urlscan.io logo urlscan.io
SecurityTrails logo

119.59.99.154 Open in urlscan Pro
119.59.99.154  Public Scan

Go To Rescan Add Verdict Report
URL: http://119.59.99.154/
Submission: On December 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 39 HTTP transactions. The main IP is 119.59.99.154, located in Bangkok, Thailand and belongs to METRABYTE-TH 453 Ladplacout Jorakhaebua, TH. The main domain is 119.59.99.154.
This is the only time 119.59.99.154 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 119.59.99.154 56067 (METRABYTE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
39 11
13    119.59.99.154 (Bangkok, Thailand)

ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH)
119.59.99.154
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.skr.ac.th
7    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
docs.google.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:830::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh7-us.googleusercontent.com
4    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
Apex Domain
Subdomains		 Transfer
11 google.com
docs.google.com — Cisco Umbrella Rank: 126
play.google.com — Cisco Umbrella Rank: 32
454 KB
5 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
49 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
4 KB
2 googleusercontent.com
lh7-us.googleusercontent.com — Cisco Umbrella Rank: 664
1 MB
2 skr.ac.th
www.skr.ac.th
200 KB
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 415
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
19 KB
0 Failed
function sub() { [native code] }. Failed
39 8
Domain Requested by
7 docs.google.com 119.59.99.154
docs.google.com
4 play.google.com docs.google.com
4 fonts.googleapis.com 119.59.99.154
docs.google.com
3 fonts.gstatic.com fonts.googleapis.com
docs.google.com
2 ssl.gstatic.com docs.google.com
2 lh7-us.googleusercontent.com docs.google.com
2 www.skr.ac.th 1 redirects 119.59.99.154
1 csp.withgoogle.com 119.59.99.154
1 cdnjs.cloudflare.com 119.59.99.154
0 ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed docs.google.com
39 10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
online.skr.ac.th
card.skr.ac.th
admission.skr.ac.th
docs.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://119.59.99.154/
Frame ID: 2C14CCED6BBDE0DA0A616FA0587EF5E5
Requests: 19 HTTP requests in this frame

Frame: https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal
Frame ID: 6E0F6FC3BDB0E3685FDEF27D378B0EB7
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🏫โรงเรียนสวนกุหลาบวิทยาลัย รังสิต🏫

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

39
Requests

62 %
HTTPS

90 %
IPv6

8
Domains

10
Subdomains

11
IPs

3
Countries

2933 kB
Transfer

4288 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://www.skr.ac.th/main/wp-content/uploads/2018/03/cropped-Untitled-1.png HTTP 301
  • https://www.skr.ac.th/main/wp-content/uploads/2018/03/cropped-Untitled-1.png

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
119.59.99.154/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://119.59.99.154/
Protocol
HTTP/1.1
Server
119.59.99.154 Bangkok, Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
726107241856c15ade28d7e3668323e50e88180b000a4027534c38b2fffdcd15

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
2601
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Dec 2023 17:39:37 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
bootstrap.css
119.59.99.154/dist/css/ 		239 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://119.59.99.154/dist/css/bootstrap.css
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
HTTP/1.1
Server
119.59.99.154 Bangkok, Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1ba481167493038d53795517b04f2f16e5ce7caad8b5485f687a2e83440f704c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 17:39:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Nov 2022 08:20:47 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3bcaf-5ed05556735c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
31353
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/ 		99 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
http://119.59.99.154
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 17:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2732782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18688
last-modified
Tue, 30 Aug 2022 20:09:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"630e6e62-4900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPz7%2BLL%2BWXgu4bKFS5GyC6ZrLB8QF7cJ0zgEyCveGKv6o5H6Yqc9viH9t6ip8%2BkX9E232CV5Dm8xEnZGaIdLN8CdFIgqAUiPGEVIIeL7hvFDTKOuAv6cjGwwsz94wugxv1hztD9AX98s8PqIuRY9iyel"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
833744b3c9a95d3d-FRA
expires
Fri, 29 Nov 2024 17:39:38 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=K2D&family=Kanit&family=Mali&family=Mitr&display=swap
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af104c6c33f7491b52977735c25e17d9393738c35072eecce647bc5f864fc0fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Dec 2023 17:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Dec 2023 17:39:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Dec 2023 17:39:38 GMT
cropped-Untitled-1.png
www.skr.ac.th/main/wp-content/uploads/2018/03/
Redirect Chain
  • http://www.skr.ac.th/main/wp-content/uploads/2018/03/cropped-Untitled-1.png
  • https://www.skr.ac.th/main/wp-content/uploads/2018/03/cropped-Untitled-1.png
199 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.skr.ac.th/main/wp-content/uploads/2018/03/cropped-Untitled-1.png
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0269f0528b0f89df761cba791887767a954f5293bb4601b58c8f0d7bcc44bf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 17:39:39 GMT
cf-cache-status
MISS
last-modified
Mon, 05 Mar 2018 14:52:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"31b63-566ab7a4f2040"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xM9rExbYPP3LuqQsnN0SZSeZf6xnJEb6FtpD2U7MD1Rq5CZO63pXaS9SHQVkKA4Fcy4A88X0Mfwvzo9Gkbs2sGT%2FJ5L%2FY%2B8pUic21rGnWkUCIw3chcHC8vEUA7iTFDt7%2BQOZ5UFbHLCJwMhx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=300
accept-ranges
bytes
cf-ray
833744b60cdc2bf1-FRA
alt-svc
h3=":443"; ma=86400
content-length
203619

Redirect headers

Date
Sun, 10 Dec 2023 17:39:38 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pstff3qlPtQePrjU65Wnt6eXHXKcVVWV5z9Y4DCDfsHYaG5v7u8iSVAtIcdUHtIS4ZLyhHyO%2BFDRUtgPvohwyxYWMRrmHwicmRpTzhulEz0rA%2Fzu7bc2h1xLD12S%2FHqW96Ahy2lzMqh%2BlfyU"}],"group":"cf-nel","max_age":604800}
Location
https://www.skr.ac.th/main/wp-content/uploads/2018/03/cropped-Untitled-1.png
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
833744b519fa9e6e-SJC
alt-svc
h3=":443"; ma=86400
Expires
Sun, 10 Dec 2023 18:39:38 GMT
but1.png
119.59.99.154/img/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://119.59.99.154/img/but1.png
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
HTTP/1.1
Server
119.59.99.154 Bangkok, Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9c8f96fc237d4469b6e37c6db0df31e7586fda08ae545d2e74ef63ad620307c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 17:39:38 GMT
Last-Modified
Sat, 28 Dec 2019 17:38:23 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"256e-59ac713afa1c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9582
card.png
119.59.99.154/img/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://119.59.99.154/img/card.png
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
HTTP/1.1
Server
119.59.99.154 Bangkok, Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6add82cbe53848f60840bec0600088fb04e3660fca1b66cce32e6207959d0fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 17:39:38 GMT
Last-Modified
Wed, 28 Oct 2020 06:30:11 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"87cd-5b2b54b9da2c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
34765
but3.png
119.59.99.154/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://119.59.99.154/img/but3.png
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
HTTP/1.1
Server
119.59.99.154 Bangkok, Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3ac1284ea462b2dd833a344e2414fbe59475f820de9d84487890da415d6c2fe0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 17:39:38 GMT
Last-Modified
Sat, 28 Dec 2019 17:38:23 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2729-59ac713afa1c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10025
but4.png
119.59.99.154/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://119.59.99.154/img/but4.png
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
HTTP/1.1
Server
119.59.99.154 Bangkok, Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
14baccfcfdc4d17bb013d91b4cff89be2111ccece21a225a1fbc645a90de5b1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 17:39:38 GMT
Last-Modified
Sat, 28 Dec 2019 17:38:23 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3ac5-59ac713afa1c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
15045
but5.png
119.59.99.154/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://119.59.99.154/img/but5.png
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
HTTP/1.1
Server
119.59.99.154 Bangkok, Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
32dbeb559d882d9cc0d063add8ba9958d37edd7662fc97e88709d25aa6433010

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 17:39:38 GMT
Last-Modified
Sat, 28 Dec 2019 17:38:23 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2718-59ac713afa1c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10008
but7.png
119.59.99.154/img/ 		211 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://119.59.99.154/img/but7.png
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
HTTP/1.1
Server
119.59.99.154 Bangkok, Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
cc8c4e5ad1e4a47dfb79f6ab2af5d05c87ee185499d5881232b8908a35eefb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 17:39:38 GMT
Last-Modified
Tue, 09 Jun 2020 12:00:40 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"34c13-5a7a579e44a00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
216083
ad_logo.png
119.59.99.154/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://119.59.99.154/img/ad_logo.png
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
HTTP/1.1
Server
119.59.99.154 Bangkok, Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b0347f4b561af6706433470e13f2a00ba04e1e09ea65e8c669a7b3622b5ab5e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 17:39:38 GMT
Last-Modified
Wed, 09 Feb 2022 15:25:41 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"56b1-5d79772496740"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
22193
card-status.png
119.59.99.154/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://119.59.99.154/img/card-status.png
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
HTTP/1.1
Server
119.59.99.154 Bangkok, Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fa97288db0bfc7c51f5db2b1cc20f69ed0bfa206fabaf1145611d7e273e1bed9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 17:39:38 GMT
Last-Modified
Thu, 01 Sep 2022 05:06:31 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"5b8a-5e7969399e3c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
23434
admission_but.png
119.59.99.154/img/ 		374 KB
375 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://119.59.99.154/img/admission_but.png
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
HTTP/1.1
Server
119.59.99.154 Bangkok, Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
886511daa374ad798898720c0fedb1dfcf0c89efb0922c523ba27edfced6d5ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 17:39:38 GMT
Last-Modified
Tue, 03 Jan 2023 16:06:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"5d91f-5f15e3e89ee80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
383263
email-image.png
119.59.99.154/img/ 		857 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://119.59.99.154/img/email-image.png
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
HTTP/1.1
Server
119.59.99.154 Bangkok, Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
8921a1e8f2069cf7a941018a606d6812f7308bacae8198b42895790767771cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 17:39:38 GMT
Last-Modified
Sat, 02 Apr 2022 05:47:14 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"359-5dba56d561c80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
857
mailskr1.png
119.59.99.154/img/ 		464 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://119.59.99.154/img/mailskr1.png
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
HTTP/1.1
Server
119.59.99.154 Bangkok, Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
28a9db6814a08a53ca405371951af93743eb129a887f8f108af95711992d02fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 17:39:38 GMT
Last-Modified
Sat, 28 Dec 2019 17:38:23 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1d0-59ac713afa1c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
464
embed
docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/ Frame 6E0F 		79 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ca4128e3f19540f9eb94829a06418be068555c01dd727bc9d4a64a17f91f1a9e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-yZ29ioeoT5LQhrCboCMctQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://119.59.99.154/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-yZ29ioeoT5LQhrCboCMctQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
content-type
text/html; charset=utf-8
date
Sun, 10 Dec 2023 17:39:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
reporting-endpoints
default="/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/web-reports?context=eJwV0GtQ1XUaB_CH5_dIotQeUBJRCC_IKqYWkhXnwuGcQ-t4CW3j-ds2OjUsrjFL4gYtRQR4qcGcXUUjskkt1FaWUSCmYCRNXQtSw7tT3jLLFC8d2BMHAuzbi8-bZ555Lt9hX9oae7Mosi-LEiCMlO4LVZoEa2HLUKWDw5SKhyvVQWO40oc2pbhIpZ6RSolRSodg9yilfTA1WqkW5sUojRyjlDVWKTZWaT1UQ02c0rIHlP4-Til7gtJnk5RSEpUck5V-naJ071SlCEh6UGnDNKU1DynlpSgVQblLqRLe9intgF3QAosylbYuVNoDiZbSLDCLlEZAxzNKl-Hsc0rXICxbaTR05SjxUqWmF5T-BzNzlbyw7UWlergAt6CzAHfB7ELsga0vYw9cggCcK1X6CY6VK10E70qlP0PeaqUSqK9Q-hzuX4tM4dF1Sn-CireV3oWEKvwPg-8g92ql61uVemFzDXKEmh1KH8MROA8j9yhNhPh6pRlADUo26GlWuqdFaX6r0mK4CLchY7_SRtgFmV8oPQ_ur5QWQNNR_A57v8Z84A6lSPCfVgo5ozQEouCes0qjIOKi0jh4D_4LB-AEHLysdBLivlOaBlVXlXbCrB-UnoAGOACH4Qw0_6zUBnV-pVb4HI7D8wGlFVAYatEaeDLcoiXQHGFRG5Teb9FHoyz6FPIes2hfhkVfw95Mi47AG2pRFWxabNF2iM-2aAa0Q9lfLVoPE3IsSoaU5Rb5YPsKi5qgoMCi1fDHQosehTGvWJQEl6KO07WxnfwLxE3p5Enw8bN-3gv8Nz8Pg_-84Od6uJbr5zvgL_BzLzzyup-dMPugnxeALbuLo6F2Qxc3QkFVF78G66508SZom9bNx2HcnG6eDMvmdnM-2LO62QvVr3fzNsjY2M3z4WhogE_D_uEBTp0eYA_kzwiwd2aA58KF4gD_AKWlAX4TksoDnAwlLQFeAzGP9_B4aMrt4VbIHx_kIlhnD_Im8DqCPBfOuoN8CfJyglwIOwuCvBuWlAR5KVRWBHkzLHm1l-e393IW-Dp6eR5siezjndBU3set8MvWPh6Evt19zHv6-HxyP1-FO9X93AP7r_Tzl1BZPMCb4ZOyAd4H79YN8Acwa-Igu-CnhYP8MyQ-O8jT4d_fDPI7kEF3eT50jL3L50By73I4vGYjsxpCosmEg-1FMtG_W0EmHkpOkVkDtefINELDZTItEF4TYkZC-z_YnICVO9ishfcPsak8ymYzOL9jMxsuXWFzDbYYY3ZCQbgxE0cYMxUaMo1pgZ6FxtyFOU8b8xR8VWbMSbi6ypibkPyGMU54r92YGvjLMDE5cCteTABWPiRmLdz4Q6p0wZi4VJkA7ftS5QT8_3qq9MOyG6mSD_W3U6UZyv2pUgFjAuiHUU_aZeZGu9ghts4uCRBywy7Lb9vln3A6xiEX4Nhkh8TMdMh4KE13yJtwuMEhxyHhoEMehEOjnXIEBh92SmiyU8KynRIBeVAIj33vFDesGOKSV8Af7pJeOJzmkmOQtcgliyFqnUtiIeJfLhkNRXtdUgaRbS6JgUCHSwbg3I8uuQw_Bl1yGyZMTZMkIHuaDIWU3DRxQPGuNFkF9afTpBlaUtxyAJY94ZZ8mJPjFkeeW3ywvcQtdfBSqVuK4WaFW_phSZVblkJ5p1s2gCMxXXyQU5kueXCqMV3Ow4cH0qUW9iR4ZIHTI4vAkefBbFjukXlgXvbIcMh_1SNFsKvSIw2waptHNoLZ7ZERENXqkVg4fNIjZ2DIKdRgNEyGkO89EgafTPTKF1DznFcyP_KKBd1tXvkVhrZ7xQbFsArWQzXMOuIVF8yBp2A71MEDF70yHa52euUmhHV5JQKKQnxSBgNTfDIkySe38n0SgNAtPrkPbE0-iX4rQ-IhMnzoN3fO1obagtd7vuXfAC1x7Yk"
server
GSE
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-l2-request-path
l2-managed-4
x-robots-tag
noindex, nofollow, nosnippet
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		10 KB
903 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,700;1,400&display=swap
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/dist/css/bootstrap.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3406fb339d2d7f2b28d01359fc7a7fcb504da4e487e9077dbfd504e589794d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://119.59.99.154/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Dec 2023 17:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Dec 2023 17:30:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Dec 2023 17:39:38 GMT
N0ba2SRONuN4SC3EDw.woff2
fonts.gstatic.com/s/mali/v10/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mali/v10/N0ba2SRONuN4SC3EDw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=K2D&family=Kanit&family=Mali&family=Mitr&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9e63aaea3575370867626a682ebc4ef4f8b10a087b69d1b718e027ba3ea565f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://119.59.99.154
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:10:35 GMT
x-content-type-options
nosniff
age
253743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18268
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:05:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 19:10:35 GMT
N0ba2SRONuN4SDnED2xx.woff2
fonts.gstatic.com/s/mali/v10/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mali/v10/N0ba2SRONuN4SDnED2xx.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=K2D&family=Kanit&family=Mali&family=Mitr&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403dac580c2e01242a0bfe6bb0c940ace1b1466ecd631c9e8a3cee1a72fb78e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://119.59.99.154
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:40:56 GMT
x-content-type-options
nosniff
age
158322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14448
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:01:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 21:40:56 GMT
page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 6E0F 		0
0
docs-tt
csp.withgoogle.com/csp/ Frame 6E0F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/docs-tt
Requested by
Host: 119.59.99.154
URL: http://119.59.99.154/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://docs.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/csp-report

Response headers
3643583548-viewer_css_ltr.css
docs.google.com/static/presentation/client/css/ Frame 6E0F 		338 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/static/presentation/client/css/3643583548-viewer_css_ltr.css
Requested by
Host: docs.google.com
URL: https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37667b276b322e06328c239fb31c663263d3f7903ce0a4d04b20ff8e346d82a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 09:08:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54847
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 18:07:45 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Sun, 08 Dec 2024 09:08:05 GMT
css
fonts.googleapis.com/ Frame 6E0F 		2 KB
570 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400
Requested by
Host: docs.google.com
URL: https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Dec 2023 17:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Dec 2023 16:41:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Dec 2023 17:39:38 GMT
B5tBo_r1j_VfoyJ-slJU-14uXML3dyBct1cT_-yDbLAE-AvhG7_kXnl6SYOYIZGasBOZ3qrJdITqa29LriK4vvREagSHOUXxKGNk1gvSoWByVXtRV6lwtw7K_uUnm5fs1NZ_wBh19PZdapRTjaA=s2048
lh7-us.googleusercontent.com/ Frame 6E0F 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh7-us.googleusercontent.com/B5tBo_r1j_VfoyJ-slJU-14uXML3dyBct1cT_-yDbLAE-AvhG7_kXnl6SYOYIZGasBOZ3qrJdITqa29LriK4vvREagSHOUXxKGNk1gvSoWByVXtRV6lwtw7K_uUnm5fs1NZ_wBh19PZdapRTjaA=s2048
Requested by
Host: docs.google.com
URL: https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
63c06baaeab45540486b94e970416577829b18bc2ca721e971492de4411f7fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 17:39:39 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="PR.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1447857
x-xss-protection
0
expires
Mon, 11 Dec 2023 17:39:39 GMT
3567171228-viewer_core__de.js
docs.google.com/static/presentation/client/js/ Frame 6E0F 		1021 KB
354 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/static/presentation/client/js/3567171228-viewer_core__de.js
Requested by
Host: docs.google.com
URL: https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd57f27f9e902f0281dd5fa26ae9a4339117ea19797e091510472da4c60792b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:40:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
361801
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 18:07:45 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Sat, 07 Dec 2024 20:40:10 GMT
css
fonts.googleapis.com/ Frame 6E0F 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans
Requested by
Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/css/3643583548-viewer_css_ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Dec 2023 17:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Dec 2023 17:22:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Dec 2023 17:39:38 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://docs.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://docs.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 10 Dec 2023 17:39:39 GMT
expires
Sun, 10 Dec 2023 17:39:39 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 6E0F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/3567171228-viewer_core__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 10 Dec 2023 17:39:39 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://docs.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 10 Dec 2023 17:39:39 GMT
naLogImpressions
docs.google.com/presentation/ Frame 6E0F 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/presentation/naLogImpressions?id=e%2F2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL&includes_info_params=1
Requested by
Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/3567171228-viewer_core__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-LZySLzfOeyN0wT24xps5AQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:

Request headers

X-Same-Domain
1
Referer
https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 17:39:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-LZySLzfOeyN0wT24xps5AQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
x-l2-request-path
l2-managed-4
server
GSE
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 1990 00:00:00 GMT
_lcfm5R7J_evg9wzg_qSd-SyM-she0Vx_eRZbZTi7PrKDsaPFoSSA8tOYtXocAfivdopw4GyTSe9O0ELeqiiBahI5dy_700rC5wqL13eL-2E_cvLsaPcyj9e6eavnfzVkQq6T8avwKpMxPPcm90=s2048
lh7-us.googleusercontent.com/ Frame 6E0F 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh7-us.googleusercontent.com/_lcfm5R7J_evg9wzg_qSd-SyM-she0Vx_eRZbZTi7PrKDsaPFoSSA8tOYtXocAfivdopw4GyTSe9O0ELeqiiBahI5dy_700rC5wqL13eL-2E_cvLsaPcyj9e6eavnfzVkQq6T8avwKpMxPPcm90=s2048
Requested by
Host: docs.google.com
URL: https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal&slide=id.g32d4ca622714376_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
02b989d7b0bc5424d5921d79b917a9b05363b4950d9dfa96c6a737dcca9cf12d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 17:39:39 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasted image 0.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48796
x-xss-protection
0
expires
Mon, 11 Dec 2023 17:39:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6E0F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: docs.google.com
URL: https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal&slide=id.g32d4ca622714376_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
Origin
https://docs.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
238363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 23:26:56 GMT
netcheck.gif
ssl.gstatic.com/docs/common/ Frame 6E0F 		43 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/docs/common/netcheck.gif?zx=xkrpbwfsyqx3
Requested by
Host: docs.google.com
URL: https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal&slide=id.g32d4ca622714376_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 17:39:39 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
pragma
no-cache
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Fri, 01 Jan 1990 00:00:00 GMT
616907452-viewer_app__de.js
docs.google.com/static/presentation/client/js/ Frame 6E0F 		201 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/static/presentation/client/js/616907452-viewer_app__de.js
Requested by
Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/3567171228-viewer_core__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd2e1aaf4dfe2147986baba5857c3f0d04e48e5df2848b268fd77ac0bb3f8601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal&slide=id.g32d4ca622714376_0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 16:34:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
180
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 18:07:45 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Sat, 07 Dec 2024 16:34:36 GMT
616115063-viewer_help__de.js
docs.google.com/static/presentation/client/js/ Frame 6E0F 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/static/presentation/client/js/616115063-viewer_help__de.js
Requested by
Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/3567171228-viewer_core__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c01b9def5cbe6355d9f4f571ca455d7be87420efada7e3c27d90f39fc60108f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal&slide=id.g32d4ca622714376_0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:32:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23791
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 18:07:45 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Sun, 08 Dec 2024 07:32:05 GMT
search-white.png
ssl.gstatic.com/ui/v1/button/ Frame 6E0F 		275 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/ui/v1/button/search-white.png
Requested by
Host: docs.google.com
URL: https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal&slide=id.g32d4ca622714376_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4529bb647d07fbc3a858bd39fe0aff051dd7b5ccba99c7cea5a307fdd7f4241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 09:43:35 GMT
x-content-type-options
nosniff
age
114964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gstatic-ui-assets
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
275
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"gstatic-ui-assets","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gstatic-ui-assets"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="gstatic-ui-assets"
expires
Sun, 08 Dec 2024 09:43:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://docs.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://docs.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 10 Dec 2023 17:39:41 GMT
expires
Sun, 10 Dec 2023 17:39:41 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 6E0F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/3567171228-viewer_core__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 10 Dec 2023 17:39:42 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://docs.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 10 Dec 2023 17:39:42 GMT
naLogImpressions
docs.google.com/presentation/ Frame 6E0F 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/presentation/naLogImpressions?id=e%2F2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL&includes_info_params=1
Requested by
Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/3567171228-viewer_core__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-bfYUDAQ0Hz79Ufu7uH5kjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:

Request headers

X-Same-Domain
1
Referer
https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal&slide=id.g32d4ca622714376_0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 17:39:42 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-bfYUDAQ0Hz79Ufu7uH5kjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
x-l2-request-path
l2-managed-4
server
GSE
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL
chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=ZfppIPZnw00toiDlp_2KEKRysjTQtbxTNCayAycx9cX0BoipUFzNYI7D54mrfz3xUJUh27Pbnhtlh1ZJbfyztuoIOoNNI3Clks5OZf7xZesBbJ8o4IicgwM0mUi1XPyfji6T9ciZl8SMNgjQap6nQi4KXcBkkpwsqNr03SsgeUg

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
rendering warning URL: https://docs.google.com/presentation/d/e/2PACX-1vTOuTCX3D-oTXAtW3BkwDfyHchWfEuZ88DQiyF18CEa20eJRVncfJNWLCKR6tcV51HRRZemcllFlbYL/embed?start=true&loop=true&delayms=12000&rm=minimal
Message:
The key "target-densitydpi" is not supported.
network error URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js
Message:
Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
csp.withgoogle.com
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
lh7-us.googleusercontent.com
play.google.com
ssl.gstatic.com
www.skr.ac.th
ghbmnnjooekpmoecnnnilnnbdlolhkhi
119.59.99.154
2606:4700::6811:180e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2011
2a00:1450:4001:831::200a
2a06:98c1:3120::3
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
02b989d7b0bc5424d5921d79b917a9b05363b4950d9dfa96c6a737dcca9cf12d
14baccfcfdc4d17bb013d91b4cff89be2111ccece21a225a1fbc645a90de5b1e
1ba481167493038d53795517b04f2f16e5ce7caad8b5485f687a2e83440f704c
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
28a9db6814a08a53ca405371951af93743eb129a887f8f108af95711992d02fb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32dbeb559d882d9cc0d063add8ba9958d37edd7662fc97e88709d25aa6433010
3406fb339d2d7f2b28d01359fc7a7fcb504da4e487e9077dbfd504e589794d11
37667b276b322e06328c239fb31c663263d3f7903ce0a4d04b20ff8e346d82a0
3ac1284ea462b2dd833a344e2414fbe59475f820de9d84487890da415d6c2fe0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
403dac580c2e01242a0bfe6bb0c940ace1b1466ecd631c9e8a3cee1a72fb78e3
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
63c06baaeab45540486b94e970416577829b18bc2ca721e971492de4411f7fda
6add82cbe53848f60840bec0600088fb04e3660fca1b66cce32e6207959d0fb7
726107241856c15ade28d7e3668323e50e88180b000a4027534c38b2fffdcd15
886511daa374ad798898720c0fedb1dfcf0c89efb0922c523ba27edfced6d5ed
8921a1e8f2069cf7a941018a606d6812f7308bacae8198b42895790767771cae
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9c8f96fc237d4469b6e37c6db0df31e7586fda08ae545d2e74ef63ad620307c0
af104c6c33f7491b52977735c25e17d9393738c35072eecce647bc5f864fc0fe
b0347f4b561af6706433470e13f2a00ba04e1e09ea65e8c669a7b3622b5ab5e5
bd2e1aaf4dfe2147986baba5857c3f0d04e48e5df2848b268fd77ac0bb3f8601
bd57f27f9e902f0281dd5fa26ae9a4339117ea19797e091510472da4c60792b5
c01b9def5cbe6355d9f4f571ca455d7be87420efada7e3c27d90f39fc60108f0
c4529bb647d07fbc3a858bd39fe0aff051dd7b5ccba99c7cea5a307fdd7f4241
ca4128e3f19540f9eb94829a06418be068555c01dd727bc9d4a64a17f91f1a9e
cc8c4e5ad1e4a47dfb79f6ab2af5d05c87ee185499d5881232b8908a35eefb9e
e0269f0528b0f89df761cba791887767a954f5293bb4601b58c8f0d7bcc44bf3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e63aaea3575370867626a682ebc4ef4f8b10a087b69d1b718e027ba3ea565f
fa97288db0bfc7c51f5db2b1cc20f69ed0bfa206fabaf1145611d7e273e1bed9