docs.google.com Open in urlscan Pro
2a00:1450:4001:817::200e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://apply.fdmt.hk/
Effective URL:
https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform
Submission Tags: @phishunt_io
Submission: On August 25 via api (August 25th 2020, 5:38:48 am UTC) from ES

Summary HTTP 21 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 21 HTTP transactions. The main IP is 2a00:1450:4001:817::200e, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is docs.google.com.
TLS certificate: Issued by GTS CA 1O1 on August 11th 2020. Valid for: 3 months.

This is the only time docs.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.201.172.138 35.201.172.138	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
4 4	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
21	8

1 35.201.172.138 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 138.172.201.35.bc.googleusercontent.com

apply.fdmt.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200e (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	gstatic.com www.gstatic.com fonts.gstatic.com ssl.gstatic.com	339 KB
8	youtube.com 4 redirects youtube.com www.youtube.com	566 B
3	googleapis.com fonts.googleapis.com	2 KB
3	google.com 1 redirects docs.google.com	47 KB
1	googleusercontent.com lh3.googleusercontent.com	227 KB
1	fdmt.hk apply.fdmt.hk	453 B
21	6

	Domain	Requested by
5	www.gstatic.com	docs.google.com www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.youtube.com	docs.google.com
4	youtube.com	4 redirects
3	fonts.googleapis.com	docs.google.com
3	docs.google.com	1 redirects www.gstatic.com
1	ssl.gstatic.com	www.gstatic.com
1	lh3.googleusercontent.com	docs.google.com
1	apply.fdmt.hk
21	9

This site contains links to these domains. Also see Links.

Domain
www.google.com

Subject Issuer	Validity	Valid
fdmt.hk Let's Encrypt Authority X3	`2020-08-23` - `2020-11-21`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform
Frame ID: AD42527E4BBB73AF84C688321503D82D
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/CqCas_gXwmQ?rel=0
Frame ID: A3C74E5700192919432C1E835099AACC
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_uiwdVP6eH4?rel=0
Frame ID: 5D9188D07C7936FA3687E7F71E13E23B
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/FG-9cNTgQSw?rel=0
Frame ID: 41CFF3F0880260FFFF20049DC567BDAD
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jsfNZQWhqc0?rel=0
Frame ID: FA2F9ECFEC63A5D5FD37C8A665DAD718
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://apply.fdmt.hk/ Page URL
https://docs.google.com/a/fdmt.hk/forms/d/1_SPfMr9KHs1ABtbYHOerDbBoL7Bf3DSX0eOBsccn8Pw/viewform HTTP 301
https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew... Page URL

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

21
Requests

100 %
HTTPS

89 %
IPv6

6
Domains

9
Subdomains

8
IPs

2
Countries

615 kB
Transfer

1824 kB
Size

5
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/url?q=https://www.researchgate.net/publication/305760951_Entrepreneurship_in_Education&sa=D&ust=1598337512356000&usg=AFQjCNEU8K4jpC3tm3Jly2oSiMmUyU-VVw
Title: https://www.researchgate.net/publication/305760951_Entrepreneurship_in_Education

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https://www.youtube.com/watch?v%3DZjtEYiQMoDs&sa=D&ust=1598337512356000&usg=AFQjCNFYcSaJsK8koRSxM8wIz9OZ3sqGog
Title: https://www.youtube.com/watch?v=ZjtEYiQMoDs

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https://en.wikipedia.org/wiki/Robotic_process_automation&sa=D&ust=1598337512356000&usg=AFQjCNHmym-k32jBl9hUozDuxeQ8iHIm7g
Title: https://en.wikipedia.org/wiki/Robotic_process_automation

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https://www.youtube.com/watch?v%3DjsfNZQWhqc0%26list%3DPLBPS7KjN_Zk-87izukLwAV4GCyIibzNpz%26index%3D3&sa=D&ust=1598337512356000&usg=AFQjCNHy2lhtth7uMDvFqbunJg2ESVZvyQ
Title: https://www.youtube.com/watch?v=jsfNZQWhqc0&list=PLBPS7KjN_Zk-87izukLwAV4GCyIibzNpz&index=3

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=http://www.fdmt.hk&sa=D&ust=1598337512356000&usg=AFQjCNHZvlJORH00rZZEZ-yFELyneGJ-Hg
Title: www.fdmt.hk

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https://www.youtube.com/user/FDMTvideo&sa=D&ust=1598337512356000&usg=AFQjCNELlITMZ37HFnQVlJi9paPRj5r6PQ
Title: https://www.youtube.com/user/FDMTvideo

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=http://www.fdmt.hk/legal&sa=D&ust=1598337512377000&usg=AFQjCNHOfZMWUAe4rqSUb4kQqX5Glq4NXw
Title: http://www.fdmt.hk/legal

Search URL Search Domain Scan URL

URL: https://www.google.com/forms/about/?utm_source=product&utm_medium=forms_logo&utm_campaign=forms
Title: Formulare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://apply.fdmt.hk/ Page URL
https://docs.google.com/a/fdmt.hk/forms/d/1_SPfMr9KHs1ABtbYHOerDbBoL7Bf3DSX0eOBsccn8Pw/viewform HTTP 301
https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://youtube.com/embed/CqCas_gXwmQ?rel=0 HTTP 301
https://www.youtube.com/embed/CqCas_gXwmQ?rel=0

Request Chain 6

https://youtube.com/embed/_uiwdVP6eH4?rel=0 HTTP 301
https://www.youtube.com/embed/_uiwdVP6eH4?rel=0

Request Chain 7

https://youtube.com/embed/FG-9cNTgQSw?rel=0 HTTP 301
https://www.youtube.com/embed/FG-9cNTgQSw?rel=0

Request Chain 8

https://youtube.com/embed/jsfNZQWhqc0?rel=0 HTTP 301
https://www.youtube.com/embed/jsfNZQWhqc0?rel=0

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
apply.fdmt.hk/ 251 B
453 B 1102ms
274ms Document
text/html 35.201.172.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apply.fdmt.hk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.172.138 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 138.172.201.35.bc.googleusercontent.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 925da4fa9900e2d2633d02c8d070b3d58e0d402235cd002395c1751bcb03f191

Request headers

Host: apply.fdmt.hk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 25 Aug 2020 05:38:31 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 201
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/2+Q/46

200

Primary Request viewform Show response
docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/
Redirect Chain

https://docs.google.com/a/fdmt.hk/forms/d/1_SPfMr9KHs1ABtbYHOerDbBoL7Bf3DSX0eOBsccn8Pw/viewform
https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform

312 KB
46 KB

318ms
304ms

Document
text/html

2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c989649dfa143f87eb4c0cfa0361740237fa017b703380a791d6810470c8cc0a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-nD3FUZKd97oU+keUlVYJwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: docs.google.com
:scheme: https
:path: /a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://apply.fdmt.hk/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=cy1_1l9x05xPuKXDoLGelKk0NQlOmmSAiPAn2u594p6NPLZay7fcqSLMBVigyJePLaCLtwDuY6DJMtrQikpBbsCQFiu_wzsXbK0pZsgFBtUdQ355sj5ghFskecRAY0PEdG0BFMqnMdFF77O50Wxteap4pccXcY58ZjMifXAZirc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://apply.fdmt.hk/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 25 Aug 2020 05:38:32 GMT
content-encoding: gzip
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-nD3FUZKd97oU+keUlVYJwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: S=spreadsheet_forms=46Hb-U6xc_vpSgcJV088nnEEyBfaMJMak3rCroVUxAg; Domain=.docs.google.com; Expires=Tue, 25-Aug-2020 06:38:32 GMT; Path=/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew; Secure; HttpOnly; Priority=LOW; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 301
content-type: text/html; charset=UTF-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 25 Aug 2020 05:38:32 GMT
location: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-dcCFVAPyV4gGdVC5mozZQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 246
server: GSE
set-cookie: NID=204=cy1_1l9x05xPuKXDoLGelKk0NQlOmmSAiPAn2u594p6NPLZay7fcqSLMBVigyJePLaCLtwDuY6DJMtrQikpBbsCQFiu_wzsXbK0pZsgFBtUdQ355sj5ghFskecRAY0PEdG0BFMqnMdFF77O50Wxteap4pccXcY58ZjMifXAZirc; expires=Wed, 24-Feb-2021 05:38:31 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none S=spreadsheet_forms=46Hb-U6xc_vpSgcJV088nnEEyBfaMJMak3rCroVUxAg; Domain=.docs.google.com; Expires=Tue, 25-Aug-2020 06:38:32 GMT; Path=/a/fdmt.hk/forms/d/1_SPfMr9KHs1ABtbYHOerDbBoL7Bf3DSX0eOBsccn8Pw; Secure; HttpOnly; Priority=LOW; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 icon
fonts.googleapis.com/ 621 B
490 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons+Extended

Requested by

Host: docs.google.com
URL: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

917b98e0fd8220ce6ad76a9a36706c71d2af24ad91dacf91746bcc5ed58ee896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Aug 2020 05:38:32 GMT
server: ESF
date: Tue, 25 Aug 2020 05:38:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Aug 2020 05:38:32 GMT

GET
H2 200 rs=AMjVe6jZMX9gzdMA8PhmuGwt8BXhfHrbPA
www.gstatic.com/_/freebird/_/ss/k=freebird.v.-kcdfxlk5uirw.L.W.O/d=1/ct=zgms/ 409 KB
50 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-kcdfxlk5uirw.L.W.O/d=1/ct=zgms/rs=AMjVe6jZMX9gzdMA8PhmuGwt8BXhfHrbPA

Requested by

Host: docs.google.com
URL: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ee3d22c5ff47e9840ce68ff2b3090f6821714faea4ae04d8bdbb6fb85069e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 20 Aug 2020 23:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Aug 2020 20:48:49 GMT
server: sffe
age: 369047
vary: Accept-Encoding, Origin
content-type: text/css; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50786
x-xss-protection: 0
expires: Fri, 20 Aug 2021 23:07:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Requested by

Host: docs.google.com
URL: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1477bdbbaed2a20db034528184c6734b71d746bab41306905d91fa62fb42f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Aug 2020 04:42:56 GMT
server: ESF
date: Tue, 25 Aug 2020 05:38:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Aug 2020 05:38:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
559 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Requested by

Host: docs.google.com
URL: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

131379f6f002000933c5f239ba59976e6ae601163a50616b64eddd2466262470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Aug 2020 04:34:59 GMT
server: ESF
date: Tue, 25 Aug 2020 05:38:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Aug 2020 05:38:32 GMT

GET
H2

200

CqCas_gXwmQ
www.youtube.com/embed/ Frame A3C7
Redirect Chain

https://youtube.com/embed/CqCas_gXwmQ?rel=0
https://www.youtube.com/embed/CqCas_gXwmQ?rel=0

0
0

76ms
75ms

Document
text/html

2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/CqCas_gXwmQ?rel=0

Requested by

Host: docs.google.com
URL: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/CqCas_gXwmQ?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://docs.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://docs.google.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 11069
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
cache-control: no-cache
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
date: Tue, 25 Aug 2020 05:38:32 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=nI-3hzxXmT8; path=/; domain=.youtube.com; secure; expires=Sun, 21-Feb-2021 05:38:32 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=nI-3hzxXmT8; path=/; domain=.youtube.com; secure; expires=Sun, 21-Feb-2021 05:38:32 GMT; httponly; samesite=None YSC=LF9Rv48xEf4; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 25-Aug-2020 06:08:32 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 301
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
location: https://www.youtube.com/embed/CqCas_gXwmQ?rel=0
date: Tue, 25 Aug 2020 05:38:32 GMT
content-type: text/html
server: YouTube Frontend Proxy
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

_uiwdVP6eH4
www.youtube.com/embed/ Frame 5D91
Redirect Chain

https://youtube.com/embed/_uiwdVP6eH4?rel=0
https://www.youtube.com/embed/_uiwdVP6eH4?rel=0

0
0

75ms
74ms

Document
text/html

2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_uiwdVP6eH4?rel=0

Requested by

Host: docs.google.com
URL: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/_uiwdVP6eH4?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://docs.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://docs.google.com/

Response headers

status: 200
content-length: 11070
strict-transport-security: max-age=31536000
cache-control: no-cache
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
date: Tue, 25 Aug 2020 05:38:32 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=ZYqpR7AGYwM; path=/; domain=.youtube.com; secure; expires=Sun, 21-Feb-2021 05:38:32 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=ZYqpR7AGYwM; path=/; domain=.youtube.com; secure; expires=Sun, 21-Feb-2021 05:38:32 GMT; httponly; samesite=None YSC=oM2yrqWAnqE; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 25-Aug-2020 06:08:32 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 301
location: https://www.youtube.com/embed/_uiwdVP6eH4?rel=0
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Aug 2020 05:38:32 GMT
content-type: text/html
server: YouTube Frontend Proxy
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

FG-9cNTgQSw
www.youtube.com/embed/ Frame 41CF
Redirect Chain

https://youtube.com/embed/FG-9cNTgQSw?rel=0
https://www.youtube.com/embed/FG-9cNTgQSw?rel=0

0
0

65ms
65ms

Document
text/html

2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/FG-9cNTgQSw?rel=0

Requested by

Host: docs.google.com
URL: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/FG-9cNTgQSw?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://docs.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://docs.google.com/

Response headers

status: 200
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: no-cache
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
content-encoding: br
content-length: 11054
x-content-type-options: nosniff
date: Tue, 25 Aug 2020 05:38:32 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=RYqnUOe8Lnk; path=/; domain=.youtube.com; secure; expires=Sun, 21-Feb-2021 05:38:32 GMT; httponly; samesite=None YSC=Yv9ZYIxdiPk; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=RYqnUOe8Lnk; path=/; domain=.youtube.com; secure; expires=Sun, 21-Feb-2021 05:38:32 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 25-Aug-2020 06:08:32 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 301
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
location: https://www.youtube.com/embed/FG-9cNTgQSw?rel=0
date: Tue, 25 Aug 2020 05:38:32 GMT
content-type: text/html
server: YouTube Frontend Proxy
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

jsfNZQWhqc0
www.youtube.com/embed/ Frame FA2F
Redirect Chain

https://youtube.com/embed/jsfNZQWhqc0?rel=0
https://www.youtube.com/embed/jsfNZQWhqc0?rel=0

0
0

80ms
79ms

Document
text/html

2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jsfNZQWhqc0?rel=0

Requested by

Host: docs.google.com
URL: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/jsfNZQWhqc0?rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://docs.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://docs.google.com/

Response headers

status: 200
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: no-cache
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
content-encoding: br
content-length: 11079
date: Tue, 25 Aug 2020 05:38:32 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=B971YINwVU8; path=/; domain=.youtube.com; secure; expires=Sun, 21-Feb-2021 05:38:32 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 25-Aug-2020 06:08:32 GMT VISITOR_INFO1_LIVE=B971YINwVU8; path=/; domain=.youtube.com; secure; expires=Sun, 21-Feb-2021 05:38:32 GMT; httponly; samesite=None YSC=Rixuhb3z2vk; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 301
location: https://www.youtube.com/embed/jsfNZQWhqc0?rel=0
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Aug 2020 05:38:32 GMT
content-type: text/html
server: YouTube Frontend Proxy
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 PYgoq0QvZx88rRH2OgDTHJzC60TY2KTHfTslHKs-e8nr_uMWAYbK9AVi5smmIwo9c-2Kkci-jaziZZgknz1M57cEZqkPuRERJF9-ocWK5-VFRbcIpGqR8_F8iLDD=w3952
lh3.googleusercontent.com/ 227 KB
227 KB 602ms
602ms Image
image/jpeg 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/PYgoq0QvZx88rRH2OgDTHJzC60TY2KTHfTslHKs-e8nr_uMWAYbK9AVi5smmIwo9c-2Kkci-jaziZZgknz1M57cEZqkPuRERJF9-ocWK5-VFRbcIpGqR8_F8iLDD=w3952

Requested by

Host: docs.google.com
URL: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ec0a26ddb76ac3bd201a7db3f5a6a9f427ba2e30b70d473e7b57fe8d59a2f9bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 25 Aug 2020 05:38:33 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="AF1QipOv2Kt0E9Fmdk6id_QBfqA_ic3_Eg3nZC38vFhL=w3956-h992.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232507
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Aug 2020 05:38:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://docs.google.com
Referer: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 74078
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 24 Aug 2021 09:03:54 GMT

GET
H/2+Q/46 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v16/ 14 KB
15 KB 26ms
13ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://docs.google.com
Referer: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:26 GMT
server: sffe
age: 66871
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Tue, 24 Aug 2021 11:04:01 GMT

GET
H/2+Q/46 200 googlelogo_dark_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ 1 KB
1 KB 27ms
13ms Image
image/svg+xml 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg

Requested by

Host: docs.google.com
URL: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:04:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 66855
vary: Accept-Encoding, Origin
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 689
x-xss-protection: 0
expires: Tue, 24 Aug 2021 11:04:17 GMT

GET
H/2+Q/46 200 m=viewer_base Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.vgZPODBLnmo.O/d=1/ct=zgms/rs=AMjVe6gQodovgBeJEF0Mz5bChGes-_EqNA/ 316 KB
103 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.vgZPODBLnmo.O/d=1/ct=zgms/rs=AMjVe6gQodovgBeJEF0Mz5bChGes-_EqNA/m=viewer_base

Requested by

Host: docs.google.com
URL: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f16d461313833faea6e69180a516a31510ad6370eb4c6b6e6f1cfa42bbc1cf34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 21 Aug 2020 20:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 Aug 2020 16:05:25 GMT
server: sffe
age: 292344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105439
x-xss-protection: 0
expires: Sat, 21 Aug 2021 20:26:08 GMT

GET
H2 200 qp_sprite134.svg
ssl.gstatic.com/docs/forms/ 104 KB
14 KB 25ms
6ms Image
image/svg+xml 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/forms/qp_sprite134.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-kcdfxlk5uirw.L.W.O/d=1/ct=zgms/rs=AMjVe6jZMX9gzdMA8PhmuGwt8BXhfHrbPA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

691c59b4a7d9003886c2b064285933427569f53fd0c4f84ac4bf681054200764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-kcdfxlk5uirw.L.W.O/d=1/ct=zgms/rs=AMjVe6jZMX9gzdMA8PhmuGwt8BXhfHrbPA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 09:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Jun 2020 13:45:00 GMT
server: sffe
age: 73902
vary: Accept-Encoding, Origin
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14245
x-xss-protection: 0
expires: Tue, 24 Aug 2021 09:06:50 GMT

GET
H/2+Q/46 200 pxiDypQkot1TnFhsFMOfGShVF9eOYktMqg.woff2
fonts.gstatic.com/s/productsans/v12/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/productsans/v12/pxiDypQkot1TnFhsFMOfGShVF9eOYktMqg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://docs.google.com
Referer: https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:04:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 02:39:22 GMT
server: sffe
age: 66857
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14140
x-xss-protection: 0
expires: Tue, 24 Aug 2021 11:04:15 GMT

GET
H/2+Q/46 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v16/ 14 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://docs.google.com
Referer: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:04:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:18 GMT
server: sffe
age: 66870
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Tue, 24 Aug 2021 11:04:02 GMT

GET
H/2+Q/46 200 m=NpD4ec,ws9Tlc,sy0,sy11,sy12,sy1,sy13,sy4h,sy2o,sy4k,V3dDOb,sy20,gkf10d,j2YlP,sy6,syd,syc,sy9,sy7,sy2h,sy8,sy2i,OShpD,J8mJTc,UUJqVe,sy2,CP1oW,De38hd,sy1q,Sk9apb,sy14,eFy6Rc,syw,sy2m,sy48,KornIe,sy... Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.vgZPODBLnmo.O/d=0/ct=zgms/rs=AMjVe6gQodovgBeJEF0Mz5bChGes-_EqNA/ 351 KB
108 KB 8ms
7ms XHR
text/javascript 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.vgZPODBLnmo.O/d=0/ct=zgms/rs=AMjVe6gQodovgBeJEF0Mz5bChGes-_EqNA/m=NpD4ec,ws9Tlc,sy0,sy11,sy12,sy1,sy13,sy4h,sy2o,sy4k,V3dDOb,sy20,gkf10d,j2YlP,sy6,syd,syc,sy9,sy7,sy2h,sy8,sy2i,OShpD,J8mJTc,UUJqVe,sy2,CP1oW,De38hd,sy1q,Sk9apb,sy14,eFy6Rc,syw,sy2m,sy48,KornIe,sy4i,sy4l,A4UTCb,syo,sym,sy1a,sy1h,syi,sy1i,sy28,sy3j,pxq3x,syz,sy27,O6y8ed,sy3q,sy3k,sy3r,syf,sy3l,sy3s,Xhpexc,Q91hve,sye,sya,syb,sy2c,sy3,sy2d,sy2f,sy2g,mRfQQ,sy3d,sy3f,sy3e,CFa0o,sy3h,Y9atKf,s39S4,wPRNsd,sy5e,sy5f,sy5g,YwHGTd,L1AAkb,sy55,sy58,sy59,xQtZb,QvB8bb,bCfhJc,sy3c,sy3u,syk,u9ZRK,pItcJd,yZuGp,bjxBRd,aW3pY,rHjpXd,sy2k,sy2n,sy2q,sy4m,I6YDgd,sy1b,sy1c,sy1d,sy1e,sy1j,sy56,sy19,sy1f,sy1g,uiNkee,sy3b,sy5h,sy5i,fgj8Rb,sy57,SM1lmd,IvDHfc,p2tbsc,d8PXFf,atgb9d,sy16,sy17,sy18,sy1k,sy1l,LxALBf,JCrucd,sy2z,sy2w,sy2x,sy30,sy31,sy2p,sy2t,sy2e,sy3m,sy3n,sy29,sy35,sy3g,sy3o,sy3p,sy3w,sy2r,sy2s,sy2u,sy2v,sy2y,sy3v,OqIWSb,sbHRWb,RGrRJf,OkF2xb,WdhPgc,QwQO1b,sy1n,xajb8d,ok0nye,sy33,sy3t,sy41,TOfxwf,sy45,lSvzH,zdweue,oZECf,yUS4Lc,KOZzeb,sy3x,oCiKKc,EcW08c,D8e5bc,UmOCme,liFoG,lWjoT,sW52Ae

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.vgZPODBLnmo.O/d=1/ct=zgms/rs=AMjVe6gQodovgBeJEF0Mz5bChGes-_EqNA/m=viewer_base

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa8816c3eea5a7af0fb0462a11ff3d118d412df7f5a53e435425ab5ad7716a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 23 Aug 2020 23:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110135
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110225
x-xss-protection: 0
last-modified: Fri, 21 Aug 2020 16:05:25 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Aug 2021 23:02:57 GMT

GET
H/2+Q/46 200 m=sy39,cNHZjb,sy4b,VXdfxd,KFVhZe,sy3i,sWGJ4b Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.vgZPODBLnmo.O/d=0/ct=zgms/rs=AMjVe6gQodovgBeJEF0Mz5bChGes-_EqNA/ 32 KB
9 KB 6ms
6ms XHR
text/javascript 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.vgZPODBLnmo.O/d=0/ct=zgms/rs=AMjVe6gQodovgBeJEF0Mz5bChGes-_EqNA/m=sy39,cNHZjb,sy4b,VXdfxd,KFVhZe,sy3i,sWGJ4b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.vgZPODBLnmo.O/d=1/ct=zgms/rs=AMjVe6gQodovgBeJEF0Mz5bChGes-_EqNA/m=viewer_base

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5a2e8f24ee99e90ce69f13abf8be0c18ac495f58d58578632f0cd691ea5531e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 21 Aug 2020 22:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284348
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9331
x-xss-protection: 0
last-modified: Fri, 21 Aug 2020 16:05:25 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Aug 2021 22:39:24 GMT

POST
H/2+Q/46 204 logImpressions Show response
docs.google.com/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/ 0
393 B 227ms
226ms XHR
text/plain 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/logImpressions

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.vgZPODBLnmo.O/d=1/ct=zgms/rs=AMjVe6gQodovgBeJEF0Mz5bChGes-_EqNA/m=viewer_base

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-l8DTQFevPf9qyB/hlAN9fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew/viewform
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Aug 2020 05:38:33 GMT
server: GSE
status: 204
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-l8DTQFevPf9qyB/hlAN9fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Rixuhb3z2vk
.youtube.com/	1970-01-19 11:58:55	Name: GPS Value: 1
.google.com/	1970-01-19 16:22:25	Name: NID Value: 204=cy1_1l9x05xPuKXDoLGelKk0NQlOmmSAiPAn2u594p6NPLZay7fcqSLMBVigyJePLaCLtwDuY6DJMtrQikpBbsCQFiu_wzsXbK0pZsgFBtUdQ355sj5ghFskecRAY0PEdG0BFMqnMdFF77O50Wxteap4pccXcY58ZjMifXAZirc
.youtube.com/	1970-01-19 16:18:05	Name: VISITOR_INFO1_LIVE Value: B971YINwVU8
.docs.google.com/a/fdmt.hk/forms/d/e/1FAIpQLSejVhu_gMURorqAWvN9LoJCWNKPzK7vnzXyU2TBppGVZGT2Ew	1970-01-19 11:58:57	Name: S Value: spreadsheet_forms=46Hb-U6xc_vpSgcJV088nnEEyBfaMJMak3rCroVUxAg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apply.fdmt.hk
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
ssl.gstatic.com
www.gstatic.com
www.youtube.com
youtube.com
2a00:1450:4001:801::200e
2a00:1450:4001:817::200a
2a00:1450:4001:817::200e
2a00:1450:4001:818::2003
2a00:1450:4001:81a::2003
2a00:1450:4001:81b::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:81f::2001
35.201.172.138
127ee3d22c5ff47e9840ce68ff2b3090f6821714faea4ae04d8bdbb6fb85069e
131379f6f002000933c5f239ba59976e6ae601163a50616b64eddd2466262470
691c59b4a7d9003886c2b064285933427569f53fd0c4f84ac4bf681054200764
917b98e0fd8220ce6ad76a9a36706c71d2af24ad91dacf91746bcc5ed58ee896
925da4fa9900e2d2633d02c8d070b3d58e0d402235cd002395c1751bcb03f191
a5a2e8f24ee99e90ce69f13abf8be0c18ac495f58d58578632f0cd691ea5531e
b1477bdbbaed2a20db034528184c6734b71d746bab41306905d91fa62fb42f13
c989649dfa143f87eb4c0cfa0361740237fa017b703380a791d6810470c8cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec0a26ddb76ac3bd201a7db3f5a6a9f427ba2e30b70d473e7b57fe8d59a2f9bd
f16d461313833faea6e69180a516a31510ad6370eb4c6b6e6f1cfa42bbc1cf34
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
fa8816c3eea5a7af0fb0462a11ff3d118d412df7f5a53e435425ab5ad7716a7d

docs.google.com Open in urlscan Pro 2a00:1450:4001:817::200e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

89 %IPv6

6 Domains

9 Subdomains

8 IPs

2 Countries

615 kBTransfer

1824 kBSize

5 Cookies

8 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

5 Cookies

Indicators

docs.google.com Open in urlscan Pro
2a00:1450:4001:817::200e Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

89 %
IPv6

6
Domains

9
Subdomains

8
IPs

2
Countries

615 kB
Transfer

1824 kB
Size

5
Cookies

21 HTTP transactions
0 data transactions