0524131a31c8205205b9a5a9490a22a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gscgh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Mar 2021 13:09:18 GMT
server
ESF
date
Tue, 09 Mar 2021 14:59:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Mar 2021 14:59:06 GMT
fontawesome.min.css
www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"e238-5bcd005fa10bb"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
solid.min.css
www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		669 B
541 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"29d-5bcd005fa10bb"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
brands.min.css
www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		675 B
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
71008cf308a9bb2a3a3ddaa973f816c0d3a11db5cc9e7bdd5498089423019b3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"2a3-5bcd005fa10bb"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
regular.min.css
www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		677 B
536 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.1
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d92b9a2423c564eda57a51dfe20565cbd27eb1d6489bf940e15d88a2142c4054
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"2a5-5bcd005fa14a3"
vary
Accept-Encoding
content-type
text/css
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
v4-shims.min.js
www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.1.3
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"3acf-5bcd005fa188b"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-181776450-1
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1bcb75c9e328385a48ea0784b578b0ff4ca7af9a00ef01e0d192b909bc635f67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.gscgh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39415
x-xss-protection
0
last-modified
Tue, 09 Mar 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Mar 2021 14:59:06 GMT
wp-emoji-release.min.js
www.gscgh.com/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Thu, 04 Feb 2021 15:49:37 GMT
server
nginx
etag
W/"3795-5ba84a6a07326"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
style.min.js
www.gscgh.com/wp-content/themes/astra/assets/js/minified/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.1.1
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
758af520af740958167ad867622e499b689a3299fa395f5697ad775f8b9ae4ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Sat, 06 Mar 2021 14:43:24 GMT
server
nginx
etag
W/"2962-5bcdf390d0a73"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
wp-embed.min.js
www.gscgh.com/wp-includes/js/ 		1 KB
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-includes/js/wp-embed.min.js?ver=5.6.2
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Thu, 04 Feb 2021 15:49:37 GMT
server
nginx
etag
W/"592-5ba84a6a07af6"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
jquery.min.js
www.gscgh.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Thu, 10 Dec 2020 01:41:20 GMT
server
nginx
etag
W/"15d98-5b61245cb1ca5"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
jquery-migrate.min.js
www.gscgh.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Thu, 10 Dec 2020 01:41:20 GMT
server
nginx
etag
W/"2bd8-5b61245cb208d"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
jquery-numerator.min.js
www.gscgh.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/ 		2 KB
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9aa9bb8be2b834059533ce5de7eed3a662ad3d3e70643bbe5f75265075e9bd28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"709-5bcd005fa2ffb"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
webpack.runtime.min.js
www.gscgh.com/wp-content/plugins/elementor/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.1.3
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
11cd8b9721b7b60336f93c6347acbc15c1b75fcc280d07782c8b6fe52d10902e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"1212-5bcd005fa476c"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
frontend-modules.min.js
www.gscgh.com/wp-content/plugins/elementor/assets/js/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.1.3
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b8ddb0c12b4549692835a16fae1a88211079db4e560babb672d5a1facdaa6a15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"fd92-5bcd005fa4f3c"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
core.min.js
www.gscgh.com/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5be7f1c5aafff9458c12362747e1ad99ea6b891b82995622e2f448427ece1480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Thu, 04 Feb 2021 15:49:37 GMT
server
nginx
etag
W/"513c-5ba84a6a09e1e"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
dialog.min.js
www.gscgh.com/wp-content/plugins/elementor/assets/lib/dialog/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"2a6f-5bcd005fa1c73"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
waypoints.min.js
www.gscgh.com/wp-content/plugins/elementor/assets/lib/waypoints/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"2fa6-5bcd005f9f17a"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
share-link.min.js
www.gscgh.com/wp-content/plugins/elementor/assets/lib/share-link/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.1.3
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"a12-5bcd005fa205b"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
swiper.min.js
www.gscgh.com/wp-content/plugins/elementor/assets/lib/swiper/ 		136 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"21f91-5bcd005fa2c13"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
frontend.min.js
www.gscgh.com/wp-content/plugins/elementor/assets/js/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.1.3
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fc79c129ef8c07cca0b3d5c12e178115e3123abad3379b7a55c7be79cb3762bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"13cd9-5bcd005fa6a94"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
preloaded-elements-handlers.min.js
www.gscgh.com/wp-content/plugins/elementor/assets/js/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/js/preloaded-elements-handlers.min.js?ver=3.1.3
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b36b8efed831470d9e7fb42787d21243bf35f78814eec348782d841480bfc1d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
W/"9420-5bcd005fa476c"
vary
Accept-Encoding
content-type
application/javascript
x-httpd
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
viewform
docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/ Frame 7053 		102 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/viewform?embedded=true
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
abafec6f7c607b5210463591b442b76b4631b6fbdc38ad08ed1e6fb13b99e318
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-QjZL0kMAaRgOkr8HhFVDSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
docs.google.com
:scheme
https
:path
/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/viewform?embedded=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gscgh.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gscgh.com/

Response headers

content-type
text/html; charset=utf-8
x-robots-tag
noindex, nofollow, nosnippet
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 09 Mar 2021 14:59:07 GMT
content-encoding
gzip
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-QjZL0kMAaRgOkr8HhFVDSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-xss-protection
1; mode=block
server
GSE
set-cookie
NID=210=OWEy4BvG6NajSAVsVX6bztOwEhxg7qo2aHjIYD1BZNcpFADpvBwVRv1taOguJlFdQN-AGTRw9A893T0rddb_y_k2oLHhuhOzHHmKLc1keuV33Jg1zqaOIKfTLqwp8ay4apRNu2gp5C1uVgsgU7kIrqXUzAx0jN6opGWVeH2DosE; expires=Wed, 08-Sep-2021 14:59:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none S=spreadsheet_forms=_dNhNgvghNqSPGQIOd041LUBfKbdBrTVZddza0H_67k; Domain=.docs.google.com; Expires=Tue, 09-Mar-2021 15:59:07 GMT; Path=/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg; Secure; HttpOnly; Priority=LOW; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
social-media-2.jpg
www.gscgh.com/wp-content/uploads/2019/06/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gscgh.com/wp-content/uploads/2019/06/social-media-2.jpg
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/wp-content/uploads/elementor/css/post-26826.css?ver=1614996276
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
588033cf790a8194a0604a7628b6cbd463c90cb7929dd5b75ca1ccddfe82bd90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/wp-content/uploads/elementor/css/post-26826.css?ver=1614996276
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
last-modified
Thu, 22 Oct 2020 17:55:56 GMT
server
nginx
etag
"8bf4-5b2462d00cf9a"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
35828
x-proxy-cache
HIT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C%7CRoboto%3A700%2C500&display=fallback&ver=3.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gscgh.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
500795
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Thu, 03 Mar 2022 19:52:31 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C%7CRoboto%3A700%2C500&display=fallback&ver=3.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gscgh.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 04:06:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
471152
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 04 Mar 2022 04:06:34 GMT
fa-solid-900.woff2
www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Origin
https://www.gscgh.com
Referer
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
"139ac-5bcd005fa0503"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
80300
x-proxy-cache
HIT
fa-brands-400.woff2
www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Origin
https://www.gscgh.com
Referer
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
"1327c-5bcd005f9fd33"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
78460
x-proxy-cache
HIT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C%7CRoboto%3A700%2C500&display=fallback&ver=3.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gscgh.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:27:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
73887
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
expires
Tue, 08 Mar 2022 18:27:39 GMT
fa-regular-400.woff2
www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Origin
https://www.gscgh.com
Referer
https://www.gscgh.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:06 GMT
last-modified
Fri, 05 Mar 2021 20:35:23 GMT
server
nginx
etag
"34ec-5bcd005f9f562"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
13548
x-proxy-cache
HIT
GSC.png
www.gscgh.com/wp-content/uploads/2020/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gscgh.com/wp-content/uploads/2020/12/GSC.png
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1b8b0a3698d0682de861eb446514b0fa39114ba1b66f4206f68559b98eab7856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:07 GMT
last-modified
Thu, 17 Dec 2020 20:35:01 GMT
server
nginx
etag
"ce7-5b6aeed1366fe"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
3303
x-proxy-cache
HIT
thumbnail-featured-client-photo-with-blue-mask.png
www.gscgh.com/wp-content/uploads/2019/12/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gscgh.com/wp-content/uploads/2019/12/thumbnail-featured-client-photo-with-blue-mask.png
Requested by
Host: www.gscgh.com
URL: https://www.gscgh.com/covidpaychecks-com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.15.6 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
6.15.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b55adbd8057be4537b7502b4986166d7f94ef8fc04a0adfcbd4c438496ab005d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.gscgh.com/covidpaychecks-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:07 GMT
last-modified
Mon, 08 Feb 2021 16:34:05 GMT
server
nginx
etag
"2976e-5bad5bcfd549a"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
169838
x-proxy-cache
HIT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-181776450-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gscgh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3391
date
Tue, 09 Mar 2021 14:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 09 Mar 2021 16:02:36 GMT
collect
www.google-analytics.com/j/ 		1 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=724672607&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gscgh.com%2Fcovidpaychecks-com%2F&ul=en-us&de=UTF-8&dt=CovidPaychecks.com%20%E2%80%93%20GSC%20Group%20Holdings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=927562947&gjid=1783317228&cid=1967349233.1615301947&tid=UA-181776450-1&_gid=1910591232.1615301947&_r=1&did=dZTNiMT&gtm=2ou2o0&z=1230190320
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gscgh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Mar 2021 14:59:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gscgh.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon
fonts.googleapis.com/ Frame 7053 		615 B
411 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons+Extended
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/viewform?embedded=true
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2215beed03a585a1d94f75cfecb90b92f4555d47e5b18bfdac68c2f298f90d64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Mar 2021 14:59:07 GMT
server
ESF
date
Tue, 09 Mar 2021 14:59:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Mar 2021 14:59:07 GMT
rs=AMjVe6jTtvyTZOoRneq93VdWwOhCG7DYPg
www.gstatic.com/_/freebird/_/ss/k=freebird.v.-1vaumhxgkdn3m.L.W.O/d=1/ct=zgms/ Frame 7053 		412 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-1vaumhxgkdn3m.L.W.O/d=1/ct=zgms/rs=AMjVe6jTtvyTZOoRneq93VdWwOhCG7DYPg
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/viewform?embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19a95c01ee7321c117818df12680b913317b7ef03da8930e5eddca122bd67551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 07:40:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 00:00:30 GMT
server
sffe
age
544700
vary
Accept-Encoding, Origin
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51295
x-xss-protection
0
expires
Thu, 03 Mar 2022 07:40:47 GMT
css
fonts.googleapis.com/ Frame 7053 		13 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/viewform?embedded=true
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b52b40cfb73b32b2b6503159ff66253fd96053e76b7c8ea7a26f0f969da6adec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Mar 2021 13:07:14 GMT
server
ESF
date
Tue, 09 Mar 2021 14:59:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Mar 2021 14:59:07 GMT
css
fonts.googleapis.com/ Frame 7053 		1 KB
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/viewform?embedded=true
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c990ea42d730bc7c524f508fc4947b8cb98b6283e0ba0001149c1eab37ddf60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Mar 2021 13:42:01 GMT
server
ESF
date
Tue, 09 Mar 2021 14:59:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Mar 2021 14:59:07 GMT
api.js
www.google.com/recaptcha/ Frame 7053 		1000 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?trustedtypes=true
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/viewform?embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
306ef7b0b71d92c18b3083391d7ca841e315b6369529b543e0139ffb441b2636
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
635
x-xss-protection
1; mode=block
expires
Tue, 09 Mar 2021 14:59:07 GMT
googlelogo_dark_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ Frame 7053 		1 KB
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/viewform?embedded=true
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 15:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
517827
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
689
x-xss-protection
0
expires
Thu, 03 Mar 2022 15:08:40 GMT
m=viewer_base
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.EnohQ6CAaR0.O/d=1/ct=zgms/rs=AMjVe6hCoo3TIL6efm17z15tRku41yfN9g/ Frame 7053 		339 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.EnohQ6CAaR0.O/d=1/ct=zgms/rs=AMjVe6hCoo3TIL6efm17z15tRku41yfN9g/m=viewer_base
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/viewform?embedded=true
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f384c2f7da981eb44273bd95db6072d1f928c3b7fbdab1715d8da1f57f4ddf19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 17:08:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 00:00:30 GMT
server
sffe
age
510661
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112297
x-xss-protection
0
expires
Thu, 03 Mar 2022 17:08:06 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7053 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-1vaumhxgkdn3m.L.W.O/d=1/ct=zgms/rs=AMjVe6jTtvyTZOoRneq93VdWwOhCG7DYPg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-1vaumhxgkdn3m.L.W.O/d=1/ct=zgms/rs=AMjVe6jTtvyTZOoRneq93VdWwOhCG7DYPg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
500796
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Wed, 10 Mar 2021 19:52:31 GMT
qp_sprite139.svg
ssl.gstatic.com/docs/forms/ Frame 7053 		106 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/docs/forms/qp_sprite139.svg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-1vaumhxgkdn3m.L.W.O/d=1/ct=zgms/rs=AMjVe6jTtvyTZOoRneq93VdWwOhCG7DYPg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
178091a70df0930d5e699190b20f9ca5d631ee1198057e9785e48e9b136c9fb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 04:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 12 Feb 2021 19:45:00 GMT
server
sffe
age
122887
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12378
x-xss-protection
0
expires
Tue, 08 Mar 2022 04:51:00 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 7053 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://docs.google.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 16:18:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
513634
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Thu, 03 Mar 2022 16:18:33 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7053 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://docs.google.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:51:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
72440
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Tue, 08 Mar 2022 18:51:47 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 7053 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://docs.google.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 01:58:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
478847
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 04 Mar 2022 01:58:20 GMT
pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v12/ Frame 7053 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/productsans/v12/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcf350ecb6d31cc6e96e08f79b3b63ae6442c379d373d4ecf3c5caaa2c3533e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://docs.google.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 11:21:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Feb 2020 02:41:42 GMT
server
sffe
age
358663
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33212
x-xss-protection
0
expires
Sat, 05 Mar 2022 11:21:24 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7053 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://docs.google.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
500796
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Thu, 03 Mar 2022 19:52:31 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/ Frame 7053 		332 KB
332 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?trustedtypes=true
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8895b0ccbd3c0a0f087c1ce61e9c87c5afa43914a2849a3e5ed043482d4de444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://docs.google.com
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:09:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 05:24:47 GMT
server
sffe
age
2964
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
339995
x-xss-protection
0
expires
Wed, 09 Mar 2022 14:09:43 GMT
m=NpD4ec,ws9Tlc,sy0,sy10,sy11,sy1,sy12,sy48,sy2a,sy4b,V3dDOb,sy1n,gkf10d,j2YlP,sy6,sy7,syc,sy8,sy9,sy24,sy26,OShpD,De38hd,sy1d,Sk9apb,J8mJTc,UUJqVe,sy2,CP1oW,syn,syl,sy1i,sy2j,syg,sy13,MpJwZc,sy28,...
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.EnohQ6CAaR0.O/d=0/ct=zgms/rs=AMjVe6hCoo3TIL6efm17z15tRku41yfN9g/ Frame 7053 		331 KB
104 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.EnohQ6CAaR0.O/d=0/ct=zgms/rs=AMjVe6hCoo3TIL6efm17z15tRku41yfN9g/m=NpD4ec,ws9Tlc,sy0,sy10,sy11,sy1,sy12,sy48,sy2a,sy4b,V3dDOb,sy1n,gkf10d,j2YlP,sy6,sy7,syc,sy8,sy9,sy24,sy26,OShpD,De38hd,sy1d,Sk9apb,J8mJTc,UUJqVe,sy2,CP1oW,syn,syl,sy1i,sy2j,syg,sy13,MpJwZc,sy28,sy2k,sy1v,sy3e,pxq3x,syy,sy1u,O6y8ed,sy3l,sy3f,sy3m,syd,sy3g,sy3n,Xhpexc,Q91hve,sya,syb,sy1z,sy3,sy20,sy22,sy23,mRfQQ,sy3b,sy3a,CFa0o,Y9atKf,s39S4,syv,sy45,L1AAkb,sy4w,KUM7Z,QvB8bb,bCfhJc,sy39,syj,u9ZRK,pItcJd,yZuGp,aW3pY,YLQSd,sy29,sy2d,sy4d,I6YDgd,sy2r,sy2s,sy4x,sy2u,sy2v,sy35,n73qwf,uiNkee,sy2q,sy36,sy37,sy38,sy49,sy4c,sy5a,sy5b,fgj8Rb,sy4z,sy50,sy51,xQtZb,IvDHfc,p2tbsc,d8PXFf,atgb9d,sy15,sy16,sy17,sy18,sy19,LxALBf,rHjpXd,sy4y,SM1lmd,QwQO1b,WdhPgc,JCrucd,ok0nye,sy2o,sy2b,sy2l,sy2m,sy2p,sy2t,sy2c,sy2g,sy1w,sy21,sy3h,sy3i,sy1x,sy2z,sy3c,sy3j,sy3q,sy2e,sy2f,sy2h,sy2i,sy2n,sy3p,OqIWSb,sbHRWb,RGrRJf,OkF2xb,sy3k,sy2x,hYei2d,sy3o,sy3t,TOfxwf,sy3x,lSvzH,xajb8d,bjxBRd,zdweue,oZECf,yUS4Lc,v4y9Mc,KOZzeb,oCiKKc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.EnohQ6CAaR0.O/d=1/ct=zgms/rs=AMjVe6hCoo3TIL6efm17z15tRku41yfN9g/m=viewer_base
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ca26f1fb6fe2d9bf6b76068029f0bbbcb90f978f09e4e5680212178843a99f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 18:52:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417994
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105906
x-xss-protection
0
last-modified
Wed, 03 Mar 2021 00:00:30 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://docs.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Mar 2022 18:52:33 GMT
anchor
www.google.com/recaptcha/api2/ Frame 1786 		19 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&badge=inline&cb=gnrccdog8efo
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0b9a1138fddae996f95327d1be36ebe3fde4824fc040d7a0b43f99c5f8d99f10
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-s+Bk1ZcoN53ZzK7FCJS7Uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&badge=inline&cb=gnrccdog8efo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://docs.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=210=OWEy4BvG6NajSAVsVX6bztOwEhxg7qo2aHjIYD1BZNcpFADpvBwVRv1taOguJlFdQN-AGTRw9A893T0rddb_y_k2oLHhuhOzHHmKLc1keuV33Jg1zqaOIKfTLqwp8ay4apRNu2gp5C1uVgsgU7kIrqXUzAx0jN6opGWVeH2DosE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://docs.google.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 09 Mar 2021 14:59:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-s+Bk1ZcoN53ZzK7FCJS7Uw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10572
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ Frame 7053 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.EnohQ6CAaR0.O/d=0/ct=zgms/rs=AMjVe6hCoo3TIL6efm17z15tRku41yfN9g/m=NpD4ec,ws9Tlc,sy0,sy10,sy11,sy1,sy12,sy48,sy2a,sy4b,V3dDOb,sy1n,gkf10d,j2YlP,sy6,sy7,syc,sy8,sy9,sy24,sy26,OShpD,De38hd,sy1d,Sk9apb,J8mJTc,UUJqVe,sy2,CP1oW,syn,syl,sy1i,sy2j,syg,sy13,MpJwZc,sy28,sy2k,sy1v,sy3e,pxq3x,syy,sy1u,O6y8ed,sy3l,sy3f,sy3m,syd,sy3g,sy3n,Xhpexc,Q91hve,sya,syb,sy1z,sy3,sy20,sy22,sy23,mRfQQ,sy3b,sy3a,CFa0o,Y9atKf,s39S4,syv,sy45,L1AAkb,sy4w,KUM7Z,QvB8bb,bCfhJc,sy39,syj,u9ZRK,pItcJd,yZuGp,aW3pY,YLQSd,sy29,sy2d,sy4d,I6YDgd,sy2r,sy2s,sy4x,sy2u,sy2v,sy35,n73qwf,uiNkee,sy2q,sy36,sy37,sy38,sy49,sy4c,sy5a,sy5b,fgj8Rb,sy4z,sy50,sy51,xQtZb,IvDHfc,p2tbsc,d8PXFf,atgb9d,sy15,sy16,sy17,sy18,sy19,LxALBf,rHjpXd,sy4y,SM1lmd,QwQO1b,WdhPgc,JCrucd,ok0nye,sy2o,sy2b,sy2l,sy2m,sy2p,sy2t,sy2c,sy2g,sy1w,sy21,sy3h,sy3i,sy1x,sy2z,sy3c,sy3j,sy3q,sy2e,sy2f,sy2h,sy2i,sy2n,sy3p,OqIWSb,sbHRWb,RGrRJf,OkF2xb,sy3k,sy2x,hYei2d,sy3o,sy3t,TOfxwf,sy3x,lSvzH,xajb8d,bjxBRd,zdweue,oZECf,yUS4Lc,v4y9Mc,KOZzeb,oCiKKc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71671cf30977c5d6566bcaf3fcdd63993d9e3286f95bef46085de9bd0d47cc25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 04:19:21 GMT
server
sffe
age
1986
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26159
x-xss-protection
0
expires
Tue, 09 Mar 2021 15:16:01 GMT
m=SBlcU,A4UTCb,sy47,VXdfxd,sy3d,sWGJ4b,sys,syt,sy58,EGNJFf,iSvg6e,sy57,uY3Nvd
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.EnohQ6CAaR0.O/d=0/ct=zgms/rs=AMjVe6hCoo3TIL6efm17z15tRku41yfN9g/ Frame 7053 		55 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.EnohQ6CAaR0.O/d=0/ct=zgms/rs=AMjVe6hCoo3TIL6efm17z15tRku41yfN9g/m=SBlcU,A4UTCb,sy47,VXdfxd,sy3d,sWGJ4b,sys,syt,sy58,EGNJFf,iSvg6e,sy57,uY3Nvd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.EnohQ6CAaR0.O/d=1/ct=zgms/rs=AMjVe6hCoo3TIL6efm17z15tRku41yfN9g/m=viewer_base
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf99620fde455a143e02e4dd3a820dc1f3386601381c53a5f4aa6ae766df52e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 20:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412019
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16354
x-xss-protection
0
last-modified
Wed, 03 Mar 2021 00:00:30 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://docs.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Mar 2022 20:32:08 GMT
naLogImpressions
docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/ Frame 7053 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/naLogImpressions
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.EnohQ6CAaR0.O/d=1/ct=zgms/rs=AMjVe6hCoo3TIL6efm17z15tRku41yfN9g/m=viewer_base
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-ml+dftZOVWv8IroRAlfFlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain
1
Referer
https://docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg/viewform?embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 09 Mar 2021 14:59:07 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-ml+dftZOVWv8IroRAlfFlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
GSE
expires
Mon, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/ Frame 1786 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&badge=inline&cb=gnrccdog8efo
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 05:24:47 GMT
server
sffe
age
1562
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Wed, 09 Mar 2022 14:33:05 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/ Frame 1786 		332 KB
332 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&badge=inline&cb=gnrccdog8efo
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8895b0ccbd3c0a0f087c1ce61e9c87c5afa43914a2849a3e5ed043482d4de444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:09:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 05:24:47 GMT
server
sffe
age
2964
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
339995
x-xss-protection
0
expires
Wed, 09 Mar 2022 14:09:43 GMT
LEWTDn-0uFEPleelj_jDU3iJDiQgFXaquEo2jgFkIt8.js
www.google.com/js/bg/ Frame 1786 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/LEWTDn-0uFEPleelj_jDU3iJDiQgFXaquEo2jgFkIt8.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c45930e7fb4b8510f95e7a58ff8c35378890e24201576aab84a368e016422df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&badge=inline&cb=gnrccdog8efo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 12:57:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
7276
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6282
x-xss-protection
0
expires
Wed, 09 Mar 2022 12:57:51 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 1786 		102 B
239 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=a7xT2d71Jli62wQMfeUUrLcO
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&badge=inline&cb=gnrccdog8efo
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b8b79e3e0e8ba996236788c3881ad0873139f6d7fe586c3a99e9fcd405d72138
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&size=invisible&badge=inline&cb=gnrccdog8efo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
1; mode=block
expires
Tue, 09 Mar 2021 14:59:07 GMT
bframe
www.google.com/recaptcha/api2/ Frame F8E5 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&cb=18kdycephltw
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
59c7fc86b41315e17359fe0dc8e8dcb928082ed927e739516509b23fae6e76af
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rQBsnj+UVx5tZQjY/Dp8NQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&cb=18kdycephltw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://docs.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=210=OWEy4BvG6NajSAVsVX6bztOwEhxg7qo2aHjIYD1BZNcpFADpvBwVRv1taOguJlFdQN-AGTRw9A893T0rddb_y_k2oLHhuhOzHHmKLc1keuV33Jg1zqaOIKfTLqwp8ay4apRNu2gp5C1uVgsgU7kIrqXUzAx0jN6opGWVeH2DosE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://docs.google.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 09 Mar 2021 14:59:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-rQBsnj+UVx5tZQjY/Dp8NQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/ Frame F8E5 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&cb=18kdycephltw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 05:24:47 GMT
server
sffe
age
1563
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Wed, 09 Mar 2022 14:33:05 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/ Frame F8E5 		332 KB
332 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&cb=18kdycephltw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8895b0ccbd3c0a0f087c1ce61e9c87c5afa43914a2849a3e5ed043482d4de444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:09:43 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 05:24:47 GMT
server
sffe
age
2965
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
339995
x-xss-protection
0
expires
Wed, 09 Mar 2022 14:09:43 GMT
reload
www.google.com/recaptcha/api2/ Frame F8E5 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
adedb4f1581df8a8d6d1cb33c0576d4b8a5fa28a4b6d1a5d09a7dd3c48fd104d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&cb=18kdycephltw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 09 Mar 2021 14:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11370
x-xss-protection
1; mode=block
expires
Tue, 09 Mar 2021 14:59:08 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame F8E5 		600 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/styles__ltr.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:11:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
74883
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
expires
Mon, 15 Mar 2021 18:11:05 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame F8E5 		530 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/styles__ltr.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 02:33:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
476730
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
expires
Thu, 11 Mar 2021 02:33:38 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame F8E5 		665 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/styles__ltr.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 10:51:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
274068
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
expires
Sat, 13 Mar 2021 10:51:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F8E5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&cb=18kdycephltw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
415063
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F8E5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&cb=18kdycephltw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 06:30:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
age
289716
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
expires
Sun, 06 Mar 2022 06:30:32 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F8E5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&cb=18kdycephltw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 06:30:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
age
289720
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
expires
Sun, 06 Mar 2022 06:30:28 GMT
LEWTDn-0uFEPleelj_jDU3iJDiQgFXaquEo2jgFkIt8.js
www.google.com/js/bg/ Frame F8E5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/LEWTDn-0uFEPleelj_jDU3iJDiQgFXaquEo2jgFkIt8.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a7xT2d71Jli62wQMfeUUrLcO/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c45930e7fb4b8510f95e7a58ff8c35378890e24201576aab84a368e016422df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&cb=18kdycephltw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 12:57:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
7277
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6282
x-xss-protection
0
expires
Wed, 09 Mar 2022 12:57:51 GMT
payload
www.google.com/recaptcha/api2/ Frame F8E5 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AGdBq26_UgpNw5GmDAAtepxl8_v0Pzf8Kjtg4Gq8gGnhTDsRsHUAkt77T0MctCPdWTMjtJXwviZppd-hDbftCBmDh6K116MldIqGS65cY-v6r37xClvgaBX6E5vLwwy-KqcoOGiNjom4Y6au3s5NoX6sNMmQG9g34imIpmP9xuRCsfIDE-9RzEAqbQvmdEFJmFCQ-Sr201-jlgeOc_NvzVtxsKgkPF7wmA&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d73f68f8f2d83cefc4df930039126e518828f9c42d0ea36f3614346453b540bc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=a7xT2d71Jli62wQMfeUUrLcO&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&cb=18kdycephltw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 14:59:08 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27515
x-xss-protection
1; mode=block
expires
Tue, 09 Mar 2021 14:59:08 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings function| a object| ___FONT_AWESOME___ object| fontawesome-free-shims function| gtag object| dataLayer object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle object| bodyElement object| wp undefined| $ function| jQuery object| webpackChunkelementor object| __core-js_shared__ object| core object| elementorModules object| DialogsManager function| Waypoint function| ShareLink function| Swiper object| elementorFrontendConfig object| regeneratorRuntime object| elementorFrontend string| waypointContextKey object| google_tag_manager object| twemoji object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 210=OWEy4BvG6NajSAVsVX6bztOwEhxg7qo2aHjIYD1BZNcpFADpvBwVRv1taOguJlFdQN-AGTRw9A893T0rddb_y_k2oLHhuhOzHHmKLc1keuV33Jg1zqaOIKfTLqwp8ay4apRNu2gp5C1uVgsgU7kIrqXUzAx0jN6opGWVeH2DosE
.gscgh.com/ Name: _gat_gtag_UA_181776450_1
Value: 1
.gscgh.com/ Name: _gid
Value: GA1.2.1910591232.1615301947
.docs.google.com/forms/d/e/1FAIpQLSfWrargNP5MLkK_tOu7Nxd_lexbKdYuY1r7lcg_RbEcJNpvzg Name: S
Value: spreadsheet_forms=_dNhNgvghNqSPGQIOd041LUBfKbdBrTVZddza0H_67k
.gscgh.com/ Name: _ga
Value: GA1.2.1967349233.1615301947

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.gscgh.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

covidpaychecks.com
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
ssl.gstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gscgh.com
www.gstatic.com
2001:4860:4802:32::15
2a00:1450:4001:800::200e
2a00:1450:4001:803::2004
2a00:1450:4001:809::2008
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
35.209.15.6
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0874c37e5c69aba47780801dddc594681ef5d3c583822f5d181f1b2b64fcf873
0930e79737dd3423e1cbd6da2fa83e4a8f636718e13d77f207af3c639593579d
0b9a1138fddae996f95327d1be36ebe3fde4824fc040d7a0b43f99c5f8d99f10
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
11cd8b9721b7b60336f93c6347acbc15c1b75fcc280d07782c8b6fe52d10902e
178091a70df0930d5e699190b20f9ca5d631ee1198057e9785e48e9b136c9fb3
19a95c01ee7321c117818df12680b913317b7ef03da8930e5eddca122bd67551
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd
1b8b0a3698d0682de861eb446514b0fa39114ba1b66f4206f68559b98eab7856
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bcb75c9e328385a48ea0784b578b0ff4ca7af9a00ef01e0d192b909bc635f67
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2215beed03a585a1d94f75cfecb90b92f4555d47e5b18bfdac68c2f298f90d64
237b283acb14c3a3f8d959bda8906c6d16ff7d765457b925978b4a2d0e0b37b6
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
28f3655012fb59d4485f89405ddac8f209a31e9e054939aa1733bf5e4ebbf9c2
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
2c45930e7fb4b8510f95e7a58ff8c35378890e24201576aab84a368e016422df
2f0be5a55767208b950f45d9d08309fca187fd69a7ca3fd959fe8476869e56c0
306ef7b0b71d92c18b3083391d7ca841e315b6369529b543e0139ffb441b2636
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
588033cf790a8194a0604a7628b6cbd463c90cb7929dd5b75ca1ccddfe82bd90
59c7fc86b41315e17359fe0dc8e8dcb928082ed927e739516509b23fae6e76af
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5be7f1c5aafff9458c12362747e1ad99ea6b891b82995622e2f448427ece1480
5ca26f1fb6fe2d9bf6b76068029f0bbbcb90f978f09e4e5680212178843a99f1
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71008cf308a9bb2a3a3ddaa973f816c0d3a11db5cc9e7bdd5498089423019b3e
71671cf30977c5d6566bcaf3fcdd63993d9e3286f95bef46085de9bd0d47cc25
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
72384bab294462956c518b5311ef24cfbfd5fff9bad72fb48e9d4eb4c9f4615d
758af520af740958167ad867622e499b689a3299fa395f5697ad775f8b9ae4ea
8895b0ccbd3c0a0f087c1ce61e9c87c5afa43914a2849a3e5ed043482d4de444
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8c990ea42d730bc7c524f508fc4947b8cb98b6283e0ba0001149c1eab37ddf60
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
9a3caa688a90c6003a918ebee1b156afb87aaa2c2c6d6d04330645f5f265a364
9aa9bb8be2b834059533ce5de7eed3a662ad3d3e70643bbe5f75265075e9bd28
9de0d24d4aeb885b71dbfc156a3ea03993827e238dbf2661550f4be667525e60
abafec6f7c607b5210463591b442b76b4631b6fbdc38ad08ed1e6fb13b99e318
adedb4f1581df8a8d6d1cb33c0576d4b8a5fa28a4b6d1a5d09a7dd3c48fd104d
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b36b8efed831470d9e7fb42787d21243bf35f78814eec348782d841480bfc1d4
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b52b40cfb73b32b2b6503159ff66253fd96053e76b7c8ea7a26f0f969da6adec
b55adbd8057be4537b7502b4986166d7f94ef8fc04a0adfcbd4c438496ab005d
b6e169ac07a49b2c9d2b726bb3c384097badcc093dc6322c9a2ba066ae8e06a8
b8b79e3e0e8ba996236788c3881ad0873139f6d7fe586c3a99e9fcd405d72138
b8ddb0c12b4549692835a16fae1a88211079db4e560babb672d5a1facdaa6a15
bcf350ecb6d31cc6e96e08f79b3b63ae6442c379d373d4ecf3c5caaa2c3533e8
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
d73f68f8f2d83cefc4df930039126e518828f9c42d0ea36f3614346453b540bc
d92b9a2423c564eda57a51dfe20565cbd27eb1d6489bf940e15d88a2142c4054
e1b174a46697585258c75895816623b47cb42525fe9835ad8839d0c472e39e69
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf99620fde455a143e02e4dd3a820dc1f3386601381c53a5f4aa6ae766df52e
f07b87051e09aa8fc48e692839f5747df0524131a31c8205205b9a5a9490a22a
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f384c2f7da981eb44273bd95db6072d1f928c3b7fbdab1715d8da1f57f4ddf19
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c
fc79c129ef8c07cca0b3d5c12e178115e3123abad3379b7a55c7be79cb3762bd
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40