www.amazingcovidremedy.com Open in urlscan Pro
2a00:1450:4001:811::2013  Public Scan

Submitted URL: http://amazingcovidremedy.com/
Effective URL: https://www.amazingcovidremedy.com/
Submission Tags: falconsandbox
Submission: On February 10 via api from US — Scanned from DE

Summary

This website contacted 8 IPs in 2 countries across 4 domains to perform 52 HTTP transactions. The main IP is 2a00:1450:4001:811::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.amazingcovidremedy.com.
TLS certificate: Issued by GTS CA 1D4 on January 28th 2022. Valid for: 3 months.
This is the only time www.amazingcovidremedy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
34 gstatic.com
www.gstatic.com
ssl.gstatic.com
fonts.gstatic.com
4 MB
11 google.com
apis.google.com — Cisco Umbrella Rank: 86
docs.google.com — Cisco Umbrella Rank: 106
www.google.com — Cisco Umbrella Rank: 2
196 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
4 KB
4 amazingcovidremedy.com
amazingcovidremedy.com
www.amazingcovidremedy.com
11 KB
52 4
Domain Requested by
21 www.gstatic.com www.amazingcovidremedy.com
www.gstatic.com
docs.google.com
www.google.com
11 fonts.gstatic.com fonts.googleapis.com
6 www.google.com docs.google.com
www.gstatic.com
5 fonts.googleapis.com www.amazingcovidremedy.com
docs.google.com
3 apis.google.com www.amazingcovidremedy.com
apis.google.com
3 www.amazingcovidremedy.com 1 redirects www.gstatic.com
2 ssl.gstatic.com www.amazingcovidremedy.com
www.gstatic.com
2 docs.google.com www.amazingcovidremedy.com
www.gstatic.com
1 amazingcovidremedy.com 1 redirects
52 9

This site contains links to these domains. Also see Links.

Domain
docs.google.com
www.google.com
Subject Issuer Validity Valid
www.amazingcovidremedy.com
GTS CA 1D4
2022-01-28 -
2022-04-28
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
*.google.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
www.google.com
GTS CA 1C3
2022-01-17 -
2022-04-11
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.amazingcovidremedy.com/
Frame ID: 4CD49BB2E92CCE1CE206BFFFA7031CA2
Requests: 18 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w/viewform?embedded=true
Frame ID: EF5BEB12F0764068AFEC3EFAD5FEA904
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&badge=inline&cb=zc6kwqfhg4n2
Frame ID: D22A8DF5C96B8333BF66048E86EFBBE2
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Frame ID: B49D2C9E71B74CDEE6DF226A1DF82D0B
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Go Top Level .COM

Page URL History Show full URLs

  1. http://amazingcovidremedy.com/ HTTP 301
    http://www.amazingcovidremedy.com/ HTTP 301
    https://www.amazingcovidremedy.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

52
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

9
Subdomains

8
IPs

2
Countries

4578 kB
Transfer

8322 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://amazingcovidremedy.com/ HTTP 301
    http://www.amazingcovidremedy.com/ HTTP 301
    https://www.amazingcovidremedy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.amazingcovidremedy.com/
Redirect Chain
  • http://amazingcovidremedy.com/
  • http://www.amazingcovidremedy.com/
  • https://www.amazingcovidremedy.com/
40 KB
10 KB
Document
General
Full URL
https://www.amazingcovidremedy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ec854b7ed9fde4d861f2a90a562815b4fd9b6478e777a4f007aa1f932dc465a
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-ZEMwCHhVGNEJ2AXxLCbALQ' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
x-frame-options
DENY
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 10 Feb 2022 04:59:25 GMT
content-security-policy
base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-ZEMwCHhVGNEJ2AXxLCbALQ' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
cross-origin-opener-policy
unsafe-none
referrer-policy
strict-origin-when-cross-origin
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

Content-Type
application/binary
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Date
Thu, 10 Feb 2022 04:59:25 GMT
Location
https://www.amazingcovidremedy.com/
Server
ESF
Content-Length
0
X-XSS-Protection
0
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
css
fonts.googleapis.com/
14 KB
964 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C600%2C700%7COpen%20Sans%3A400%2C600%2C700&display=swap
Requested by
Host: www.amazingcovidremedy.com
URL: https://www.amazingcovidremedy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22e46524aa9cae0bdfcf63eaf00aede75ab6cf7d118de794e78ac5938bcf7583
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 04:59:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 04:59:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 04:59:26 GMT
css
fonts.googleapis.com/
16 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Requested by
Host: www.amazingcovidremedy.com
URL: https://www.amazingcovidremedy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3a01f89102cdeed8b669723430551c27b01e2f428a986c6eeae2ac5883e497a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 03:37:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 04:59:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 04:59:26 GMT
rs=AGEqA5kpltAF6IQz7kdOoe1GrEjjEtrZkg
www.gstatic.com/_/atari/_/ss/k=atari.vw.8IuBRIKHF1Y.L.W.O/d=1/
565 KB
86 KB
Stylesheet
General
Full URL
https://www.gstatic.com/_/atari/_/ss/k=atari.vw.8IuBRIKHF1Y.L.W.O/d=1/rs=AGEqA5kpltAF6IQz7kdOoe1GrEjjEtrZkg
Requested by
Host: www.amazingcovidremedy.com
URL: https://www.amazingcovidremedy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b24375f4a3c15934653b6319fd6aaacbe6ad70552565981405e4111c1baee1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 16:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87839
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 13:32:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Fri, 03 Feb 2023 16:12:10 GMT
client.js
apis.google.com/js/
13 KB
6 KB
Script
General
Full URL
https://apis.google.com/js/client.js?onload=gapiLoaded
Requested by
Host: www.amazingcovidremedy.com
URL: https://www.amazingcovidremedy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dd31546357234dd76aaca72751b382a1767279df9dda1dfcc8434a7351875cf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GQkkCzo/kpJcGQb+k5U7aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 04:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
etag
"3ad4459955aaa6382fff7e2c17b1be2d"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-GQkkCzo/kpJcGQb+k5U7aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Thu, 10 Feb 2022 04:59:26 GMT
m=view
www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=1/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/
483 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=1/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/m=view
Requested by
Host: www.amazingcovidremedy.com
URL: https://www.amazingcovidremedy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89d1fc69592b47515f918c7578f120e4668ae73351d3b4fb0b5af37950403f57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 14:50:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50954
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166292
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 13:32:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Thu, 09 Feb 2023 14:50:12 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/
311 KB
106 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb40a0de5789dfa39d78fc18f500b732ab0ba79f38ef4c892d8be42699e88350
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 05:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107961
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 03:49:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 05:51:54 GMT
viewform
docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w/ Frame EF5B
49 KB
13 KB
Document
General
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w/viewform?embedded=true
Requested by
Host: www.amazingcovidremedy.com
URL: https://www.amazingcovidremedy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e79155c59f1d1456f9859002f254fcc1aeaecbd4104dfa0c9edb669c7d43419b
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-B2L1U0Hy5GaA0gKHFuSz5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/

Response headers

content-type
text/html; charset=utf-8
x-robots-tag
noindex, nofollow, nosnippet
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 10 Feb 2022 04:59:26 GMT
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-B2L1U0Hy5GaA0gKHFuSz5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-xss-protection
1; mode=block
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
impression-header.png
ssl.gstatic.com/atari/images/
3 MB
3 MB
Image
General
Full URL
https://ssl.gstatic.com/atari/images/impression-header.png
Requested by
Host: www.amazingcovidremedy.com
URL: https://www.amazingcovidremedy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d71d2894f6cea2ac32ecd4f221857b72a826326817d8b9876694e817f48f95f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:42:57 GMT
x-content-type-options
nosniff
age
62189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2766301
x-xss-protection
0
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Thu, 09 Feb 2023 11:42:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.amazingcovidremedy.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:48:03 GMT
x-content-type-options
nosniff
age
501083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 04 Feb 2023 09:48:03 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v41/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v41/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C600%2C700%7COpen%20Sans%3A400%2C600%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.amazingcovidremedy.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 05:49:27 GMT
x-content-type-options
nosniff
age
83399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24080
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:40:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 05:49:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.amazingcovidremedy.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 14:02:00 GMT
x-content-type-options
nosniff
age
140246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 14:02:00 GMT
m=sy12,sy13,sy14,sy11,FoQBg
www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=0/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/
36 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=0/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/m=sy12,sy13,sy14,sy11,FoQBg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=1/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6f686e959463f2cb3971f1c7eb1c5258698d12c8ad791116a35b2893484a9a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:43:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12294
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 13:32:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Thu, 09 Feb 2023 17:43:29 GMT
m=MpJwZc,n73qwf,A4UTCb,qAKInc,syv,TGYpv,syq,X85Uvc,HIeYee,QxOCld,syo,YXyON,sy2e,abQiW,qEW1W,ruhlUe,KUM7Z,syr,qkPXAf,syz,sy10,zPx2U,oNFsLb,sy3d,yxTchf,sy3e,sy3f,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2...
www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=0/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/
1 MB
341 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=0/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/m=MpJwZc,n73qwf,A4UTCb,qAKInc,syv,TGYpv,syq,X85Uvc,HIeYee,QxOCld,syo,YXyON,sy2e,abQiW,qEW1W,ruhlUe,KUM7Z,syr,qkPXAf,syz,sy10,zPx2U,oNFsLb,sy3d,yxTchf,sy3e,sy3f,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2h,SM1lmd,sy6,sy7,sy5,syn,RRzQxe,syp,YV8yqd,syc,sy9,syb,syd,sy2f,sye,sya,fNFZH,sy2g,sy18,sy1g,syf,RrXLpc,cgRV2c,sy1h,o1L5Wb,X4BaPc,syx,Md9ENb,sy1a,sy1b,sy16,sy17,sy19,sy1i,KlrXId,NlqxW,sy1d,sy1f,sy1k,sy3,sy1c,sy1l,sy1m,sy1o,sy1t,sy1s,sy20,sy1j,sy1e,sy1q,sy1n,sy1r,sy1u,sy1x,sy1z,sy15,T807ad,sy1p,ZDEHrf,sy1v,sy1w,sy1y,sy21,syh,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,sy24,sy25,sy26,sy27,sy28,UYjpC,VYKRW
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=1/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
862cfdcc89b96c5e808d99efb57d4960b9f71db0367e2ba663826169f3a27327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 02:24:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95689
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
349165
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 13:32:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Thu, 09 Feb 2023 02:24:37 GMT
m=sy34,IZT63,vfuNJf,sy2x,sy31,sy35,sy3g,sy3h,siKnQd,sy2v,sy33,sy37,YNjGDd,sy36,sy38,PrPYRd,hc6Ubd,sy3i,SpsfSb,sy22,sy2d,sy2y,sy30,zbML3c
www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=0/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/
26 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=0/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/m=sy34,IZT63,vfuNJf,sy2x,sy31,sy35,sy3g,sy3h,siKnQd,sy2v,sy33,sy37,YNjGDd,sy36,sy38,PrPYRd,hc6Ubd,sy3i,SpsfSb,sy22,sy2d,sy2y,sy30,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=1/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcadef1fad02038bc090ef0aa20a3020af3cdfb38ec9e0f0553faa970e4313f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 06 Feb 2022 17:58:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298878
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9671
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 13:32:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Mon, 06 Feb 2023 17:58:08 GMT
m=sy39,NTMZac,sy2b,gJzDyc,syj,syl,HYv29e,sy2k,uY3Nvd
www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=0/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/
21 KB
8 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=0/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/m=sy39,NTMZac,sy2b,gJzDyc,syj,syl,HYv29e,sy2k,uY3Nvd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=1/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3179a4b780ba965df305ac6952afd3bfd8cee713507f889898d5f298bd5071c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 06 Feb 2022 17:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7788
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 13:32:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Mon, 06 Feb 2023 17:58:10 GMT
logImpressions
www.amazingcovidremedy.com/_/view/
16 B
219 B
XHR
General
Full URL
https://www.amazingcovidremedy.com/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=1/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.amazingcovidremedy.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 04:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=sys,syt,syu,syw,fuVYe,vVEdxc,syy,CG0Qwb
www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=0/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/
29 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=0/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/m=sys,syt,syu,syw,fuVYe,vVEdxc,syy,CG0Qwb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.K-8KM4XLg3s.O/d=1/rs=AGEqA5l98YOiSaGZvAniqv1627hfaYXvRw/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7779684be3d26c22f2470f02c2da8b24368f9941132d6fa7ee667913e6ecc3b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 06 Feb 2022 17:58:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11569
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 13:32:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Mon, 06 Feb 2023 17:58:10 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/
262 B
205 B
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_1?le=oz
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1d5e8832b409b3ee2e35a8059444b5dbab8ad53e531232d14eae70155dd15a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.amazingcovidremedy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 15:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
179
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 03:49:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 15:36:07 GMT
icon
fonts.googleapis.com/ Frame EF5B
616 B
390 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons+Extended
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w/viewform?embedded=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
005a160edf96860be9b54b2644ce4a1b660c065678bdc13ee677e3ef4bb26d8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 04:59:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 04:59:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 04:59:26 GMT
rs=AMjVe6ibYdA9s8CjQL21EQ6KWeQq-6g2LQ
www.gstatic.com/_/freebird/_/ss/k=freebird.v.Y6lgG4G9t6Y.L.W.O/d=1/ Frame EF5B
518 KB
68 KB
Stylesheet
General
Full URL
https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.Y6lgG4G9t6Y.L.W.O/d=1/rs=AMjVe6ibYdA9s8CjQL21EQ6KWeQq-6g2LQ
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w/viewform?embedded=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8b87f0a64d1d9f64654fc0a9eb5380ddee5a3c26be37b7c48300434d1009381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 16:25:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69205
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 01:35:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 16:25:02 GMT
css
fonts.googleapis.com/ Frame EF5B
13 KB
973 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w/viewform?embedded=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
87172bbb7a6dbab90eed6980f0227fce45be31f77c889a7792ce1b44b8744dbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 03:27:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 04:59:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 04:59:26 GMT
css
fonts.googleapis.com/ Frame EF5B
1 KB
461 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w/viewform?embedded=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e190d94b4ca3431096aebb0d93937f072064795173bdd9174538dafd651b59ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 03:30:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 04:59:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 04:59:26 GMT
api.js
www.google.com/recaptcha/ Frame EF5B
1000 B
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?trustedtypes=true
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w/viewform?embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f10a5e0f4412b6268a07e29e856c430f410ccf012b8e5c7c7c4265794642beb8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 04:59:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
636
x-xss-protection
1; mode=block
expires
Thu, 10 Feb 2022 04:59:27 GMT
googlelogo_dark_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ Frame EF5B
1 KB
714 B
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w/viewform?embedded=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:40:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
689
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 08 Feb 2023 18:40:30 GMT
m=viewer_base
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.frRVU_kVkpg.O/d=1/rs=AMjVe6j6jgLn2vQsDMKjaqaC0OcCpL8yNA/ Frame EF5B
346 KB
112 KB
Script
General
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.frRVU_kVkpg.O/d=1/rs=AMjVe6j6jgLn2vQsDMKjaqaC0OcCpL8yNA/m=viewer_base
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w/viewform?embedded=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb6159075d6426f19e1b767832b1822bd2b0f1667f2249ff35388a83efdf31b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 16:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114565
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 17:31:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 16:27:13 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EF5B
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.Y6lgG4G9t6Y.L.W.O/d=1/rs=AMjVe6ibYdA9s8CjQL21EQ6KWeQq-6g2LQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.Y6lgG4G9t6Y.L.W.O/d=1/rs=AMjVe6ibYdA9s8CjQL21EQ6KWeQq-6g2LQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 18:59:48 GMT
x-content-type-options
nosniff
age
122378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 15 Feb 2022 18:59:48 GMT
qp_sprite157.svg
ssl.gstatic.com/docs/forms/ Frame EF5B
116 KB
13 KB
Image
General
Full URL
https://ssl.gstatic.com/docs/forms/qp_sprite157.svg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.Y6lgG4G9t6Y.L.W.O/d=1/rs=AMjVe6ibYdA9s8CjQL21EQ6KWeQq-6g2LQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a3ec8785d722ad551123cfdd74a5130741bfb28f8961ebb0772726973609ca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 00:48:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
101477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13680
x-xss-protection
0
last-modified
Fri, 10 Dec 2021 18:38:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Thu, 09 Feb 2023 00:48:09 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame EF5B
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:40:23 GMT
x-content-type-options
nosniff
age
199143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 07 Feb 2023 21:40:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame EF5B
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:48:03 GMT
x-content-type-options
nosniff
age
501083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 04 Feb 2023 09:48:03 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame EF5B
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:31:48 GMT
x-content-type-options
nosniff
age
502058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 04 Feb 2023 09:31:48 GMT
pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v18/ Frame EF5B
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/productsans/v18/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2db6bc36808d43fa89029c652636e206fa3e889b35ecf71814ab85f8ba944af3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:32:30 GMT
x-content-type-options
nosniff
age
34016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35060
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:34 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:32:30 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame EF5B
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:56:19 GMT
x-content-type-options
nosniff
age
39787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 17:56:19 GMT
m=MpJwZc,n73qwf,sym,ws9Tlc,sy0,sy8,sy9,sya,sy1,syb,syl,sy2o,sy2p,V3dDOb,sy26,gkf10d,j2YlP,sy4,sy5,sy1f,sy1g,sy1e,OShpD,sy7,syf,syn,syc,syo,syz,sy36,A4UTCb,sy2,owcnme,sy1m,sy1o,sy2b,Sk9apb,J8mJTc,UU...
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.frRVU_kVkpg.O/d=0/rs=AMjVe6j6jgLn2vQsDMKjaqaC0OcCpL8yNA/ Frame EF5B
446 KB
138 KB
XHR
General
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.frRVU_kVkpg.O/d=0/rs=AMjVe6j6jgLn2vQsDMKjaqaC0OcCpL8yNA/m=MpJwZc,n73qwf,sym,ws9Tlc,sy0,sy8,sy9,sya,sy1,syb,syl,sy2o,sy2p,V3dDOb,sy26,gkf10d,j2YlP,sy4,sy5,sy1f,sy1g,sy1e,OShpD,sy7,syf,syn,syc,syo,syz,sy36,A4UTCb,sy2,owcnme,sy1m,sy1o,sy2b,Sk9apb,J8mJTc,UUJqVe,CP1oW,sy29,gZjhIf,sy15,sy14,syt,sy16,syd,sy17,pxq3x,syg,sy27,O6y8ed,sy2u,sy2v,sy2x,sy2k,sy2w,sy2y,Xhpexc,Q91hve,sy2i,sy2g,mRfQQ,sy30,sy2z,CFa0o,sy37,VXdfxd,sy3h,sy3i,sy3f,sy3l,sy3g,sy3j,sy3m,sy3k,sy3n,sy3o,s39S4,sy12,ENNBBf,syj,L1AAkb,cEt90b,KUM7Z,QvB8bb,bCfhJc,sy2a,sy1j,u9ZRK,pItcJd,yZuGp,aW3pY,sy2l,sy2m,sy2n,I6YDgd,sy38,N5Lqpc,syu,syp,sys,syq,syv,syw,sy18,syr,syx,syy,sy10,sy11,sy13,sy19,fgj8Rb,sy5d,yxTchf,sy5e,sy5f,xQtZb,IvDHfc,sy31,sy32,sy2t,sye,i5dxUd,sy33,sy34,sy35,sy39,sy3c,sy2s,wg1P6b,EcW08c,sy3a,sy3b,sy3d,t8tqF,p2tbsc,syi,sy1h,sy1i,sy1k,LxALBf,sy2r,sy45,sy44,vofJp,qddgKe,sy3z,SM1lmd,QwQO1b,WdhPgc,sy1q,sy1t,QMSdQb,JCrucd,ok0nye,sy1s,xmYr4,sy1b,sy2j,sy3e,sy3s,sy3p,sy3t,sy3q,sy3v,sy3w,sy3x,sy3u,sbHRWb,RGrRJf,OkF2xb,DhgO0d,ID6c7,oZECf,sy3r,sy49,sy4c,sy4d,rmdjlf,sy6,TOfxwf,A2m8uc,akEJMc,zG2TEe,yUS4Lc,v4y9Mc,KOZzeb,sy1d,sy46,sy47,sy48,sy43,sy4a,sy1c,sy42,riEgMd,sy4j,lSvzH,sy3y,oCiKKc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.frRVU_kVkpg.O/d=1/rs=AMjVe6j6jgLn2vQsDMKjaqaC0OcCpL8yNA/m=viewer_base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db8c360abe088d23f4d85ce801e1b15e8673d275b1156d42ce8e426c6b535577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 16:54:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216273
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141405
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 17:31:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://docs.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 16:54:54 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame EF5B
356 KB
140 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?trustedtypes=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
Origin
https://docs.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143107
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 19:34:44 GMT
m=SBlcU,sWGJ4b,sy1y,sy1z,sy4f,EGNJFf,iSvg6e,sy4e,uY3Nvd
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.frRVU_kVkpg.O/d=0/rs=AMjVe6j6jgLn2vQsDMKjaqaC0OcCpL8yNA/ Frame EF5B
23 KB
23 KB
XHR
General
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.frRVU_kVkpg.O/d=0/rs=AMjVe6j6jgLn2vQsDMKjaqaC0OcCpL8yNA/m=SBlcU,sWGJ4b,sy1y,sy1z,sy4f,EGNJFf,iSvg6e,sy4e,uY3Nvd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.frRVU_kVkpg.O/d=1/rs=AMjVe6j6jgLn2vQsDMKjaqaC0OcCpL8yNA/m=viewer_base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4794933ceab655892ac00210c479d4673821bcdbaba170454464bc0148d4657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 16:40:21 GMT
x-content-type-options
nosniff
age
217146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23611
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 17:31:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://docs.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 16:40:21 GMT
naLogImpressions
docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w/ Frame EF5B
0
13 B
XHR
General
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w/naLogImpressions
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.frRVU_kVkpg.O/d=1/rs=AMjVe6j6jgLn2vQsDMKjaqaC0OcCpL8yNA/m=viewer_base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-wS85ArHPxcjSggDkQQ7UNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain
1
Referer
https://docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w/viewform?embedded=true
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 10 Feb 2022 04:59:27 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-wS85ArHPxcjSggDkQQ7UNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
GSE
expires
Mon, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame D22A
42 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&badge=inline&cb=zc6kwqfhg4n2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
da7e2cfd9fe22575368dcb9bce9e92a901bd924075c652ebe5cd5bd57e568b66
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HVqL8KPelMJEFqGtt0Hd0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 10 Feb 2022 04:59:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-HVqL8KPelMJEFqGtt0Hd0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22628
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame D22A
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&badge=inline&cb=zc6kwqfhg4n2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 17:17:58 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame D22A
356 KB
140 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&badge=inline&cb=zc6kwqfhg4n2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143107
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 19:34:44 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame D22A
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&badge=inline&cb=zc6kwqfhg4n2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 04:59:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 10 Feb 2022 04:59:27 GMT
bframe
www.google.com/recaptcha/api2/ Frame B49D
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c201ecfe94e687f19c3b8d90cc083e8bfbe3aac9d777264678848b59f9b833d6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DCMVJHHQFh4RcFqgsfgVNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://docs.google.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 10 Feb 2022 04:59:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-DCMVJHHQFh4RcFqgsfgVNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame B49D
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:17:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 17:17:58 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame B49D
356 KB
140 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143107
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 19:34:44 GMT
reload
www.google.com/recaptcha/api2/ Frame B49D
37 KB
22 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
90e9425af7ab5e9f874344bea247ffa434918e1aac5443edac3a8820c435e4c6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 10 Feb 2022 04:59:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22932
x-xss-protection
1; mode=block
expires
Thu, 10 Feb 2022 04:59:27 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame B49D
600 B
627 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:52:10 GMT
x-content-type-options
nosniff
age
119237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Tue, 15 Feb 2022 19:52:10 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame B49D
530 B
558 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 05:44:53 GMT
x-content-type-options
nosniff
age
83674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 16 Feb 2022 05:44:53 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame B49D
665 B
693 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:26:47 GMT
x-content-type-options
nosniff
age
63160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 16 Feb 2022 11:26:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B49D
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 17:06:41 GMT
x-content-type-options
nosniff
age
129166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B49D
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 21:19:14 GMT
x-content-type-options
nosniff
age
200413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 07 Feb 2023 21:19:14 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B49D
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 14:17:54 GMT
x-content-type-options
nosniff
age
139293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 14:17:54 GMT
payload
www.google.com/recaptcha/api2/ Frame B49D
24 KB
24 KB
Image
General
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AGdBq247IBWdQh0Q5sXlwO44shd_lVqn0j12_WwW39Mr3uifFqHBCCIo84UDytHa3uPTafDW02fE61GJLY2tk-Y-BFTxH8n9LkJcKQm04UFAWaaciRqpamv5FyQP-BDPisSvIp7-ThM8_xLRfs18Z0WywM9l1omH0WYp5z6WMxl8axruon_WxRC-9Mup3i5beqR59F24c9gb7ZUjLkskP0r5tN8UemDz6A&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4f1762edcbff947b08ae102769dd1a9334ce09a466197a71fddccbbd0d23f4dd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 04:59:27 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24905
x-xss-protection
1; mode=block
expires
Thu, 10 Feb 2022 04:59:27 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| DOCS_timing function| _DumpException object| _docs_flag_initialData object| _docs_flag_cek function| gapiLoaded object| _at_config object| globals object| messages object| gapi object| ___jsl function| bgImgLoaded object| default_vw object| _bind object| closure_lm_83277 object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis function| MicroscopeImageMetadata object| MicroscopeMaximizeMode object| MicroscopeBackgroundStyle function| MicroscopeState function| MicroscopeSize object| MicroscopeResizeMode object| MicroscopeZoomWidgetMode function| Microscope number| closure_uid_238259659 function| _getTimingInstance function| _docsTiming

4 Cookies

Domain/Path Name / Value
.docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w Name: COMPASS
Value: spreadsheet_forms=CjIACWuJV43-57Vy5CIACqSGzQQJH_kcDIN9ttciHMSHwzX8jlwxPixvgF_pOg-lUZmRihC-05KQBho0AAlriVdpPMg3Q8LAdEKy5Uhk1GD47gzHYASHNpVuPEkgEU9HY0xZxmuXIUuSYQJNZRww5A==
.docs.google.com/forms/d/e/1FAIpQLSeeQrDZp5fLFBuaMPRY5YS929cxtio48fUQnF3LeoNa4wlK_w Name: S
Value: spreadsheet_forms=9o8iAmiMfNszQlo61B3FC6-1WCdRzZ8J-acuDI3uXgQ
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09APj96hQjJVD0iYk7pYhTEJUNkdcD2Ni-tupsLHXaFA_UH8jSAUSWS0tsGE5jAnAMimCZbK0ubgiB9hX8X7KHA3o
.google.com/ Name: NID
Value: 511=EjCU4hNd2PmXW7Z_UiuP54ZtkQOVwd7cHOXyQHMvKXx0AAEgoaTEOqb7jEF7XEMicIPYQEhK7e6xujAAh8u0TD0ELLJXL8XMTtMh_wiyCosM-CfKtw0W6sSRtWGyGdzYllFBLbNttUWgMkHzgW3I_b3J8-Xt5HAN21qeZDn2opk

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-ZEMwCHhVGNEJ2AXxLCbALQ' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazingcovidremedy.com
apis.google.com
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
ssl.gstatic.com
www.amazingcovidremedy.com
www.google.com
www.gstatic.com
2001:4860:4802:38::15
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:811::2013
2a00:1450:4001:812::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82b::200a
005a160edf96860be9b54b2644ce4a1b660c065678bdc13ee677e3ef4bb26d8d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
22e46524aa9cae0bdfcf63eaf00aede75ab6cf7d118de794e78ac5938bcf7583
2db6bc36808d43fa89029c652636e206fa3e889b35ecf71814ab85f8ba944af3
2dd31546357234dd76aaca72751b382a1767279df9dda1dfcc8434a7351875cf
3a3ec8785d722ad551123cfdd74a5130741bfb28f8961ebb0772726973609ca9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4f1762edcbff947b08ae102769dd1a9334ce09a466197a71fddccbbd0d23f4dd
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ec854b7ed9fde4d861f2a90a562815b4fd9b6478e777a4f007aa1f932dc465a
7779684be3d26c22f2470f02c2da8b24368f9941132d6fa7ee667913e6ecc3b6
7b24375f4a3c15934653b6319fd6aaacbe6ad70552565981405e4111c1baee1b
862cfdcc89b96c5e808d99efb57d4960b9f71db0367e2ba663826169f3a27327
87172bbb7a6dbab90eed6980f0227fce45be31f77c889a7792ce1b44b8744dbd
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89d1fc69592b47515f918c7578f120e4668ae73351d3b4fb0b5af37950403f57
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
90e9425af7ab5e9f874344bea247ffa434918e1aac5443edac3a8820c435e4c6
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
9d71d2894f6cea2ac32ecd4f221857b72a826326817d8b9876694e817f48f95f
a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851
b8b87f0a64d1d9f64654fc0a9eb5380ddee5a3c26be37b7c48300434d1009381
bb40a0de5789dfa39d78fc18f500b732ab0ba79f38ef4c892d8be42699e88350
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c201ecfe94e687f19c3b8d90cc083e8bfbe3aac9d777264678848b59f9b833d6
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cb6159075d6426f19e1b767832b1822bd2b0f1667f2249ff35388a83efdf31b2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d1d5e8832b409b3ee2e35a8059444b5dbab8ad53e531232d14eae70155dd15a8
d3179a4b780ba965df305ac6952afd3bfd8cee713507f889898d5f298bd5071c
da7e2cfd9fe22575368dcb9bce9e92a901bd924075c652ebe5cd5bd57e568b66
db8c360abe088d23f4d85ce801e1b15e8673d275b1156d42ce8e426c6b535577
e190d94b4ca3431096aebb0d93937f072064795173bdd9174538dafd651b59ba
e3a01f89102cdeed8b669723430551c27b01e2f428a986c6eeae2ac5883e497a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79155c59f1d1456f9859002f254fcc1aeaecbd4104dfa0c9edb669c7d43419b
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
f10a5e0f4412b6268a07e29e856c430f410ccf012b8e5c7c7c4265794642beb8
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f4794933ceab655892ac00210c479d4673821bcdbaba170454464bc0148d4657
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f6f686e959463f2cb3971f1c7eb1c5258698d12c8ad791116a35b2893484a9a2
fcadef1fad02038bc090ef0aa20a3020af3cdfb38ec9e0f0553faa970e4313f4