https://www.google.com/url?sa=p&q=https%3A%2F%2Fdocs.google.com%2Fcomments%2Fd%2FAAHRpnXsyO8Rt87TTHQ1KkSdlmryU0sFynw1nKycAzpw7B1Z9N8sc7JbhwB_itVxdaSm2Xv0it7mTQ3_Hlh6jflF7ytcGZ90X2L6cvyBYl-vAFbvvKxX8psIfcXkZgIHLORQb0IjgGloP%2Fapi%2Fjs%3Fanon%3Dtrue%26pref%3D2

Category: Search Engine Clean Browsing

Keywords: data play learn share store using google policy search account collect content example privacy service started personal services including information


Last fetched: 2020-07-26T20:54:17.304167+00:00

HTTP status: 5 Sub-resource URL


Advanced trackers

Advanced user tracking and fingerprinting techniques are used by websites to bypass privacy protection in web browsers and increase tracking persistence.

b'navigator.sendBeacon' … b'navigator.sendBeacon'

Security-related HTTP headers

  • Location: https://docs.google.com/comments/d/AAHRpnXsyO8Rt87TTHQ1KkSdlmryU0sFynw1nKycAzpw7B1Z9N8sc7JbhwB_itVxdaSm2Xv0it7mTQ3_Hlh6jflF7ytcGZ90X2L6cvyBYl-vAFbvvKxX8psIfcXkZgIHLORQb0IjgGloP/api/js?anon=true&pref=2

    The HTTP Location header is being returned by a server to redirect the web browser to a new URL of the requested resource. The URL may be relative (/index.html) or absolute (https://example.com).

    Read more...

  • Strict-Transport-Security: max-age=31536000

    HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that is specified by a web application through the use of a special response header.

    Read more...

  • Server: gws

    Announces web server software and optionally version details.

    Read more...

  • X-XSS-Protection: 0

    Controls an Cross-Site Scripting (XSS) filters built into the majority of web browsers. The filter is usually turned on by default anyway, but requirement to set the header to 1 became part of canonical set of "secure" HTTP headers. Over time, vulnerabilities in the "sanitizing" mode filter were found, so 1; mode=block became the recommended value. Some companies decided that they don't really need a browser-side XSS filter to mess with their web services which are XSS-free anyway and they became consciously disabling the XSS filter by setting the header to 0.

    Read more...

  • P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."

    Largely abandoned format for declaring website's privacy policy in machine-readable format. The only reason for many websites to use the header was that old versions of Microsoft Internet Explorer disallowed third-party cookies on websites missing P3P.

    Read more...

Content Security Policy

  • default-src https: data:; options eval-script inline-script; report-uri /csp_report; referrer origin

Want second opinion? Try Google CSP Evaluator.