osisko.gestionadc.ca Open in urlscan Pro
3.97.151.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.osisko.gestionadc.ca/b/ap/?sp8gxjipw2u19
Effective URL:
https://osisko.gestionadc.ca/tv/?z=vrfijxsqbuzgdjoxvhudpgtxyigofrgdfsnnvpeyed
Submission: On January 13 via manual (January 13th 2022, 11:36:12 am UTC) from PL — Scanned from CA

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 33 HTTP transactions. The main IP is 3.97.151.59, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is osisko.gestionadc.ca.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 1st 2021. Valid for: 3 months.

This is the only time osisko.gestionadc.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	3.97.151.59 3.97.151.59	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:400d:c09::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:400d:c0b::5e	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:806::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:400d:c0a::84	15169 (GOOGLE) (GOOGLE)
33	9

3 3.97.151.59 (Montreal, Canada) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-151-59.ca-central-1.compute.amazonaws.com

www.osisko.gestionadc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
osisko.gestionadc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c09::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c0b::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:806::2001 (United States)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c0a::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googleusercontent.com lh5.googleusercontent.com — Cisco Umbrella Rank: 136 lh6.googleusercontent.com — Cisco Umbrella Rank: 436 lh4.googleusercontent.com — Cisco Umbrella Rank: 410 lh3.googleusercontent.com — Cisco Umbrella Rank: 68	3 MB
8	google.com docs.google.com — Cisco Umbrella Rank: 128 play.google.com — Cisco Umbrella Rank: 32	483 KB
7	gstatic.com ssl.gstatic.com fonts.gstatic.com	57 KB
3	gestionadc.ca 2 redirects www.osisko.gestionadc.ca osisko.gestionadc.ca	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
0	Failed function sub() { [native code] }. Failed
33	6

	Domain	Requested by
7	lh4.googleusercontent.com	docs.google.com
6	docs.google.com	osisko.gestionadc.ca docs.google.com
4	lh6.googleusercontent.com	docs.google.com
4	ssl.gstatic.com	docs.google.com
3	lh5.googleusercontent.com	docs.google.com
3	fonts.gstatic.com	docs.google.com
2	play.google.com	docs.google.com
2	www.osisko.gestionadc.ca	2 redirects
1	lh3.googleusercontent.com	docs.google.com
1	fonts.googleapis.com	docs.google.com
1	osisko.gestionadc.ca
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	docs.google.com
33	12

This site contains no links.

Subject Issuer	Validity	Valid
osisko.gestionadc.ca cPanel, Inc. Certification Authority	`2021-11-01` - `2022-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://osisko.gestionadc.ca/tv/?z=vrfijxsqbuzgdjoxvhudpgtxyigofrgdfsnnvpeyed
Frame ID: 9417505E4A9F00A80D7973CEE70E321B
Requests: 1 HTTP requests in this frame

Frame: https://docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ/embed?start=true&loop=true&delayms=10000
Frame ID: 2F9AE14F4BCF9B25DC6675BC98D62294
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.osisko.gestionadc.ca/b/ap/?sp8gxjipw2u19 HTTP 302
https://www.osisko.gestionadc.ca/?z=vrfijxsqbuzgdjoxvhudpgtxyigofrgdfsnnvpeyed HTTP 301
https://osisko.gestionadc.ca/tv/?z=vrfijxsqbuzgdjoxvhudpgtxyigofrgdfsnnvpeyed Page URL

Page Statistics

33
Requests

97 %
HTTPS

88 %
IPv6

6
Domains

12
Subdomains

9
IPs

2
Countries

3203 kB
Transfer

4636 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.osisko.gestionadc.ca/b/ap/?sp8gxjipw2u19 HTTP 302
https://www.osisko.gestionadc.ca/?z=vrfijxsqbuzgdjoxvhudpgtxyigofrgdfsnnvpeyed HTTP 301
https://osisko.gestionadc.ca/tv/?z=vrfijxsqbuzgdjoxvhudpgtxyigofrgdfsnnvpeyed Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
osisko.gestionadc.ca/tv/
Redirect Chain

https://www.osisko.gestionadc.ca/b/ap/?sp8gxjipw2u19
https://www.osisko.gestionadc.ca/?z=vrfijxsqbuzgdjoxvhudpgtxyigofrgdfsnnvpeyed
https://osisko.gestionadc.ca/tv/?z=vrfijxsqbuzgdjoxvhudpgtxyigofrgdfsnnvpeyed

387 B
629 B

84ms
11ms

Document
text/html

3.97.151.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://osisko.gestionadc.ca/tv/?z=vrfijxsqbuzgdjoxvhudpgtxyigofrgdfsnnvpeyed
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.97.151.59 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-151-59.ca-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 4a30c32f44649acf613c366cc280ac33fa795c47584a12186761b402f129ba9e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Date: Thu, 13 Jan 2022 11:36:06 GMT
Server: Apache
Last-Modified: Wed, 29 Dec 2021 19:26:26 GMT
Accept-Ranges: bytes
Content-Length: 387
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Date: Thu, 13 Jan 2022 11:36:06 GMT
Server: Apache
Location: https://osisko.gestionadc.ca/tv/?z=vrfijxsqbuzgdjoxvhudpgtxyigofrgdfsnnvpeyed
Content-Length: 285
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 embed Show response
docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ/ Frame 2F9A 739 KB
136 KB 261ms
202ms Document
text/html 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ/embed?start=true&loop=true&delayms=10000

Requested by

Host: osisko.gestionadc.ca
URL: https://osisko.gestionadc.ca/tv/?z=vrfijxsqbuzgdjoxvhudpgtxyigofrgdfsnnvpeyed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bc046eb40372625a775381e01b20594ab1190184883241ac74f0f01d065f8099

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-CaB9+F1GVNpqwcV/sS95IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://osisko.gestionadc.ca/

Response headers

content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 13 Jan 2022 11:36:06 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
content-security-policy: base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-CaB9+F1GVNpqwcV/sS95IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 2F9A 0
0

GET
H2 200 740711855-viewer_css_ltr.css
docs.google.com/static/presentation/client/css/ Frame 2F9A 280 KB
43 KB 22ms
21ms Stylesheet
text/css 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/static/presentation/client/css/740711855-viewer_css_ltr.css

Requested by

Host: docs.google.com
URL: https://docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ/embed?start=true&loop=true&delayms=10000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2b3589aaa573d780e1acb4a6c79a8621e8791c8572880b7be123e793f771a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ/embed?start=true&loop=true&delayms=10000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 13:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43389
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 22:03:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Wed, 11 Jan 2023 13:51:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2F9A 2 KB
1 KB 99ms
35ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 10:45:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 13 Jan 2022 11:36:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Jan 2022 11:36:06 GMT

GET
H2 200 2869081177-viewer_core__en_ca.js Show response
docs.google.com/static/presentation/client/js/ Frame 2F9A 839 KB
284 KB 30ms
30ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/static/presentation/client/js/2869081177-viewer_core__en_ca.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89bfb7f2c01f9e400a4d8f1fcf46ee5ebc8493dd1bc68f110d89031f9adf8adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ/embed?start=true&loop=true&delayms=10000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290433
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 23:16:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Thu, 12 Jan 2023 15:24:17 GMT

POST
H2 200 log Show response
play.google.com/ Frame 2F9A 131 B
519 B 118ms
60ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/2869081177-viewer_core__en_ca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

POST
H3 204 naLogImpressions Show response
docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ/ Frame 2F9A 0
13 B 109ms
109ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ/naLogImpressions?id=e%2F2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ&includes_info_params=1

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/2869081177-viewer_core__en_ca.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-HgE9R+/DR3zOlFOsfiAvLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ/embed?start=true&loop=true&delayms=10000
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 11:36:06 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-HgE9R+/DR3zOlFOsfiAvLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: GSE
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 punchviewer_material_sprite9_grey_medium.svg
ssl.gstatic.com/docs/presentations/images/ Frame 2F9A 6 KB
2 KB 113ms
33ms Image
image/svg+xml 2607:f8b0:400d:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/presentations/images/punchviewer_material_sprite9_grey_medium.svg

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/css/740711855-viewer_css_ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca319b01c598ec1af07646688e2c73c3ad79ceeab381348fc147d4c1b323e57f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 02:55:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 204036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1794
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Wed, 11 Jan 2023 02:55:30 GMT

GET
H2 200 punchviewer_material_sprite9_grey_dark.svg
ssl.gstatic.com/docs/presentations/images/ Frame 2F9A 6 KB
2 KB 113ms
34ms Image
image/svg+xml 2607:f8b0:400d:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/presentations/images/punchviewer_material_sprite9_grey_dark.svg

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/css/740711855-viewer_css_ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187311a4e835d0170f21b34003da19e798268082d9cebc7a023db3e5b0a387e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 21:14:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1803
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 17:48:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Tue, 10 Jan 2023 21:14:33 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame 2F9A 21 KB
22 KB 109ms
36ms Font
font/woff2 2607:f8b0:400d:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 02:08:37 GMT
x-content-type-options: nosniff
age: 206849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 02:08:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2F9A 15 KB
15 KB 138ms
65ms Font
font/woff2 2607:f8b0:400d:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 08:20:00 GMT
x-content-type-options: nosniff
age: 184566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 08:20:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2F9A 15 KB
15 KB 112ms
75ms Font
font/woff2 2607:f8b0:400d:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 02:43:17 GMT
x-content-type-options: nosniff
age: 204769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 02:43:17 GMT

GET
H2 200 4_xAo4fTzGdf1PdwYYRtWQoC3pCfdnFs_zvaY9gS3N5ICYT_-SoFvCs5glLhLeMpeNpm6raF30qhEaTKYW_H7gOWclryk4v5np3Ult9zw4ZsgwCScqDYUyBGuQqnugvsTxvR
lh5.googleusercontent.com/ Frame 2F9A 706 KB
707 KB 169ms
107ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/4_xAo4fTzGdf1PdwYYRtWQoC3pCfdnFs_zvaY9gS3N5ICYT_-SoFvCs5glLhLeMpeNpm6raF30qhEaTKYW_H7gOWclryk4v5np3Ult9zw4ZsgwCScqDYUyBGuQqnugvsTxvR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fa4d0fc1c1f5cccdac4f2df64fe83de9fababc8eeb7b12095c72b7150eccf889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="shutterstock_250924387-min_edited.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 722962
x-xss-protection: 0
expires: Fri, 14 Jan 2022 11:36:06 GMT

GET
H2 200 aqevkZT5a6VJoLEvbsBeXLK_4p2l0b4gVQdXzQnAmGjZCcLO07QpYedl4_BGogXelelqW0e3UkWrvDpD-bXMllefilm4316viwoHaVOdYapcqzrOKqW1b3Y989TFSDVTSOjB
lh6.googleusercontent.com/ Frame 2F9A 385 KB
386 KB 167ms
94ms Image
image/png 2607:f8b0:400d:c0a::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/aqevkZT5a6VJoLEvbsBeXLK_4p2l0b4gVQdXzQnAmGjZCcLO07QpYedl4_BGogXelelqW0e3UkWrvDpD-bXMllefilm4316viwoHaVOdYapcqzrOKqW1b3Y989TFSDVTSOjB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0a::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7f4854518531dc804b4be467b80e95b04600cc8cd12a3a5f841c7b33d1b9e129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="shutterstock_374610949_edited_6-min.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 394173
x-xss-protection: 0
expires: Fri, 14 Jan 2022 11:36:06 GMT

GET
H2 200 RQQBBYAdRcH6lIhCt33UXKgXlBAkA0N1KjwhETYlA7ZjTB6pPC4tB0xwnkdp1WdmVN6ZcXcqIiT5FLiFTXsCx5VvcO-cBZAaPoEiYYw5qh5i_ftu5_Ud0ymBlidJ02YRX5_i
lh4.googleusercontent.com/ Frame 2F9A 218 KB
219 KB 247ms
186ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/RQQBBYAdRcH6lIhCt33UXKgXlBAkA0N1KjwhETYlA7ZjTB6pPC4tB0xwnkdp1WdmVN6ZcXcqIiT5FLiFTXsCx5VvcO-cBZAaPoEiYYw5qh5i_ftu5_Ud0ymBlidJ02YRX5_i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0a267b3265645a327b6976eb7cedc5c941fb45dd5e1e6da1308b58ce72795bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="le_gumineuse, coeur de palmier et crevette7.jpg";filename*=UTF-8''le%CC%81gumineuse%2C%20coeur%20de%20palmier%20et%20crevette7.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 223473
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 12 Jan 2022 14:55:21 GMT

GET
H2 200 xHk8u2i8ZwQdu0H4FSeFsag7MlLw93KaOJc90HIX82OCxFmJ32RNCrxoQZPP64d4z_lKhpUtsebTT9E2FJfF_9Azi55kAUjvnCioYfvFMktB8DHkZBIzue2mabuAj2--AE34
lh3.googleusercontent.com/ Frame 2F9A 12 KB
13 KB 176ms
105ms Image
image/png 2607:f8b0:400d:c0a::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/xHk8u2i8ZwQdu0H4FSeFsag7MlLw93KaOJc90HIX82OCxFmJ32RNCrxoQZPP64d4z_lKhpUtsebTT9E2FJfF_9Azi55kAUjvnCioYfvFMktB8DHkZBIzue2mabuAj2--AE34

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0a::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d6078daaf8771c7a741bc122a6f0e5d09a314f9ab5fac4db5d253c53d73c7f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12780
x-xss-protection: 0
expires: Fri, 14 Jan 2022 11:36:06 GMT

GET
H2 200 JqbXK90braKMDxtPRkV82DZS0yjLLXGrCEGXlFUgkiD_QM0rvZ_qJnDS1yEiHmGNKNZo3be4KIl0oyeO_amfifL0cNf4vjwLMiXGpNPMfr8Rz2tmkfkSG7sctnnk-801FRcA
lh4.googleusercontent.com/ Frame 2F9A 12 KB
13 KB 196ms
135ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/JqbXK90braKMDxtPRkV82DZS0yjLLXGrCEGXlFUgkiD_QM0rvZ_qJnDS1yEiHmGNKNZo3be4KIl0oyeO_amfifL0cNf4vjwLMiXGpNPMfr8Rz2tmkfkSG7sctnnk-801FRcA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d6078daaf8771c7a741bc122a6f0e5d09a314f9ab5fac4db5d253c53d73c7f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="qr-osisko.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12780
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 12 Jan 2022 14:55:21 GMT

GET
H2 200 xr5uycq7ZJ1UNu4q2n9oS8b0GXj6dYVDlUu6jDRYW2O2jCpKgQOqPLLja2-FyE0-CkuAfwI05EITxndUs23xUlKvapvP9Z_ZKsObpiWLS8CjvM5L_5ASomtzVtY35utw5o_r
lh4.googleusercontent.com/ Frame 2F9A 166 KB
166 KB 201ms
140ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/xr5uycq7ZJ1UNu4q2n9oS8b0GXj6dYVDlUu6jDRYW2O2jCpKgQOqPLLja2-FyE0-CkuAfwI05EITxndUs23xUlKvapvP9Z_ZKsObpiWLS8CjvM5L_5ASomtzVtY35utw5o_r

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7bedae5834f71056c779625e639845e57c6ee453e80033982347e3e5da68f967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="kisspng-chef-cooking-clip-art-chef-5aba2326735d18.3423722715221481344725.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 169879
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 12 Jan 2022 14:55:21 GMT

GET
H2 200 Cp8NjC594O251YOkcbcJePEnjVFuNIeGeQTOvU23T82MQV3md3x6OU0GrVZqDYM77Rupy1FT7wnRYtIaRwVNWbP-mXdBEsGfIak6YsETS3Vv44dLYn4Z0jQ1koXiEJK05wmP
lh4.googleusercontent.com/ Frame 2F9A 4 KB
4 KB 180ms
120ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/Cp8NjC594O251YOkcbcJePEnjVFuNIeGeQTOvU23T82MQV3md3x6OU0GrVZqDYM77Rupy1FT7wnRYtIaRwVNWbP-mXdBEsGfIak6YsETS3Vv44dLYn4Z0jQ1koXiEJK05wmP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9aaa699f8fcc7be7bebfd561e1fea194af999a30557ab53e20cc2983abba18b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="frame(2).png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4149
x-xss-protection: 0
expires: Fri, 14 Jan 2022 11:36:06 GMT

GET
H2 200 HpiptbWL3HMujF91bc6FbeEp8kAiPU9t6UrcWocmGHiIqepCdbhXJYsUS4-AgbJBmFWECBxGloZti-RPIuCNs2mzP2q6Ad0g1_flDWDT94AeP5lBHSZS3IUOqpSlgSOveP7M
lh4.googleusercontent.com/ Frame 2F9A 39 KB
39 KB 238ms
178ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/HpiptbWL3HMujF91bc6FbeEp8kAiPU9t6UrcWocmGHiIqepCdbhXJYsUS4-AgbJBmFWECBxGloZti-RPIuCNs2mzP2q6Ad0g1_flDWDT94AeP5lBHSZS3IUOqpSlgSOveP7M

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

55ce34791937e3a55cfeaa47e0b43fe50c49754ad69ac7133848b0078b7c457d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="ADC_Logo.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40102
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 12 Jan 2022 14:55:21 GMT

GET
H2 200 Kkq6YdrAysZT3ENu1388LsBg__xlVKuRxpLohZHT9NOg8IrJc-u9u9C6j5JTFkh3w3JSdCsWCotyg2v23OiWs5dic7oF3uWz9gvroR3j967cHRH1soY1B6rY3Lu4LAydPCKG
lh4.googleusercontent.com/ Frame 2F9A 27 KB
27 KB 160ms
100ms Image
image/png 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/Kkq6YdrAysZT3ENu1388LsBg__xlVKuRxpLohZHT9NOg8IrJc-u9u9C6j5JTFkh3w3JSdCsWCotyg2v23OiWs5dic7oF3uWz9gvroR3j967cHRH1soY1B6rY3Lu4LAydPCKG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a08676be01e4948bd1cb5d730efd19824ef17749bb8258ab5dcb5f129b20b770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="chart.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27585
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 12 Jan 2022 14:55:21 GMT

GET
H2 200 Heqs3Auq-lD6yW0S51nppnkoUo114r9daoyK-NfsKaeYwk0FEFK_TCHECRRsASqHX8I_ERI7Ody5F0r_CLz3PL2sTDphtyzJrTfZ6G2RPhjUCa6IVvsQgEA9nEG-ut07SVaf
lh6.googleusercontent.com/ Frame 2F9A 45 KB
45 KB 210ms
139ms Image
image/jpeg 2607:f8b0:400d:c0a::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/Heqs3Auq-lD6yW0S51nppnkoUo114r9daoyK-NfsKaeYwk0FEFK_TCHECRRsASqHX8I_ERI7Ody5F0r_CLz3PL2sTDphtyzJrTfZ6G2RPhjUCa6IVvsQgEA9nEG-ut07SVaf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0a::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0551d4549a2fe47c7edf11351c4b6611562834979fa43b3af87096c467757bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="i37395-les-pates.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45670
x-xss-protection: 0
expires: Fri, 14 Jan 2022 11:36:06 GMT

GET
H2 200 nT4vPFq-5eEF9-n-OHg4ZyvXTnjR2_465Axdqs8aTbBh7QNsCHf6nsE47XFEouJPJloVu5ppS9Srkz8Pi8tlsDiiDKx2LS91jJcS8QbNeHoGicAijmCouezQoAOug7pMmhsBHg
lh4.googleusercontent.com/ Frame 2F9A 294 KB
295 KB 120ms
119ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/nT4vPFq-5eEF9-n-OHg4ZyvXTnjR2_465Axdqs8aTbBh7QNsCHf6nsE47XFEouJPJloVu5ppS9Srkz8Pi8tlsDiiDKx2LS91jJcS8QbNeHoGicAijmCouezQoAOug7pMmhsBHg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cd53128542948e90bfad2faea5695ca73b86a27f229a3b2cf3f56757586d1ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="catalogue k-studio-2050.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301301
x-xss-protection: 0
expires: Fri, 14 Jan 2022 11:36:06 GMT

GET
H2 200 TpfZQvzZIsHvjG1NvD040964deJVeZ9D_zhLHwS1T2Zeq8kGFBmgpAc5GLSfif4TQTsFsxG-S01d0IVR1WQ1HIKJWrs1NNYisQ6ym99k-2EcqVTWMZ1gESNRqG0RTeU2Hqu5
lh6.googleusercontent.com/ Frame 2F9A 385 KB
385 KB 152ms
151ms Image
image/png 2607:f8b0:400d:c0a::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/TpfZQvzZIsHvjG1NvD040964deJVeZ9D_zhLHwS1T2Zeq8kGFBmgpAc5GLSfif4TQTsFsxG-S01d0IVR1WQ1HIKJWrs1NNYisQ6ym99k-2EcqVTWMZ1gESNRqG0RTeU2Hqu5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0a::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7f4854518531dc804b4be467b80e95b04600cc8cd12a3a5f841c7b33d1b9e129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 394173
x-xss-protection: 0
expires: Fri, 14 Jan 2022 11:36:06 GMT

GET
H2 200 Y7b8FlrNKkx5Y_YoMsiyxxvcs1-iBKEJgeYM800feGfeUCzrIIOCjnvLCXtDng2vRFOxT5YqLf0_BiNc40Yd5WRD6vugdUsXEausFb1lT8UAOdveW5greVfxowDqDeEF0ILH
lh6.googleusercontent.com/ Frame 2F9A 77 KB
77 KB 184ms
183ms Image
image/jpeg 2607:f8b0:400d:c0a::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/Y7b8FlrNKkx5Y_YoMsiyxxvcs1-iBKEJgeYM800feGfeUCzrIIOCjnvLCXtDng2vRFOxT5YqLf0_BiNc40Yd5WRD6vugdUsXEausFb1lT8UAOdveW5greVfxowDqDeEF0ILH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0a::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

49c05c9acbba969aa036f7312ee012651a31fdd1cc677e0b2db8805b78e2016c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78839
x-xss-protection: 0
expires: Fri, 14 Jan 2022 11:36:06 GMT

GET
H2 200 OCY3ERDajYiNdsOZIxrTTDyh-envI-Kx191cczZuAoR-zOI_JWTpImrWzzdybjM5bgM2vHIHv-BGPhFFTjvk5uEvLhYWwIJh5GwF8IVhjZme8VIlhW8qE7BzEa4Ziz7J31hXnQ
lh5.googleusercontent.com/ Frame 2F9A 136 KB
136 KB 123ms
122ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/OCY3ERDajYiNdsOZIxrTTDyh-envI-Kx191cczZuAoR-zOI_JWTpImrWzzdybjM5bgM2vHIHv-BGPhFFTjvk5uEvLhYWwIJh5GwF8IVhjZme8VIlhW8qE7BzEa4Ziz7J31hXnQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e09b6b50e88ceab9389dfdf9c7fa416cf628fe49dda7e5df07779e6a5f6d3fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="journe_e marketing-1945 copie.jpg";filename*=UTF-8''journe%CC%81e%20marketing-1945%20copie.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138975
x-xss-protection: 0
expires: Fri, 14 Jan 2022 11:36:06 GMT

GET
H2 200 U7xTaZ3XIXJHvai9-GUOTnnh6IBZd8wL41DOKGMCCy0ISxazr5isIu6f3MDOu4LA0OX6Z54CPM3I-a5gyW7baUo0Ybsnn6mB6IJ8VyJUp0Jw4wbVBhe38FL91OMOd2L2DvzduA
lh5.googleusercontent.com/ Frame 2F9A 151 KB
151 KB 141ms
140ms Image
image/jpeg 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/U7xTaZ3XIXJHvai9-GUOTnnh6IBZd8wL41DOKGMCCy0ISxazr5isIu6f3MDOu4LA0OX6Z54CPM3I-a5gyW7baUo0Ybsnn6mB6IJ8VyJUp0Jw4wbVBhe38FL91OMOd2L2DvzduA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b56f5f5581a4e97d3579641e3954e7850c67dc142b4f6dc883a68f58cacbba4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="R76b3fcc65269ec8b4ad76480608c8f3e.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154723
x-xss-protection: 0
expires: Fri, 14 Jan 2022 11:36:07 GMT

GET
H2 200 netcheck.gif
ssl.gstatic.com/docs/common/ Frame 2F9A 43 B
207 B 34ms
32ms Image
image/gif 2607:f8b0:400d:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/netcheck.gif?zx=bbzy66ol61e

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 11:36:06 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
pragma: no-cache
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1754484138-viewer_help__en_ca.js Show response
docs.google.com/static/presentation/client/js/ Frame 2F9A 53 KB
19 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/static/presentation/client/js/1754484138-viewer_help__en_ca.js

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/2869081177-viewer_core__en_ca.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2b7e2543a9c666b29599a6c8e52f08c54bbb3a349dbea3645be8eaba8e188c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ/embed?start=true&loop=true&delayms=10000&slide=id.g13c7f5c3f0_0_1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19630
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 23:16:28 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Thu, 12 Jan 2023 15:24:17 GMT

GET
DATA 200
OK truncated
/ Frame 2F9A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1648dfe836a14eda0efeaa0e18e2a885667f05b922ef446a476865eca556867c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 search-white.png
ssl.gstatic.com/ui/v1/button/ Frame 2F9A 275 B
300 B 64ms
31ms Image
image/png 2607:f8b0:400d:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/ui/v1/button/search-white.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4529bb647d07fbc3a858bd39fe0aff051dd7b5ccba99c7cea5a307fdd7f4241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 22:50:11 GMT
x-content-type-options: nosniff
age: 218756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gstatic-ui-assets
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"gstatic-ui-assets","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gstatic-ui-assets"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="gstatic-ui-assets"
expires: Tue, 10 Jan 2023 22:50:11 GMT

POST
H3 200 log Show response
play.google.com/ Frame 2F9A 131 B
152 B 116ms
85ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/2869081177-viewer_core__en_ca.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 13 Jan 2022 11:36:09 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

POST
H3 204 naLogImpressions Show response
docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ/ Frame 2F9A 0
13 B 76ms
71ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/2869081177-viewer_core__en_ca.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-uhRAO8KzURmrWeLzM8GD7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ/embed?start=true&loop=true&delayms=10000&slide=id.g13c7f5c3f0_0_1
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 11:36:09 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-uhRAO8KzURmrWeLzM8GD7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: GSE
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onsecuritypolicyviolation object| onslotchange

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ	1970-01-20 00:07:57	Name: S Value: apps-presentations=YUwDP5Ra42jQMVyAp0o72IckW-e3RuEEA9bPLQbyxeE
.docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ	1970-01-20 00:07:57	Name: COMPASS Value: apps-presentations=ClAACWuJVxJfrxfpfjq1ihJE_hcrwDZip9BlE6uZ74IuP-uvYA3rtTfQZJXhCy2qPj49cnVn-hOTvC8WSjbrjYXhMLBiIF0EUMH0dZNDG4x4UhC2uYCPBhpSAAlriVeJWgZPP3_rUXQNDa8gn5W0NnOtbeMz1EOEWlccXZ7nDhWgdnQMSyULqws0Y_RIHmLYPE-biAlTlQB_ib-kP5eYEpuqJdULU9vndTJUsw==
.google.com/	1970-01-20 04:31:24	Name: NID Value: 511=Z7T1ML4DTJuQAncd4FdNea5DbqkixxthSLE7NWI-l4_S-ZoIUe8Y33jJPcFlY-iGbIqawih-vFP_wZ34PwIFOfZKBAgz76_qxvdkofImSSMakIk9mXK72NiX8FLKSlSpJ11c4u3QrBrBZ5tNgHTR_9NWRWygnEzd2YpGP3AZ6tY

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://docs.google.com/presentation/d/e/2PACX-1vQxpizk2mVxK5QYQqs0_iEsLxuP9Pq-my9nFLBtN2iaIr3M-6DYvFVQ5V7V6HxFJobRHEF40ZrwQ6MQ/embed?start=true&loop=true&delayms=10000 Message: The key "target-densitydpi" is not supported.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

docs.google.com
fonts.googleapis.com
fonts.gstatic.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
osisko.gestionadc.ca
play.google.com
ssl.gstatic.com
www.osisko.gestionadc.ca
ghbmnnjooekpmoecnnnilnnbdlolhkhi
2607:f8b0:4006:806::2001
2607:f8b0:4006:807::200e
2607:f8b0:4006:80e::200a
2607:f8b0:4006:81f::200e
2607:f8b0:400d:c09::5e
2607:f8b0:400d:c0a::84
2607:f8b0:400d:c0b::5e
3.97.151.59
0551d4549a2fe47c7edf11351c4b6611562834979fa43b3af87096c467757bd6
0a267b3265645a327b6976eb7cedc5c941fb45dd5e1e6da1308b58ce72795bdf
1648dfe836a14eda0efeaa0e18e2a885667f05b922ef446a476865eca556867c
187311a4e835d0170f21b34003da19e798268082d9cebc7a023db3e5b0a387e0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
49c05c9acbba969aa036f7312ee012651a31fdd1cc677e0b2db8805b78e2016c
4a30c32f44649acf613c366cc280ac33fa795c47584a12186761b402f129ba9e
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
55ce34791937e3a55cfeaa47e0b43fe50c49754ad69ac7133848b0078b7c457d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c2b7e2543a9c666b29599a6c8e52f08c54bbb3a349dbea3645be8eaba8e188c
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7bedae5834f71056c779625e639845e57c6ee453e80033982347e3e5da68f967
7f4854518531dc804b4be467b80e95b04600cc8cd12a3a5f841c7b33d1b9e129
89bfb7f2c01f9e400a4d8f1fcf46ee5ebc8493dd1bc68f110d89031f9adf8adb
9aaa699f8fcc7be7bebfd561e1fea194af999a30557ab53e20cc2983abba18b0
a08676be01e4948bd1cb5d730efd19824ef17749bb8258ab5dcb5f129b20b770
b56f5f5581a4e97d3579641e3954e7850c67dc142b4f6dc883a68f58cacbba4d
bc046eb40372625a775381e01b20594ab1190184883241ac74f0f01d065f8099
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
c2b3589aaa573d780e1acb4a6c79a8621e8791c8572880b7be123e793f771a21
c4529bb647d07fbc3a858bd39fe0aff051dd7b5ccba99c7cea5a307fdd7f4241
ca319b01c598ec1af07646688e2c73c3ad79ceeab381348fc147d4c1b323e57f
cd53128542948e90bfad2faea5695ca73b86a27f229a3b2cf3f56757586d1ace
d6078daaf8771c7a741bc122a6f0e5d09a314f9ab5fac4db5d253c53d73c7f3c
e09b6b50e88ceab9389dfdf9c7fa416cf628fe49dda7e5df07779e6a5f6d3fab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa4d0fc1c1f5cccdac4f2df64fe83de9fababc8eeb7b12095c72b7150eccf889

osisko.gestionadc.ca Open in urlscan Pro 3.97.151.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

33 Requests

97 %HTTPS

88 %IPv6

6 Domains

12 Subdomains

9 IPs

2 Countries

3203 kBTransfer

4636 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

osisko.gestionadc.ca Open in urlscan Pro
3.97.151.59 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

97 %
HTTPS

88 %
IPv6

6
Domains

12
Subdomains

9
IPs

2
Countries

3203 kB
Transfer

4636 kB
Size

3
Cookies

33 HTTP transactions
1 data transactions