urlscan.io logo urlscan.io
SecurityTrails logo

docs.google.com Open in urlscan Pro
2607:f8b0:4004:c1f::8a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rb.gy/uflckd
Effective URL: https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv...
Submission: On October 27 via manual from GB — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 17 HTTP transactions. The main IP is 2607:f8b0:4004:c1f::8a, located in Washington, United States and belongs to GOOGLE, US. The main domain is docs.google.com. The Cisco Umbrella rank of the primary domain is 118.
TLS certificate: Issued by WR2 on October 7th 2024. Valid for: 3 months.
This is the only time docs.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.233.95.182 14618 (AMAZON-AES)
1 1 52.173.151.229 8075 (MICROSOFT...)
1 1 104.21.15.56 13335 (CLOUDFLAR...)
7 172.67.68.246 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
17 8
1    3.233.95.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-95-182.compute-1.amazonaws.com
rb.gy
1    52.173.151.229 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
imagehub.fun
1    104.21.15.56 (None, )

ASN13335 (CLOUDFLARENET, US)
grabify.world
7    172.67.68.246 (United States)

ASN13335 (CLOUDFLARENET, US)
grabify.link
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2607:f8b0:4004:c09::9b (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2607:f8b0:4004:c1f::8a (Washington, United States)

ASN15169 (GOOGLE, US)
docs.google.com
play.google.com
2    2607:f8b0:400d:c03::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:400d:c0d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
themes.googleusercontent.com
1    2607:f8b0:400d:c07::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
Apex Domain
Subdomains		 Transfer
7 grabify.link
grabify.link
68 KB
3 google.com
docs.google.com — Cisco Umbrella Rank: 118
play.google.com — Cisco Umbrella Rank: 17
46 KB
2 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
23 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
3 KB
1 googleusercontent.com
themes.googleusercontent.com — Cisco Umbrella Rank: 10045
1 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
52 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
1 grabify.world
grabify.world
814 B
1 imagehub.fun
imagehub.fun
375 B
1 rb.gy
rb.gy — Cisco Umbrella Rank: 104661
176 B
17 10
Domain Requested by
7 grabify.link grabify.link
static.cloudflareinsights.com
2 play.google.com docs.google.com
2 fonts.googleapis.com docs.google.com
1 ssl.gstatic.com
1 fonts.gstatic.com fonts.googleapis.com
1 themes.googleusercontent.com docs.google.com
1 docs.google.com grabify.link
1 pagead2.googlesyndication.com grabify.link
1 static.cloudflareinsights.com grabify.link
1 grabify.world 1 redirects
1 imagehub.fun 1 redirects
1 rb.gy 1 redirects
17 12

This site contains links to these domains. Also see Links.

Domain
drive.google.com
support.google.com
Subject Issuer Validity Valid
grabify.link
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub
Frame ID: D11650FB619CF8FE0E35CC0DA4BDDCD7
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hello i would like you to translate this text thanks

Page URL History Show full URLs

  1. https://rb.gy/uflckd HTTP 301
    https://imagehub.fun/image.php?id=5FGK28.link HTTP 302
    https://grabify.world/image.php?id=5FGK28.link HTTP 302
    https://grabify.link/image.php?id=5FGK28.link Page URL
  2. https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

8
IPs

2
Countries

200 kB
Transfer

558 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rb.gy/uflckd HTTP 301
    https://imagehub.fun/image.php?id=5FGK28.link HTTP 302
    https://grabify.world/image.php?id=5FGK28.link HTTP 302
    https://grabify.link/image.php?id=5FGK28.link Page URL
  2. https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://rb.gy/uflckd HTTP 301
  • https://imagehub.fun/image.php?id=5FGK28.link HTTP 302
  • https://grabify.world/image.php?id=5FGK28.link HTTP 302
  • https://grabify.link/image.php?id=5FGK28.link

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
image.php
grabify.link/
Redirect Chain
  • https://rb.gy/uflckd
  • https://imagehub.fun/image.php?id=5FGK28.link
  • https://grabify.world/image.php?id=5FGK28.link
  • https://grabify.link/image.php?id=5FGK28.link
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grabify.link/image.php?id=5FGK28.link
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b8b4bfdb7b48553cfc8f97c1b8489c3b4f818085bd7cf0a5cc77374b79a1871

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8d95a754bba6c439-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 27 Oct 2024 21:07:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4LRfHMZkKXyJ4FESAVffGFFNIZw954%2FOtPWhAKs9PHcVmmcojKjshHf00G8bwYxMFawa5%2Bu2owPotCuzARY9RJh8PQ0rEmBXQ0BF9vgil7Fle2hqpg6MuFgsyS%2F1kA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfExtPri
vary
Accept-Encoding
x-ratelimit-limit
15
x-ratelimit-remaining
14

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8d95a75459378ce9-EWR
content-length
143
content-type
text/html
date
Sun, 27 Oct 2024 21:07:05 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://grabify.link/image.php?id=5FGK28.link
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0RhSsArg8668h55hVsxNRU1BHpf7I%2B1ELzFj759B1FVttnZY70JvfvOjCBCNugYwBA79EG2DSt3dRixG3mj%2BRkiL7a%2BfW5lezOOlh1eJwVQ5U8nbJJKRf6aDJvTtkj2k"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=7548&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3992&recv_bytes=2312&delivery_rate=528973&cwnd=253&unsent_bytes=0&cid=899575862fc43b07&ts=47&x=0"
vary
Accept-Encoding
ads.js
grabify.link/js/ 		19 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/ads.js
Requested by
Host: grabify.link
URL: https://grabify.link/image.php?id=5FGK28.link
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

cf-bgj
minify
etag
"16-60f850cd8071e"
age
1870
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e114x36u%2F6Hy%2Bcp3R7JfoeHRPeSl78BXeO8%2BFD%2FagXsbJIP8DQe3B42RPq5qCUTXCW9i2QGoD6DScO3nX0v2gipTtCTSqJpqo6IfCVF%2F6cnNdSiKvZTRgUAEi4eYDA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=22
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 27 Oct 2024 21:07:06 GMT
content-type
application/javascript
last-modified
Mon, 22 Jan 2024 08:59:40 GMT
vary
Accept-Encoding
priority
u=1,i=?0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d95a75c7de6c439-EWR
accept-ranges
bytes
content-length
19
server
cloudflare
jquery-2.5.1.min.js
grabify.link/js/ 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2
Requested by
Host: grabify.link
URL: https://grabify.link/image.php?id=5FGK28.link
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d722af8b87bd93421c59daea6b9db2c6f6de05f37c4d1006914fd5b90aab35

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"2abfe-621448eba4ea5-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yrwBwd7m9xRfJuH33gD5%2FGcK%2Fgq5o4qRr6GlAR8SYTyrQNO6CcAqNToQjNrFMPfPEOyUBd2oNbWGaMmSGrh0vYEEal%2BXodLyhHenIhBBN8Z%2BQyXweMSbFg6YHj%2FQSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d95a75c7de9c439-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 27 Oct 2024 21:07:06 GMT
content-type
application/javascript
last-modified
Wed, 04 Sep 2024 05:36:36 GMT
vary
Accept-Encoding
priority
u=1,i=?0
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: grabify.link
URL: https://grabify.link/image.php?id=5FGK28.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin
https://grabify.link
Referer

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8d95a75cb8974304-EWR
access-control-allow-origin
*
date
Sun, 27 Oct 2024 21:07:06 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
jquery-2.5.2.min.js
grabify.link/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/jquery-2.5.2.min.js
Requested by
Host: grabify.link
URL: https://grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
436ae55ed035770051c68a8e3443555c521ccb7920ee05d0bd6041329f6ea326

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"317a-621448ec4be89-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAvbhpf4pKqmIGRpcQpOfOjziEwrNJSZjAf8NYDHgiq%2Bxk6Hn0GCCqVhcvvREI78dJjCkHvkl%2Bj4NWlU2kGlkGz%2FR7GknTAicZsYevtPn7C3j2iG4iFmRjyWhgFk0w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 27 Oct 2024 21:07:07 GMT
content-type
application/javascript
last-modified
Wed, 04 Sep 2024 05:36:37 GMT
vary
Accept-Encoding
priority
u=3,i=?0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d95a7622d9ac439-EWR
accept-ranges
bytes
content-length
4510
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: grabify.link
URL: https://grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbcd358381d90f27203179a58a274d7d1177bb7874b03bdc0a81c305202db32e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

content-encoding
br
etag
7750419390476104938
x-content-type-options
nosniff
expires
Sun, 27 Oct 2024 21:07:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 27 Oct 2024 21:07:07 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53184
x-xss-protection
0
server
cafe
rum
grabify.link/cdn-cgi/ 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grabify.link/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
content-type
application/json
Referer

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8d95a76498aac439-EWR
access-control-allow-origin
https://grabify.link
date
Sun, 27 Oct 2024 21:07:07 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
grabify.link/ 		22 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://grabify.link/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00b8cd633d0a635c5840a2ae401724999d670fad974758220521143263b8d21

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"576e-5f5e6e55d2ad7"
age
3517
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MBsumxz3W75dMWXWO6YJfd2BMIFAv6Texdp2Tk%2BtzWEENYpM830lT070YxMw%2ByReCqELQSXNySK5uihs8SBSevxubAJ9PhBFWiFWLSlNEG%2BdH31uK2ZvOsL1LfNI3w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d95a76498acc439-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 27 Oct 2024 21:07:07 GMT
content-type
image/vnd.microsoft.icon
last-modified
Thu, 02 Mar 2023 08:48:42 GMT
vary
Accept-Encoding
priority
u=1,i
js
grabify.link/api/ 		16 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grabify.link/api/js
Requested by
Host: grabify.link
URL: https://grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

X-CSRF-TOKEN
rBp9UzxitRqIGqNOW1ePJHmjfwMGCaLxplHkBM4o
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-type
application/x-www-form-urlencoded
User-Agents
ckJwOVV6eGl0UnFJR3FOT1cxZVBKSG1qZndNR0NhTHhwbEhrQk00bw==

Response headers

cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FCAbxl3nQBiczsydQu%2FctgUFyS%2Bv2N4qgNsMoCrZ84okOn18LwhFqodLR%2BMObz0uil6vd7Dr4rW3BKxFPzPqTUBQGY4c7r5R6hek0gIGkygaW8X0kkCOWeAdVLtLwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-ratelimit-remaining
8
cf-ray
8d95a765ca06c439-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 27 Oct 2024 21:07:08 GMT
x-ratelimit-limit
10
content-type
application/json
server
cloudflare
priority
u=1,i
Primary Request pub
docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/ 		114 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub
Requested by
Host: grabify.link
URL: https://grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
563e41fdaa9f91c0b45499e3e2de78e0452148f16c075b2a2ed01a7ff4ff546b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-TmnCSWHSViEwrWrusaadXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Reduced
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'none';report-uri https://docs.google.com/document/cspreport;script-src 'report-sample' 'nonce-TmnCSWHSViEwrWrusaadXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
content-type
text/html; charset=utf-8
date
Sun, 27 Oct 2024 21:07:08 GMT
expires
Sun, 27 Oct 2024 21:07:08 GMT
origin-trial
Arlbm3aYP4F8jryBe5TXZ49CJDmGTgEpjkLwYKtvJpvg65pxTRq/0LtrY3S/FMwogUWu6GvOhoCX1WWtJ8wVXQkAAABpeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlVzZXJBZ2VudFJlZHVjdGlvbiIsImV4cGlyeSI6MTY1MDQxMjc5OSwiaXNTdWJkb21haW4iOnRydWV9,AkelR2Z6goRvgb0wFhWpw1XHmsXA4wp5nA4L2zOZhcxBenM8w6ceB+Q54iFgXclpJUWY6RsUfri12O+Hq4jtJgUAAABieyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkVkaXRDb250ZXh0IiwiZXhwaXJ5IjoxNzA5NjgzMTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
referrer-policy
strict-origin-when-cross-origin
reporting-endpoints
default="/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/web-reports?bl=editors.documents-frontend_20241015.02_p3&castg=2&casstm=1729691542127&context=eJwV0HtYzdkaB_Dl91vvD7W7KkZEKIRMhXEppXZ7T3VEY2j9NC6jC6fh1KgwLoOajueIjlNj5JZ2N91sGqbHJTQuuTZoEDozRo5rF46yU5up8z1_fJ611rve513vuywqHO3NEWybIlhYH8FyYYOlYEY4phEswFawAhhiL9goR8G0cBGW9BeseoBg4z4SrBTCnASzHyRYxGDBCocIFjdUsPfDBYsZIZhmpGDOcBbejxHMapxgdlACYz0Eyxov2BYvwfSTBEuHndDziWCzJwt2e4pgT8DfT7DP5qEHVbDJcCtSsEeQu0iwe0sEew59YwQbCHdjBZu4XLAgaF6FN8HjG8wC9zcL9gJKUgQ7ATdSBXsIQd8JNhemZAgWDOm7BNsLbtmCTYLu3YJZ7xEsdT_6hfs5qAOpuTjDOINgvrCvULByuGYUrAEcKgRzhZOVgl2F388I1grDLgnmBd9CBoRcEWw-BFzHnKCvxV_CHiiFMbcEmwaV9YLVQDvI9wT75wPBDkBRA-7gJFyF8w8F-xWGNAo2HrKfCFYMNk8FGwpH4Txcgnp4_kKwdxDVJlgiPIMOiLJR2c9wCzS2KhsMzweoLNRJZZFgO1FlLrD4E5UlQRVch71TVVYG9fAM-oapzC9cZbNgJ2z5XGW74LiqssZIlaUsVFkmBCxR2WdwLkpldWCbhPowN1llWzciB57BK3DbpDIPuADX4T48glYwwR-OdSxyTLMUBdsXvJF2QsOyN9Jj-PuFN1IGLHvcJiXAwI_bpWEQHtEuqXBkvEk652mShgSbpJEw71uTtBAGbzZJrjAg1SQNhY5TJqkb9teYpEK4uvydVAdrfTulFFCnd0pfQuTSTikKqtI7pQtQO69LugOT13dJ_mB_rUtygr63uiQ78LE3S1oY-J1ZGgbp28xSFnzIwmowS6fzzNKyvR-k18O7pbQ53dJ26Ojplrrh9OAe6SLMXd4jLQDPtT3SFJDW9UgWUJjI5EPQ8IjJj-GH_F5ycGEvORyGZkjyKLhskOSbcOki9rIs3wQXd1keDVVzZPkCLJ4ny8ugcossV8PVDFlOuCjLa6DtqSybYZUFl2tcuPwLtLyaxt-C_btp3Akym3z4Htj6yodnQttbH26G-tm-vP9uXz4EGg_58pewzGk6TwCXKdP5aEjPns53go2rHx8Aqyf48Y1wNsaPX4Kt8X48E-rJnz-EsB3-fB50X_HnylV_Xlrnz3-EQRNn8BHA1Bm8DwTcncHtnQO4E7wPDuAUEsDzQgN4KdxsCeB_QHVrAL8MSmAgt4bX6wN56e5A_iMcKQnk1VBbHsjvgKMxkDvDQ42Wuw7Q8nHQFK7lbXDmay2vgdertfwddG3Q8l7farlzipa7QcMRLX8MT49qeSusv63l2-D0XS2_CAubtTwWnN8gH_TDgvgsMA0P4jQiiH-jBvF_wLqvgviufUH8ILQUB_G34NURxKeCDsLgGFTBbWcd_zf8NlLHW2DCKB3Xwr5oHb8ThzjkrNTxIpixWseDwSJTx-0h2qjjaWd1fDscuKzjAb_qeAgceqbjP8EZFz2vgRWT9DwZnk7WcxO0L9bz92BeoucWUXo-YYee-8Bex2B-BeKdg_lGSIUsGBsRzCdA1rJgfu9AMG-EEfXB3AO-6BfCo-GqQwh_AFUfhfAa6L0uhNtATO9QvgLSLUJ5FpTPzqV-n-fSILh4PJdqwaE2l1zB-kYuFf2eS5XwcV8D-YNLpIFGw8BYAw37v80G8oLG7w20psBAOacMVATxVQZaDdOrDaQDq7cGcoTkDgOlQVmngY5Cdq88KoZNX-TRDhi5KI9u5OTRQ0g8kUfrYMwveeQNs3ryKAI8--XTFHi0IJ9egGZ_PjmAW04-eUBJYT5VQF1bPn2fWED7wJBZQBVgbi4gqaWA4l4X0ErgUiE5QOSKQoqC2iFFdAfc44uoKK2IjCD_VET1oQep5y8HqffMg3Tt2EFqgBNnDtJ5mG8spiVw7j_FVAeZQ0uov28JjYSbKSX0AJTKErKGOdlltAD8mspID5oPZeQAeX-WUSmcHFRO5-CARzmVgPOscnIDFl5OfaBvbDnZgfvGcpoAbrvKyQOyKsspH7akH6J_weiaQ7SBGykNprsbSQcjxhppLGRPMlIxHP3KSKdg5lojzYUrxUa6BVYnjOQISSeNtB5c3hvJE8rDDtMxGB59mMaAKeEwFfk1kRH2xzZRITgmNJEbFGc00RHQ2jWT6-xmmggJC5tpDXQ8aKZuUH9rpi9hsH8LucJ_RQt1gv5UC82Cd-daqAdmuLdSOMRMaiW3-a3kAd57W2katP7cSn-CrfsbcoE5m9pIgDHUUjkKMXMslWQwC0tFUi2Va5mWSgNEFFsqi6DxiaXyEqpNlsrcLktlvhlx-NRLowjo0WmU3nqN0rVQo5TEa5QKuLROo9TDrGyNEgHt-zRKJ_Ts1yg2ORolN9FKKYbgSislHB4dt1JeQMRpK8V1qbUyDnanWisG6LPDWrEFm2prZcN1ayXnqY3i1W6jTIWKmbbKyuW2yqfhdkrKSztlka294hNlr9hr-nyoN59QbHc_-CFNcnIMXxW1Ii7pr7ExEXGxawKik-MS4iO8h7vHxsQlJyQmjY9JiF71t9j45CSPpYkJ8cmx8TGLvT29J3p5ek0a7-m9-OsJ_wNIsvfD&build-label=editors.documents-frontend_20241015.02_p3&imp-sid=CLfJtOG7r4kDFX0PqQEd3zElpA&is-cached-offline=false"
server
GSE
x-content-type-options
nosniff
x-l2-request-path
l2-managed-5
x-robots-tag
noindex, nofollow, nosnippet
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans
Requested by
Host: docs.google.com
URL: https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f94e557d603c4cf7f1e7f7cefe9435e381248bb1e8b596e3c586b69b105b8d9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://docs.google.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 27 Oct 2024 21:07:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 27 Oct 2024 21:07:08 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 27 Oct 2024 20:53:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		3 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: docs.google.com
URL: https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c03::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e80ee5963bb7d6bbf9d6974d4c0ae2e34c6bb6c867c31135921613bec5132eb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://docs.google.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 27 Oct 2024 21:07:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 27 Oct 2024 21:07:08 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 27 Oct 2024 19:21:43 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
themes.googleusercontent.com/fonts/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://themes.googleusercontent.com/fonts/css?kit=OPeqXG-QxW3ZD8BtmPikfA
Requested by
Host: docs.google.com
URL: https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e80ee5963bb7d6bbf9d6974d4c0ae2e34c6bb6c867c31135921613bec5132eb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://docs.google.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 27 Oct 2024 21:07:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 27 Oct 2024 21:07:08 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 27 Oct 2024 21:07:08 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
log
play.google.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://docs.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://docs.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 27 Oct 2024 21:07:08 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ 		131 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: docs.google.com
URL: https://docs.google.com/document/d/e/2PACX-1vSY7L5hdgBFrnCbTRHcmFJa2xNp_PXfX6iVMdTa-evceBxxNfGc9ku4n3OaOTrfHOr6RRtkIeiZv-UK/pub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
cache-control
private
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sun, 27 Oct 2024 21:07:08 GMT
access-control-allow-origin
https://docs.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length
131
date
Sun, 27 Oct 2024 21:07:08 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpynAESo4.woff2
fonts.gstatic.com/s/googlesans/v61/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v61/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpynAESo4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
242b05340026659ad62dbae6120ae7e59240a19122c04327a478d51a6e8184b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin
https://docs.google.com
Referer
https://fonts.googleapis.com/

Response headers

age
243039
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 25 Oct 2025 01:36:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 01:36:29 GMT
last-modified
Mon, 12 Aug 2024 17:15:29 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21344
x-xss-protection
0
server
sffe
kix-favicon-2023q4.ico
ssl.gstatic.com/docs/documents/images/ 		24 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/docs/documents/images/kix-favicon-2023q4.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d45292eef3c671fcafb8ce679c08fcced09a3835e46f9ed51c7fa9af2e0e11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://docs.google.com/

Response headers

content-encoding
br
age
270756
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
x-content-type-options
nosniff
expires
Fri, 24 Oct 2025 17:54:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 17:54:32 GMT
last-modified
Mon, 30 Oct 2023 14:18:00 GMT
content-type
image/x-icon
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
content-length
1821
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| DOCS_timing object| DOCS_drawing_load object| DOCS_drawing_decode function| _DOCS_record_fn function| DOCS_record_drawing_load function| _F_toggles_initialize function| k function| aa function| ba object| ca function| da function| m function| ha function| p object| q object| ia function| r function| ja function| ka function| t function| x function| y function| z function| na function| E function| F function| G function| B function| ra function| sa function| ta function| ua function| va function| D function| xa function| oa function| qa function| pa function| za function| Aa function| Ba function| Ca function| ya function| wa function| C function| A function| ma function| I function| u function| Da function| H function| J function| Ga function| K function| L function| M function| w function| v function| Ha function| Ia function| Ja function| La function| Ka function| Oa function| Ma function| Pa object| Ua object| Ya object| Za object| $a object| ab object| bb object| cb object| db object| P object| fb function| gb function| Q function| hb function| ib function| jb function| Ra function| kb boolean| Qa function| ob function| R function| pb object| qb function| sb function| S object| tb function| ub function| vb function| U object| wb object| xb function| yb function| zb function| Ab function| Bb boolean| Cb function| V string| Db number| Eb function| Fb function| Gb function| Hb string| Ib object| Jb number| Kb function| Lb function| Ob function| Qb function| Mb function| Tb function| Rb function| Sb function| Pb string| Ub function| Nb function| W object| Vb function| Wb function| Xb function| Yb object| X object| Y string| Z object| _F_toggles function| DOCS_installLinkReferrerSanitizer object| _docs_flag_initialData object| _pubi function| DOCS_initPublishImpressionTracker function| DOCS_notifyDrawingLoad function| DOCS_notifyDrawingDecode

3 Cookies

Domain/Path Name / Value
grabify.link/ Name: XSRF-TOKEN
Value: eyJpdiI6Iit5ZGRsWHNORXJDSS9UV2FJMzVTUHc9PSIsInZhbHVlIjoib0FYcHVpNlNzWUJ3ZG85a2RwNm5ENm1OL0V0MUloWENtN29sQTgxaGEwTnVJZnVyRWFKQ1oxMm11YjZRVldjelNiNDd2b2F6MlZrU2NMclFjZGpZa3RGdTFpUDRySnVmSjJwdkFiNVNjNXkvOXlIeUkwRTMyY2w2TGUxKy9ZWmciLCJtYWMiOiI3NGIyZTI0YjRjNGExZDgxYzdkOTk3MmY2YTM5ODAyMWJkMjM4ZmRkOTgzNDk2MWM1MzI1NGJlN2ZlNzM2MDAwIiwidGFnIjoiIn0%3D
grabify.link/ Name: g_session
Value: eyJpdiI6IiszaTVaemg4R3laYmlBUktkTDZJSFE9PSIsInZhbHVlIjoia0trc1BBellKcW5kdzNrK0tRdkdBbHdqcGo2K00rY00zTyszT2tiK2c1WTE3RTBMWUtuUVEyWGEyZGFiYVJVNjUzcmtZU05ublFWQjJUbDZWakp6UjhaOEI5S2ljSjlmclBvMGdGWnlJelQrSU02VVRnL1lHQ3hEdm1nMVQ3ZnAiLCJtYWMiOiI0MDA1Y2VhNDY0Y2JjNjE1MDIwZmM0NDYyZDU2ZWQzMjAwYTgxNzdmMGI3ZDU4M2U5ODVjMTlmMzY0ZDMzY2ZlIiwidGFnIjoiIn0%3D
.google.com/ Name: NID
Value: 518=IonC0VvuHSs9u4UL0-MOO5ExteKT8Yb_30dnIzVKUOWwKn914a9-Y1e7TOQofBO_mx29DNameux2IDbD7SHTGuC88gaeK7QEt6v5tPBo6twpOvjhboUUSn-3TytWNjOvhB2-hTmhMty8QJdUwEgatXsSW72p6AafOHy24fJ0Qe9tjZ-tPph3P5hUqnQJxTs

1 Console Messages

Source Level URL
Text
rendering warning URL: https://grabify.link/image.php?id=5FGK28.link
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A060F700A4140000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

docs.google.com
fonts.googleapis.com
fonts.gstatic.com
grabify.link
grabify.world
imagehub.fun
pagead2.googlesyndication.com
play.google.com
rb.gy
ssl.gstatic.com
static.cloudflareinsights.com
themes.googleusercontent.com
104.21.15.56
172.67.68.246
2606:4700::6810:5049
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c09::9b
2607:f8b0:4004:c1f::8a
2607:f8b0:400d:c03::5f
2607:f8b0:400d:c07::5e
2607:f8b0:400d:c0d::84
3.233.95.182
52.173.151.229
242b05340026659ad62dbae6120ae7e59240a19122c04327a478d51a6e8184b4
38d722af8b87bd93421c59daea6b9db2c6f6de05f37c4d1006914fd5b90aab35
3d45292eef3c671fcafb8ce679c08fcced09a3835e46f9ed51c7fa9af2e0e11f
436ae55ed035770051c68a8e3443555c521ccb7920ee05d0bd6041329f6ea326
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
563e41fdaa9f91c0b45499e3e2de78e0452148f16c075b2a2ed01a7ff4ff546b
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a
7b8b4bfdb7b48553cfc8f97c1b8489c3b4f818085bd7cf0a5cc77374b79a1871
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
b00b8cd633d0a635c5840a2ae401724999d670fad974758220521143263b8d21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80ee5963bb7d6bbf9d6974d4c0ae2e34c6bb6c867c31135921613bec5132eb8
f94e557d603c4cf7f1e7f7cefe9435e381248bb1e8b596e3c586b69b105b8d9a
fbcd358381d90f27203179a58a274d7d1177bb7874b03bdc0a81c305202db32e