www.aca-obamacare.xyz Open in urlscan Pro
2607:f8b0:4023:1::79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.aca-obamacare.xyz/
Submission: On December 03 via api (December 3rd 2023, 5:55:35 am UTC) from US — Scanned from US

Summary HTTP 57 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 9 domains to perform 57 HTTP transactions. The main IP is 2607:f8b0:4023:1::79, located in Clarksville, United States and belongs to GOOGLE, US. The main domain is www.aca-obamacare.xyz.
TLS certificate: Issued by GTS CA 1D4 on October 30th 2023. Valid for: 3 months.

This is the only time www.aca-obamacare.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2607:f8b0:402... 2607:f8b0:4023:1::79	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4024:c09::5f	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:402... 2607:f8b0:4023:1::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4023::8a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4023:1::61	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4024:c09::84	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:402... 2607:f8b0:4024:c01::5e	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:402... 2607:f8b0:4024:c01::71	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:402... 2607:f8b0:4024:c02::8b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4024:c09::64	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4024:c09::8d	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4024:c02::5e	15169 (GOOGLE) (GOOGLE)
57	14

3 2607:f8b0:4023:1::79 (Clarksville, United States)

ASN15169 (GOOGLE, US)

www.aca-obamacare.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4024:c09::5f (Clarksville, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4023:1::5e (Clarksville, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4023::8a (Clarksville, United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1::61 (Clarksville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4024:c09::84 (Clarksville, United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh7-us.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4024:c01::5e (Clarksville, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4024:c01::71 (Clarksville, United States)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4024:c02::8b (Clarksville, United States)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4024:c09::64 (Clarksville, United States)

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4024:c09::8d (Clarksville, United States)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4024:c02::5e (Clarksville, United States)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	gstatic.com www.gstatic.com fonts.gstatic.com ssl.gstatic.com	1 MB
18	google.com apis.google.com — Cisco Umbrella Rank: 116 play.google.com — Cisco Umbrella Rank: 32 docs.google.com — Cisco Umbrella Rank: 126 drive.google.com — Cisco Umbrella Rank: 294	607 KB
4	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 48 lh5.googleusercontent.com — Cisco Umbrella Rank: 169 lh7-us.googleusercontent.com — Cisco Umbrella Rank: 664	2 MB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
3	aca-obamacare.xyz www.aca-obamacare.xyz	12 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	313 B
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 415
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	91 KB
0	Failed function sub() { [native code] }. Failed
57	9

	Domain	Requested by
10	www.gstatic.com	www.aca-obamacare.xyz www.gstatic.com
7	docs.google.com	www.gstatic.com docs.google.com
7	fonts.gstatic.com	fonts.googleapis.com docs.google.com
6	play.google.com	www.gstatic.com docs.google.com
4	ssl.gstatic.com	docs.google.com
4	fonts.googleapis.com	www.aca-obamacare.xyz docs.google.com
3	apis.google.com	www.aca-obamacare.xyz apis.google.com
3	www.aca-obamacare.xyz	www.gstatic.com
2	lh7-us.googleusercontent.com	docs.google.com
2	drive.google.com	www.gstatic.com www.aca-obamacare.xyz
2	www.google-analytics.com	www.googletagmanager.com
1	csp.withgoogle.com	www.aca-obamacare.xyz
1	lh5.googleusercontent.com	www.aca-obamacare.xyz
1	lh3.googleusercontent.com	www.aca-obamacare.xyz
1	www.googletagmanager.com	www.aca-obamacare.xyz
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	docs.google.com
57	16

This site contains links to these domains. Also see Links.

Domain
docs.google.com

Subject Issuer	Validity	Valid
www.aca-obamacare.xyz GTS CA 1D4	`2023-10-30` - `2024-01-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.aca-obamacare.xyz/
Frame ID: 9759C16647DBF0BFF5C72C0977A76A96
Requests: 29 HTTP requests in this frame

Frame: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed
Frame ID: 223CFD5FA279A514922A471652AFD1FF
Requests: 22 HTTP requests in this frame

Frame: https://drive.google.com/auth_warmup
Frame ID: 897C44E8651C4858612F6948422CDCEA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Affrodable Care Acte

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

57
Requests

95 %
HTTPS

100 %
IPv6

9
Domains

16
Subdomains

14
IPs

1
Countries

3332 kB
Transfer

7674 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/present

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.aca-obamacare.xyz/ 46 KB
11 KB 529ms
398ms Document
text/html 2607:f8b0:4023:1::79
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aca-obamacare.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1::79 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0204a78137c3525aa41965604466f344efd80cac8365eadeec7bc4196e332be6

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-usbz54odY1n6ncB_PGB0cg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-usbz54odY1n6ncB_PGB0cg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type: text/html; charset=utf-8
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site
date: Sun, 03 Dec 2023 05:55:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 175ms
63ms Stylesheet
text/css 2607:f8b0:4024:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A400%2C600%2C700%7COpen%20Sans%3A400%2C600%2C700&display=swap

Requested by

Host: www.aca-obamacare.xyz
URL: https://www.aca-obamacare.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::5f Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b152daf39ada715442bcecf1120919e6d21c34e53c100e230e6a252e2b172bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 05:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 04:09:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 05:55:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 181ms
70ms Stylesheet
text/css 2607:f8b0:4024:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Requested by

Host: www.aca-obamacare.xyz
URL: https://www.aca-obamacare.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::5f Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a2e8f6c07744ff59534fab4d21430272beab3638bc74f724496b90d923d1468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 05:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 05:39:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 05:55:28 GMT

GET
H2 200 rs=AGEqA5lATnQRZx1jAqvDDUINFQTPUWWHyQ
www.gstatic.com/_/atari/_/ss/k=atari.vw.yHD92ko9D_w.L.W.O/am=EAY/d=1/ 1 MB
153 KB 170ms
56ms Stylesheet
text/css 2607:f8b0:4023:1::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/ss/k=atari.vw.yHD92ko9D_w.L.W.O/am=EAY/d=1/rs=AGEqA5lATnQRZx1jAqvDDUINFQTPUWWHyQ

Requested by

Host: www.aca-obamacare.xyz
URL: https://www.aca-obamacare.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdaf815b59324736e780ae5095136cbd202d0497e978bdacd1f4e61261911e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 12:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156164
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 08:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 29 Nov 2024 12:45:56 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ 18 KB
8 KB 186ms
73ms Script
text/javascript 2607:f8b0:4023::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=gapiLoaded

Requested by

Host: www.aca-obamacare.xyz
URL: https://www.aca-obamacare.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023::8a Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52d054613b3cc5479b7d6b8f5352dd37f2282eb3e7b031a0febf9f381c50de98

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 05:55:28 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7115
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "c17fc45193a19f1b"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 05:55:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 203ms
91ms Script
application/javascript 2607:f8b0:4023:1::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PXM9G2B7CN

Requested by

Host: www.aca-obamacare.xyz
URL: https://www.aca-obamacare.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1::61 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d066f4f8ea4ceb1875445f55ec85c8f47197c4cf8a3f5cbfa5ae1a0331c6b449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:55:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 05:55:29 GMT

GET
H2 200 3H4Dz6UVhZJixSUI83xcP7SH8eKZevaFa78MefP1y_4MMJyngD1091EI30kkBrbbWEOQrvYJguODecxM5z6YWK4=w16383
lh3.googleusercontent.com/ 355 KB
356 KB 380ms
258ms Image
image/png 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/3H4Dz6UVhZJixSUI83xcP7SH8eKZevaFa78MefP1y_4MMJyngD1091EI30kkBrbbWEOQrvYJguODecxM5z6YWK4=w16383

Requested by

Host: www.aca-obamacare.xyz
URL: https://www.aca-obamacare.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6d29696316f384a2335f5520b26f50c2dec69767be6f7c703d40a8dcb937b764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:55:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="obama.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 363630
x-xss-protection: 0
expires: Mon, 04 Dec 2023 05:55:29 GMT

GET
H2 200 slides_32dp.png
www.gstatic.com/images/icons/material/product/1x/ 779 B
1 KB 338ms
226ms Image
image/png 2607:f8b0:4023:1::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/product/1x/slides_32dp.png

Requested by

Host: www.aca-obamacare.xyz
URL: https://www.aca-obamacare.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f06b3173b03c14da0285eece9cf65c82bea8f11c30064cd88315445763ea411f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 14:20:32 GMT
x-content-type-options: nosniff
age: 228896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 779
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 29 Nov 2024 14:20:32 GMT

GET
H2 200 m=view Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=1/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/ 582 KB
197 KB 57ms
56ms Script
text/javascript 2607:f8b0:4023:1::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=1/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=view

Requested by

Host: www.aca-obamacare.xyz
URL: https://www.aca-obamacare.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9363caffa53b0378c7e0ed455ef6a8424f8c43fc9c34b857115c5cefc5b79ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201899
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 08:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 29 Nov 2024 23:06:10 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/ 317 KB
109 KB 56ms
55ms Script
text/javascript 2607:f8b0:4023::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023::8a Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c811d3b4bfb9a9a430211c1d03bd021a8779a08fb336d0045fe9a4c2397ad8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 08:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110664
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 08:07:54 GMT

GET
H2 200 LD-rrU5Dsiab8qx84FVN1nEUuehh-qAqOMDD52MUYwmv3wQg4MH9VLZAUCwjVTn0Bol7gBVmirMtONjCr2W45Z0=w16383
lh5.googleusercontent.com/ 754 KB
755 KB 284ms
270ms Image
image/png 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/LD-rrU5Dsiab8qx84FVN1nEUuehh-qAqOMDD52MUYwmv3wQg4MH9VLZAUCwjVTn0Bol7gBVmirMtONjCr2W45Z0=w16383

Requested by

Host: www.aca-obamacare.xyz
URL: https://www.aca-obamacare.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

83354e2c75bc4d20503932b932511b8929e53ac566e45cb8898c0e092b37623d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:55:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Capture d'_cran 2023-11-03 131016.png";filename*=UTF-8''Capture%20d'%C3%A9cran%202023-11-03%20131016.png
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 772313
x-xss-protection: 0
expires: Mon, 04 Dec 2023 05:55:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 167ms
54ms Font
font/woff2 2607:f8b0:4024:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aca-obamacare.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 00:55:39 GMT
x-content-type-options: nosniff
age: 17990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 00:55:39 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ 33 KB
33 KB 270ms
157ms Font
font/woff2 2607:f8b0:4024:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aca-obamacare.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 07:59:24 GMT
x-content-type-options: nosniff
age: 597365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Nov 2024 07:59:24 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 180ms
67ms Font
font/woff2 2607:f8b0:4024:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C600%2C700%7COpen%20Sans%3A400%2C600%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aca-obamacare.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 00:58:58 GMT
x-content-type-options: nosniff
age: 363391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 00:58:58 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v53/ 21 KB
21 KB 296ms
184ms Font
font/woff2 2607:f8b0:4024:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C600%2C700%7COpen%20Sans%3A400%2C600%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.aca-obamacare.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:09:41 GMT
x-content-type-options: nosniff
age: 17148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21444
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 01:09:41 GMT

GET
H3 200 m=sy18,sy19,sy17,FoQBg Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=0/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/ 37 KB
12 KB 55ms
55ms Script
text/javascript 2607:f8b0:4023:1::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=0/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=sy18,sy19,sy17,FoQBg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=1/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59f78925ae8c645db576166e63bb77e0a27ec12494c3698d4e1c9b95bc02393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12719
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 08:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 29 Nov 2024 23:06:10 GMT

GET
H3 200 m=sy2t,TRvtze Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=0/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/ 855 B
524 B 57ms
57ms Script
text/javascript 2607:f8b0:4023:1::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=0/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=sy2t,TRvtze

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=1/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4a69a509d7cf7ad56a8d5702dab53f656988e6206f22de0349e036ded269603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 12:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 498
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 08:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 29 Nov 2024 12:45:57 GMT

GET
H3 200 m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,usmiIb,sy2u,abQiW,TGYpv,KUM7Z,XDKZTc,sy11,qkPXAf,qEW1W,oNFsLb,sy3t,yxTchf,sy3u,sy3v,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2w,SM1lmd,sy6,sy5,syx,RRzQxe,sy7,sy... Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=0/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/ 1 MB
401 KB 57ms
56ms Script
text/javascript 2607:f8b0:4023:1::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=0/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,usmiIb,sy2u,abQiW,TGYpv,KUM7Z,XDKZTc,sy11,qkPXAf,qEW1W,oNFsLb,sy3t,yxTchf,sy3u,sy3v,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2w,SM1lmd,sy6,sy5,syx,RRzQxe,sy7,sya,syk,sy9,fNFZH,sy2v,syl,RrXLpc,cgRV2c,syz,sy1m,o1L5Wb,X4BaPc,syf,sy15,Md9ENb,sy1d,sy1e,syp,sy1b,sy1c,Ko0sOe,syn,syw,syy,sy1a,NlqxW,sy1g,sy1h,sy1j,sy1k,sy1l,sy1s,sy1f,sy1q,sy1p,syb,syr,sy1n,sy1y,sy20,sy23,sy24,sy25,sy26,sy1u,sy1z,sy28,sy2h,sy1w,sy1x,sy1i,sy1o,sy1r,sy1t,sy1v,sy22,syo,sy27,sy29,sy2a,sy2e,sy2f,sy2g,T807ad,sy21,sy2d,ZDEHrf,sy2i,sy2k,a9i3ec,CmOog,qYIcH,zTt0Rb,sy2b,sy2c,rj51oe,zAU64c,jhxjge,xHmRee,oy3iwb,sy2j,dBhIIb,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,KlrXId,R4KMEc,sy2l,sy2m,sy2n,sy2o,UYjpC,sy3,VYKRW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=1/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

750127376e255c7dd4d045b01298ee17448292c9fd0be39c6ce989a13fe60403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 16:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 410852
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 08:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 29 Nov 2024 16:53:21 GMT

GET
H3 200 m=sy3k,IZT63,vfuNJf,sy3e,sy3i,sy3l,sy3y,sy3w,sy3x,siKnQd,sy3c,sy3j,sy3n,YNjGDd,sy3m,sy3o,PrPYRd,iFQyKf,hc6Ubd,sy3z,SpsfSb,sy3f,sy3h,wR5FRb,pXdRYb,dIoSBb,zbML3c Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=0/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/ 29 KB
11 KB 76ms
76ms Script
text/javascript 2607:f8b0:4023:1::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=0/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=sy3k,IZT63,vfuNJf,sy3e,sy3i,sy3l,sy3y,sy3w,sy3x,siKnQd,sy3c,sy3j,sy3n,YNjGDd,sy3m,sy3o,PrPYRd,iFQyKf,hc6Ubd,sy3z,SpsfSb,sy3f,sy3h,wR5FRb,pXdRYb,dIoSBb,zbML3c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=1/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e502dbaddbdb235a5d635d6b10b3584146c4d516d2973dc9d495dc7b50f8f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 00:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10771
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 08:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Mon, 02 Dec 2024 00:28:39 GMT

GET
H3 200 m=m9oV,sye,eFZtfd,sy3p,NTMZac,mzzZzc,rCcCxc,RAnnUd,sy2x,sy2y,uu7UOe,nAFL3,sy2q,gJzDyc,sy2z,soHxf,syu,syt,HYv29e,sy30,uY3Nvd Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=0/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/ 36 KB
12 KB 81ms
80ms Script
text/javascript 2607:f8b0:4023:1::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=0/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=m9oV,sye,eFZtfd,sy3p,NTMZac,mzzZzc,rCcCxc,RAnnUd,sy2x,sy2y,uu7UOe,nAFL3,sy2q,gJzDyc,sy2z,soHxf,syu,syt,HYv29e,sy30,uY3Nvd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=1/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6327bd0b391072a9a32c21b8e6f39cebd9383114263991ef2ead90b2d8d5157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 14:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11807
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 08:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 29 Nov 2024 14:10:26 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 176ms
63ms Preflight
text/plain 2607:f8b0:4024:c01::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::71 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.aca-obamacare.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 03 Dec 2023 05:55:29 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ 0
0

POST
H2 200 logImpressions Show response
www.aca-obamacare.xyz/_/view/ 16 B
221 B 175ms
173ms XHR
application/json 2607:f8b0:4023:1::79
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aca-obamacare.xyz/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=1/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1::79 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.aca-obamacare.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 05:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
259 B 316ms
57ms Ping
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PXM9G2B7CN&gtm=45je3bt0v9169831593&_p=1701582929180&gcd=11l1l1l1l1&dma=0&gdid=dZWRiYj&cid=1864798967.1701582930&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701582929&sct=1&seg=0&dl=https%3A%2F%2Fwww.aca-obamacare.xyz%2F&dt=Affrodable%20Care%20Acte&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1348
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PXM9G2B7CN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 05:55:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aca-obamacare.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 106 KB
36 KB 55ms
55ms Script
text/javascript 2607:f8b0:4023:1::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=0/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,usmiIb,sy2u,abQiW,TGYpv,KUM7Z,XDKZTc,sy11,qkPXAf,qEW1W,oNFsLb,sy3t,yxTchf,sy3u,sy3v,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2w,SM1lmd,sy6,sy5,syx,RRzQxe,sy7,sya,syk,sy9,fNFZH,sy2v,syl,RrXLpc,cgRV2c,syz,sy1m,o1L5Wb,X4BaPc,syf,sy15,Md9ENb,sy1d,sy1e,syp,sy1b,sy1c,Ko0sOe,syn,syw,syy,sy1a,NlqxW,sy1g,sy1h,sy1j,sy1k,sy1l,sy1s,sy1f,sy1q,sy1p,syb,syr,sy1n,sy1y,sy20,sy23,sy24,sy25,sy26,sy1u,sy1z,sy28,sy2h,sy1w,sy1x,sy1i,sy1o,sy1r,sy1t,sy1v,sy22,syo,sy27,sy29,sy2a,sy2e,sy2f,sy2g,T807ad,sy21,sy2d,ZDEHrf,sy2i,sy2k,a9i3ec,CmOog,qYIcH,zTt0Rb,sy2b,sy2c,rj51oe,zAU64c,jhxjge,xHmRee,oy3iwb,sy2j,dBhIIb,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,KlrXId,R4KMEc,sy2l,sy2m,sy2n,sy2o,UYjpC,sy3,VYKRW

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3e5dee13ca61bcbceccdb9f56160e261eb1e2efdb3ccfd55e8384347b0f2943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36927
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 16:54:40 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 05:59:29 GMT

GET
H2 200 embed Show response
docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/ Frame 223C 389 KB
64 KB 895ms
781ms Document
text/html 2607:f8b0:4024:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=1/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::8b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8b3792dcd668372f07de79b2da4eadced01d613ab9eec83f233d40c02680e1f4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-8ExwN-KthQScxBHwzQzwMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.aca-obamacare.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-8ExwN-KthQScxBHwzQzwMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 05:55:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
reporting-endpoints: default="/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/web-reports?context=eJwV1GlQ1WUUx_HDeY64USKK4gK5IblklpLa3bjcey3HJbTi_K1Gx4YoYyKx0BYkxHVwbFLciCa0UEtjWIxJGU1T0yAsXFKmMTGjTHHpQlcuiNivV_cV_M9znufz7fFvr89rvVJ1mUxh1j3e39-ioZeUVoWTWfiQUu0ApzREnqaCaKW2TD-vPkdmY5Nberzm57F9jDn6p9K039lEvUkmK8ct_mqvbL7SzDvnWXR1gdI7t-xSke-Rkp5KrhGdvDuinaPxvzbbg3zglk1Shit9Hq7kS3fLyFCln0Y5ZEmKU55boRQWRebvHKWQ63apH3yfx_2uJEU-mYZ5P96iFL9VaX6YRZWLLRobpXSjySuvZgd5baJDwit9cna5MfvakmlfmNI_czo5KqWZP6zxSsaMFp6bpPT960prQi0qzAvyusfElC5VKl7glXWYo7mXTW4dUtpXT2Z3o1Im5nf_4ZT0_ETpWxxiZkwMcHyc0phHlP7MCvCY9yw68xaby3-5JKI9meIilbLwN0MWkxlfrpQ-xaLGCR2cXNPG3mR8f4lSaX-l22l-3oB9dOS5pf8Fpa93KfWpU_rhSgfn-W0SinnX7WLzyDGH-OIS5VmcvbjGmGM9lEad88ilXKVI_Ja_qTQhN8Abxym9fFKpbI7S5ReUSrLdEnJe6fDye_ztSOw3wSV7jihdvcImexV2j73NrGvj87jH2T8qdbMnSOEpNtW9LXKMUro_x5gA9nIc55me6pZZdJ-rkowZuU7JvskupZlBjsT_P4M3cxMznDlsk4s4w6G0Vp7hCHLHNZv0e8YuwwM2cX7g53fjle6O9snMRR6ZvMSiz0ru8RtDlS7uS5Qqn5Ln0QCfP-uR6PUuqUmxaNiTrRyLfXJZO3cnpa5VSg-MVdpbrFT-up93fNDCzz5vzJ3BTVz7s9LwGJvUJln0FeaZfQzfGxbk4hjc48ZmHlGGPWDnT-Gst4Iu2aoWvdfFJQOrXXJjpTFF3ZROj2vh8fguv4r9Tm_h3niLB1_yc5-5_8-ttONoohzKbecNr1i0NifAqT3EPFigNG-uS1r7KvUdpHT2Mu4i1aLTFQ7Z9msnb9rhkc7t7ZzvUmot6ODQCU7pudQj3-UpZTzlliWpQa7-R-np9UrhFUoN7iAPm-iQX0IDPNfpkbYwl7RtVxqQgvn8eB-lHvEtsigs7T4nD1aKLbHLqkwLhjyybGszO9ISZJKlNHRsguw2xiwOKD36UiefHOGVu5lKgSFilh90yerHlI7Gu2Ue3vn3p5R2Yf8Z120yc6BS9CGPPAgHP0-16F6dS7r_4ZHVVQF2rjHG-sIrMRG4Y8ziTVMaObqJV-5JkN64l1mbWrgQb7QCPclHT75AT3rjLpahJ8fREj8ako2G5KIhjIaMQEMqcB9ONCQcDXkbDbmGhqxHQzajIRfQkEVoyB40ZBL6UYR-rEc7ytEOB5qRMT7A6bgjL3oRgl7Uoxfz32_jOvQiBr3o-NQnbsyTh17EohfPoBc70YtGtGI-WpGDVhzpGeAf0Yq_0YhwNGI1zC1EIyrRh6XoQz76sAJ9KIKDsliPXEcbLmFne9GGrWjDFHQhFV0IQxe86MJv6MEg9KAGPahHD6LQgCFoQE4_iy6iAbPQADsaMA0NuAr_N2C_K-wXw42B_SOwnwv7ndjDCtiPhX0H7E_HOT6B_QHw_hPcd8HvDpgbA_dJML8d5utgfifM-39R-gbmT8D7JnhvgPd0ePfB-gns2w3rBOv5sH4A1lvhvAHnywwzZiqMV8B4PxifCOO7YbwLjB_FPf6G79XAeC1mrYRxL4z_C-OfHmczCMafgPF0GG-BcR-MPwzjH8P4Ofjeg_dlg-8T8B0J31Mx10D4bi9t59YDSoUw_SVMF8D0dJi-CtMHYXoQTB-E6U_w_WkwnQHTe-G5LzxPwln-guU1sLwYliNguRGWq-F4CBw3p8IBHHfHG_kajg0cF8BwJQwvh-EcGH4Rhju3KSXD8DHYHQ67J2D3I9hdCbt3YDcXdm_DbufjTjGwWw67C2E3HXYPwO5k2CXYvQC7A2H3FOzOhl0_7F6D3e6w-x28GNiNh12B3Wi4zYRbB9xmwm083MbB7QC4LYLbl-E2Dm6_gdsmuL0Jt-_CbRXMzsL7q4TZLdjpQpiNhNfDsBqA1RBYzYbVCbCaBKsl-O5EOI2B0yw4nQqjEWHdzpSV7Q0N399Y38D_Abt51FM"
server: GSE
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-l2-request-path: l2-managed-4
x-robots-tag: noindex, nofollow, nosnippet
x-xss-protection: 1; mode=block

GET
H3 200 m=sy12,sy13,sy14,fuVYe,vVEdxc,sy16,CG0Qwb Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=0/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/ 44 KB
17 KB 56ms
55ms Script
text/javascript 2607:f8b0:4023:1::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=0/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=sy12,sy13,sy14,fuVYe,vVEdxc,sy16,CG0Qwb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=1/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023:1::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8b4fa9638dbdb3395ac8d1531a3b00b7c0329afcc2409023e114aea4cae95a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 06:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 428910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17159
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 08:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Wed, 27 Nov 2024 06:46:59 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/ 261 B
208 B 56ms
55ms Script
text/javascript 2607:f8b0:4023::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4023::8a Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

006a51d1886d29d7ac1cc0f7712368828b2569846f0a0594d27d324d3b1d8d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 19:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 19:45:11 GMT

GET
H2 200 auth_warmup Show response
drive.google.com/ Frame 897C 0
1 KB 213ms
83ms Document
text/html 2607:f8b0:4024:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/auth_warmup

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::64 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Sxu4JDwua62lQqWydnXJKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aca-obamacare.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: script-src 'report-sample' 'nonce-Sxu4JDwua62lQqWydnXJKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 03 Dec 2023 05:55:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 223C 0
0

GET
H2 200 2845420945-viewer_css_ltr.css
docs.google.com/static/presentation/client/css/ Frame 223C 337 KB
54 KB 58ms
54ms Stylesheet
text/css 2607:f8b0:4024:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/static/presentation/client/css/2845420945-viewer_css_ltr.css

Requested by

Host: docs.google.com
URL: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::8b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

800d729b71f79d91731619f5ad4cad1ae2020689d96801b47e86cba7922b5803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 08:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54842
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 17:16:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Thu, 28 Nov 2024 08:35:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 223C 2 KB
666 B 66ms
63ms Stylesheet
text/css 2607:f8b0:4024:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400

Requested by

Host: docs.google.com
URL: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::5f Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 05:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 05:36:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 05:55:31 GMT

GET
H3 200 rYu4KweYnZzhCXU0qnN2oXUphT6hDOtAnn4tXIVc8No4AYcyh42N7Ywqk7GiXT6hpeZUgRjUwgeUw3M1zNmjBkWzyQmkA9D0Yj3h4UNZ90qNoI1ltuMSTBBJgcdxl6_1aIIOgLlv4zp_sjcqZzM=s2048
lh7-us.googleusercontent.com/ Frame 223C 355 KB
355 KB 299ms
173ms Image
image/png 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/rYu4KweYnZzhCXU0qnN2oXUphT6hDOtAnn4tXIVc8No4AYcyh42N7Ywqk7GiXT6hpeZUgRjUwgeUw3M1zNmjBkWzyQmkA9D0Yj3h4UNZ90qNoI1ltuMSTBBJgcdxl6_1aIIOgLlv4zp_sjcqZzM=s2048

Requested by

Host: docs.google.com
URL: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6d29696316f384a2335f5520b26f50c2dec69767be6f7c703d40a8dcb937b764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:55:31 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="obama.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 363630
x-xss-protection: 0
expires: Mon, 04 Dec 2023 05:55:31 GMT

GET
H2 200 3119683821-viewer_core.js Show response
docs.google.com/static/presentation/client/js/ Frame 223C 1003 KB
347 KB 88ms
87ms Script
text/javascript 2607:f8b0:4024:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/static/presentation/client/js/3119683821-viewer_core.js

Requested by

Host: docs.google.com
URL: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::8b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7bc506203ebdcecd0c3a68366ec7242f2b7a6e74a3b2986e83f33f0731bcc4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 02:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 354934
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 17:16:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Sun, 01 Dec 2024 02:09:01 GMT

POST
H2 204 docs-tt
csp.withgoogle.com/csp/ Frame 223C 0
0 239ms
104ms Other
text/html 2607:f8b0:4024:c09::8d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/docs-tt
Requested by: Host: www.aca-obamacare.xyz
URL: https://www.aca-obamacare.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4024:c09::8d Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://docs.google.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame 223C 7 KB
1 KB 64ms
63ms Stylesheet
text/css 2607:f8b0:4024:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/css/2845420945-viewer_css_ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::5f Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 05:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 05:54:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 05:55:31 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 64ms
63ms Preflight
text/plain 2607:f8b0:4024:c01::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::71 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 03 Dec 2023 05:55:31 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 223C 131 B
152 B 201ms
90ms XHR
text/plain 2607:f8b0:4024:c01::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/3119683821-viewer_core.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::71 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 03 Dec 2023 05:55:31 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 204 naLogImpressions Show response
docs.google.com/presentation/ Frame 223C 0
15 B 112ms
111ms XHR
text/plain 2607:f8b0:4024:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/presentation/naLogImpressions?id=1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc&includes_info_params=1

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/3119683821-viewer_core.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c02::8b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-gT1TmqxnmoJCY9sPrjVu2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 05:55:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-gT1TmqxnmoJCY9sPrjVu2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
x-l2-request-path: l2-managed-4
server: GSE
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 punchviewer_material_sprite43_grey_medium.svg
ssl.gstatic.com/docs/presentations/images/ Frame 223C 46 KB
12 KB 200ms
65ms Image
image/svg+xml 2607:f8b0:4024:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/presentations/images/punchviewer_material_sprite43_grey_medium.svg

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/css/2845420945-viewer_css_ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5003c0e622bf8c51f0e61331d4f63a780b30b961c31f36e0fb35473b13f13f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11996
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 19:48:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Sun, 01 Dec 2024 09:31:06 GMT

GET
H2 200 punchviewer_material_sprite43_grey_dark.svg
ssl.gstatic.com/docs/presentations/images/ Frame 223C 46 KB
12 KB 202ms
67ms Image
image/svg+xml 2607:f8b0:4024:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/presentations/images/punchviewer_material_sprite43_grey_dark.svg

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/css/2845420945-viewer_css_ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4b40a3bcc37163e92cc9114e5c3e91f14fda9334ced4179f9db4ad1884c312d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11993
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Sun, 01 Dec 2024 11:05:01 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v29/ Frame 223C 39 KB
39 KB 57ms
54ms Font
font/woff2 2607:f8b0:4024:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v29/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7165713d3e1a610399471a5e93d5677508f62ef072c1151e72273bf4bd54f916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 19:26:48 GMT
x-content-type-options: nosniff
age: 383323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39516
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 01:47:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2024 19:26:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 223C 15 KB
15 KB 67ms
66ms Font
font/woff2 2607:f8b0:4024:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 13:45:34 GMT
x-content-type-options: nosniff
age: 403797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2024 13:45:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 223C 15 KB
15 KB 61ms
60ms Font
font/woff2 2607:f8b0:4024:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed?slide=id.p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:59:00 GMT
x-content-type-options: nosniff
age: 46591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:59:00 GMT

GET
H3 200 cZ8gRTciIFIpW6wCVimQW7ZzQf-dCdGGjlP2Nk7yYjho8ka6MJmqmBSiWQTH0PBMEo8vr4Pc6j-vTmjHctSJEcRtNjeGqvBaAc0Sjqc53IY-mRpgkUXUlVhUrLhGhPdUfQZsrhfwmN3QkEsERj0=s2048
lh7-us.googleusercontent.com/ Frame 223C 100 KB
100 KB 300ms
299ms Image
image/png 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh7-us.googleusercontent.com/cZ8gRTciIFIpW6wCVimQW7ZzQf-dCdGGjlP2Nk7yYjho8ka6MJmqmBSiWQTH0PBMEo8vr4Pc6j-vTmjHctSJEcRtNjeGqvBaAc0Sjqc53IY-mRpgkUXUlVhUrLhGhPdUfQZsrhfwmN3QkEsERj0=s2048

Requested by

Host: docs.google.com
URL: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed?slide=id.p

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3e4a169fee7a13f382f833a2ea965b75e8b05ba8de61ca765c00031b14e2dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:55:31 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Capture d'_cran 2023-10-29 121852.png";filename*=UTF-8''Capture%20d'%C3%A9cran%202023-10-29%20121852.png
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102072
x-xss-protection: 0
expires: Mon, 04 Dec 2023 05:55:31 GMT

GET
H2 200 netcheck.gif
ssl.gstatic.com/docs/common/ Frame 223C 43 B
184 B 220ms
110ms Image
image/gif 2607:f8b0:4024:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/netcheck.gif?zx=7fwjzy85wmt

Requested by

Host: docs.google.com
URL: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed?slide=id.p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 05:55:31 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 174866191-viewer_app.js Show response
docs.google.com/static/presentation/client/js/ Frame 223C 197 B
203 B 57ms
56ms Script
text/javascript 2607:f8b0:4024:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/static/presentation/client/js/174866191-viewer_app.js

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/3119683821-viewer_core.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c02::8b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c95d0d9bc1e7428873da1cb92fea8aa7cf0b1ff1885cbf49ec159235b11d3b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed?slide=id.p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 02:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 17:16:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Sun, 01 Dec 2024 02:04:03 GMT

GET
H3 200 3807889401-viewer_help.js Show response
docs.google.com/static/presentation/client/js/ Frame 223C 61 KB
23 KB 55ms
55ms Script
text/javascript 2607:f8b0:4024:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/static/presentation/client/js/3807889401-viewer_help.js

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/3119683821-viewer_core.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c02::8b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bedd2a1b18553a2ead315a0a78a239ba5d34483ef2cca8de1476d130d033f565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed?slide=id.p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 02:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23401
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 17:16:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Sun, 01 Dec 2024 02:48:34 GMT

GET
H2 200 search-white.png
ssl.gstatic.com/ui/v1/button/ Frame 223C 275 B
612 B 55ms
55ms Image
image/png 2607:f8b0:4024:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/ui/v1/button/search-white.png

Requested by

Host: docs.google.com
URL: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed?slide=id.p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::5e Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4529bb647d07fbc3a858bd39fe0aff051dd7b5ccba99c7cea5a307fdd7f4241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 02:40:52 GMT
x-content-type-options: nosniff
age: 98079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gstatic-ui-assets
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"gstatic-ui-assets","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gstatic-ui-assets"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="gstatic-ui-assets"
expires: Sun, 01 Dec 2024 02:40:52 GMT

POST log
play.google.com/ 0
0

POST
H2 200 logImpressions Show response
www.aca-obamacare.xyz/_/view/ 16 B
117 B 168ms
167ms XHR
application/json 2607:f8b0:4023:1::79
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aca-obamacare.xyz/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.-G0sfD3iMHE.O/am=EAY/d=1/rs=AGEqA5nzevXJ60GHyjU3kYN2fayWv6ipjQ/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1::79 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.aca-obamacare.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 05:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 64ms
63ms Preflight
text/plain 2607:f8b0:4024:c01::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::71 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.aca-obamacare.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 03 Dec 2023 05:55:32 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 404 cspreport
drive.google.com/_/DriveOsidBootstrap/ Frame 897C 141 B
694 B 176ms
170ms Other
text/html 2607:f8b0:4024:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/_/DriveOsidBootstrap/cspreport

Requested by

Host: www.aca-obamacare.xyz
URL: https://www.aca-obamacare.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::64 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cQNWDzCUo9KBURHPPQD66w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drive.google.com/auth_warmup
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: script-src 'report-sample' 'nonce-cQNWDzCUo9KBURHPPQD66w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 05:55:33 GMT
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Sun, 03 Dec 2023 05:55:33 GMT

POST
H3 200 log Show response
play.google.com/ Frame 223C 131 B
152 B 94ms
89ms XHR
text/plain 2607:f8b0:4024:c01::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/3119683821-viewer_core.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::71 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 03 Dec 2023 05:55:34 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 204 naLogImpressions Show response
docs.google.com/presentation/ Frame 223C 0
15 B 127ms
116ms XHR
text/plain 2607:f8b0:4024:c02::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/presentation/naLogImpressions?id=1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc&includes_info_params=1

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/3119683821-viewer_core.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c02::8b Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-1mepVDmBkDcFsBaifXfOfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed?slide=id.p
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 05:55:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-1mepVDmBkDcFsBaifXfOfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
x-l2-request-path: l2-managed-4
server: GSE
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 57ms
56ms Ping
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PXM9G2B7CN&gtm=45je3bt0v9169831593&_p=1701582929180&gcd=11l1l1l1l1&dma=0&gdid=dZWRiYj&cid=1864798967.1701582930&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701582929&sct=1&seg=0&dl=https%3A%2F%2Fwww.aca-obamacare.xyz%2F&dt=Affrodable%20Care%20Acte&en=scroll&epn.percent_scrolled=90&_et=12&tfd=6389
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PXM9G2B7CN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.aca-obamacare.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 05:55:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aca-obamacare.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 63ms
63ms Preflight
text/plain 2607:f8b0:4024:c01::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4024:c01::71 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 03 Dec 2023 05:55:34 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 21:03:14	Name: NID Value: 511=S5Hnd6I8Qo6mYFEEKuQ4c0nB-m0Um37-jRZ6EZG7Qpl-HG1gKA435Iw3YYUKyI27uMo1ctLnrpOeQj4Why0lE7CjdXLxASMDRUIiw8WeioQ5fMmToy50v6h3GqxeJZ2JLDW55PFBL854E9601KojkG-oXbH6ByIOUH5KcwObQEo
.aca-obamacare.xyz/	1970-01-21 02:15:42	Name: _ga Value: GA1.1.1864798967.1701582930
.aca-obamacare.xyz/	1970-01-21 02:15:42	Name: _ga_PXM9G2B7CN Value: GS1.1.1701582929.1.0.1701582929.0.0.0

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	error	URL: https://www.aca-obamacare.xyz/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://www.aca-obamacare.xyz' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
rendering	warning	URL: https://docs.google.com/presentation/d/1Q0c-3emkezIy5JRXgGWUi3178E3dxQJJvEI8ewv1XHc/embed Message: The key "target-densitydpi" is not supported.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
javascript	error	URL: https://www.aca-obamacare.xyz/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://www.aca-obamacare.xyz' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://drive.google.com/_/DriveOsidBootstrap/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-usbz54odY1n6ncB_PGB0cg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
csp.withgoogle.com
docs.google.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
lh3.googleusercontent.com
lh5.googleusercontent.com
lh7-us.googleusercontent.com
play.google.com
ssl.gstatic.com
www.aca-obamacare.xyz
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
play.google.com
2001:4860:4802:36::178
2607:f8b0:4023:1::5e
2607:f8b0:4023:1::61
2607:f8b0:4023:1::79
2607:f8b0:4023::8a
2607:f8b0:4024:c01::5e
2607:f8b0:4024:c01::71
2607:f8b0:4024:c02::5e
2607:f8b0:4024:c02::8b
2607:f8b0:4024:c09::5f
2607:f8b0:4024:c09::64
2607:f8b0:4024:c09::84
2607:f8b0:4024:c09::8d
006a51d1886d29d7ac1cc0f7712368828b2569846f0a0594d27d324d3b1d8d77
0204a78137c3525aa41965604466f344efd80cac8365eadeec7bc4196e332be6
0c811d3b4bfb9a9a430211c1d03bd021a8779a08fb336d0045fe9a4c2397ad8f
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
49e502dbaddbdb235a5d635d6b10b3584146c4d516d2973dc9d495dc7b50f8f4
4a2e8f6c07744ff59534fab4d21430272beab3638bc74f724496b90d923d1468
4b152daf39ada715442bcecf1120919e6d21c34e53c100e230e6a252e2b172bc
5003c0e622bf8c51f0e61331d4f63a780b30b961c31f36e0fb35473b13f13f21
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52d054613b3cc5479b7d6b8f5352dd37f2282eb3e7b031a0febf9f381c50de98
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6d29696316f384a2335f5520b26f50c2dec69767be6f7c703d40a8dcb937b764
7165713d3e1a610399471a5e93d5677508f62ef072c1151e72273bf4bd54f916
750127376e255c7dd4d045b01298ee17448292c9fd0be39c6ce989a13fe60403
800d729b71f79d91731619f5ad4cad1ae2020689d96801b47e86cba7922b5803
83354e2c75bc4d20503932b932511b8929e53ac566e45cb8898c0e092b37623d
8b3792dcd668372f07de79b2da4eadced01d613ab9eec83f233d40c02680e1f4
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
9363caffa53b0378c7e0ed455ef6a8424f8c43fc9c34b857115c5cefc5b79ec7
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a4a69a509d7cf7ad56a8d5702dab53f656988e6206f22de0349e036ded269603
b6327bd0b391072a9a32c21b8e6f39cebd9383114263991ef2ead90b2d8d5157
bdaf815b59324736e780ae5095136cbd202d0497e978bdacd1f4e61261911e7d
bedd2a1b18553a2ead315a0a78a239ba5d34483ef2cca8de1476d130d033f565
c3e5dee13ca61bcbceccdb9f56160e261eb1e2efdb3ccfd55e8384347b0f2943
c4529bb647d07fbc3a858bd39fe0aff051dd7b5ccba99c7cea5a307fdd7f4241
c95d0d9bc1e7428873da1cb92fea8aa7cf0b1ff1885cbf49ec159235b11d3b26
d066f4f8ea4ceb1875445f55ec85c8f47197c4cf8a3f5cbfa5ae1a0331c6b449
d4b40a3bcc37163e92cc9114e5c3e91f14fda9334ced4179f9db4ad1884c312d
d59f78925ae8c645db576166e63bb77e0a27ec12494c3698d4e1c9b95bc02393
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e4a169fee7a13f382f833a2ea965b75e8b05ba8de61ca765c00031b14e2dc0
f06b3173b03c14da0285eece9cf65c82bea8f11c30064cd88315445763ea411f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7bc506203ebdcecd0c3a68366ec7242f2b7a6e74a3b2986e83f33f0731bcc4a
f8b4fa9638dbdb3395ac8d1531a3b00b7c0329afcc2409023e114aea4cae95a6

www.aca-obamacare.xyz Open in urlscan Pro 2607:f8b0:4023:1::79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

95 %HTTPS

100 %IPv6

9 Domains

16 Subdomains

14 IPs

1 Countries

3332 kBTransfer

7674 kBSize

3 Cookies

1 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.aca-obamacare.xyz Open in urlscan Pro
2607:f8b0:4023:1::79 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

95 %
HTTPS

100 %
IPv6

9
Domains

16
Subdomains

14
IPs

1
Countries

3332 kB
Transfer

7674 kB
Size

3
Cookies

57 HTTP transactions
0 data transactions