urlscan.io logo urlscan.io
SecurityTrails logo

lzdmsmujepoc2xlgp13srg-on.drv.tw Open in urlscan Pro
47.254.47.165  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.google.com/url?q=https%3A%2F%2Flzdmsmujepoc2xlgp13srg-on.drv.tw%2FDon%27tTouchYaFace%2Fwww.DontTouchYaFace....
Effective URL: https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
Submission: On March 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 10 HTTP transactions. The main IP is 47.254.47.165, located in San Mateo, United States and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN. The main domain is lzdmsmujepoc2xlgp13srg-on.drv.tw.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 3rd 2020. Valid for: 3 months.
This is the only time lzdmsmujepoc2xlgp13srg-on.drv.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
2 4 47.254.47.165 45102 (CNNIC-ALI...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 8
1    2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    47.254.47.165 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
lzdmsmujepoc2xlgp13srg-on.drv.tw
drv.tw
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
drive.google.com
1    2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
doc-0g-3k-docs.googleusercontent.com
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
3 lzdmsmujepoc2xlgp13srg-on.drv.tw 2 redirects www.google.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 drive.google.com 1 redirects lzdmsmujepoc2xlgp13srg-on.drv.tw
2 cdn.jsdelivr.net lzdmsmujepoc2xlgp13srg-on.drv.tw
1 stats.g.doubleclick.net lzdmsmujepoc2xlgp13srg-on.drv.tw
1 www.googletagmanager.com drv.tw
1 doc-0g-3k-docs.googleusercontent.com lzdmsmujepoc2xlgp13srg-on.drv.tw
1 drv.tw lzdmsmujepoc2xlgp13srg-on.drv.tw
1 www.google.com
10 9

This site contains no links.

Subject Issuer Validity Valid
www.google.com
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
*.drv.tw
Let's Encrypt Authority X3		 2020-03-03 -
2020-06-01		 3 months crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-02-22 -
2020-08-30		 6 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
Frame ID: 0B971381CD0A7B72049F0270AA5523C1
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.google.com/url?q=https%3A%2F%2Flzdmsmujepoc2xlgp13srg-on.drv.tw%2FDon%27tTouchYaFace%2F... Page URL
  2. https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /gws/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

10
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

279 kB
Transfer

1065 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.google.com/url?q=https%3A%2F%2Flzdmsmujepoc2xlgp13srg-on.drv.tw%2FDon%27tTouchYaFace%2Fwww.DontTouchYaFace.com.html&sa=D&sntz=1&usg=AFQjCNEDFRD7Fz5nnEG-m7ZOp-PcLvH7Lw Page URL
  2. https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/Danger1.mp3 HTTP 302
  • https://drive.google.com/uc?id=16Y_cjB0kk_VRvE09Rs-jNP3LgXwSqwqG HTTP 302
  • https://doc-0g-3k-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/eetmc0o77n97jgpdovfd56f9qb1043ba/1584027825000/12733288827823659179/*/16Y_cjB0kk_VRvE09Rs-jNP3LgXwSqwqG
Request Chain 5
  • https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/Danger2.mp3 HTTP 302
  • https://drive.google.com/uc?id=1aEIxTUU0Z0suEU6KhIfGqYv8La0zxF7p
Request Chain 8
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=378203107&t=pageview&_s=1&dl=https%3A%2F%2Flzdmsmujepoc2xlgp13srg-on.drv.tw%2FDon%2527tTouchYaFace%2Fwww.DontTouchYaFace.com.html&dr=https%3A%2F%2Fwww.google.com%2Furl%3Fq%3Dhttps%253A%252F%252Flzdmsmujepoc2xlgp13srg-on.drv.tw%252FDon%2527tTouchYaFace%252Fwww.DontTouchYaFace.com.html%26sa%3DD%26sntz%3D1%26usg%3DAFQjCNEDFRD7Fz5nnEG-m7ZOp-PcLvH7Lw&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=111566263&gjid=1293588410&cid=576095289.1584027851&tid=UA-85417367-1&_gid=1163209065.1584027851&_r=1&gtm=2ou340&z=1441508448 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85417367-1&cid=576095289.1584027851&jid=111566263&_gid=1163209065.1584027851&gjid=1293588410&_v=j81&z=1441508448

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
url
www.google.com/ 		520 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?q=https%3A%2F%2Flzdmsmujepoc2xlgp13srg-on.drv.tw%2FDon%27tTouchYaFace%2Fwww.DontTouchYaFace.com.html&sa=D&sntz=1&usg=AFQjCNEDFRD7Fz5nnEG-m7ZOp-PcLvH7Lw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
9729eeb6eba69d2cc0213cbae1fa4772db8e046325731c43ae8a294c579042e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/url?q=https%3A%2F%2Flzdmsmujepoc2xlgp13srg-on.drv.tw%2FDon%27tTouchYaFace%2Fwww.DontTouchYaFace.com.html&sa=D&sntz=1&usg=AFQjCNEDFRD7Fz5nnEG-m7ZOp-PcLvH7Lw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
location
https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
cache-control
private
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
date
Thu, 12 Mar 2020 15:44:08 GMT
server
gws
content-length
520
x-xss-protection
0
expires
Thu, 12 Mar 2020 15:44:08 GMT
set-cookie
NID=200=Qns9cJtSi2IqV7PVNzA04o6--Qjcw-mDjQbN6M-bWukqk3relxYp0ieevRRYVEyuTt-ZQAlu2yp6uvAgn7R_6UySX-yRh11cYA1YGzqdwKgAFbkqLON6lKwjLRZxAkmSDFGCi3JbVcX5GylCHj8xaXbZ6Jontjn9foHMWHMs1P4; expires=Fri, 11-Sep-2020 15:44:08 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=WP.2848ae; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Primary Request www.DontTouchYaFace.com.html
lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
Requested by
Host: www.google.com
URL: https://www.google.com/url?q=https%3A%2F%2Flzdmsmujepoc2xlgp13srg-on.drv.tw%2FDon%27tTouchYaFace%2Fwww.DontTouchYaFace.com.html&sa=D&sntz=1&usg=AFQjCNEDFRD7Fz5nnEG-m7ZOp-PcLvH7Lw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.47.165 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
12aae8769cfb1a6c1890452fdbe814c324fa40291c652562a2f3c7142b294b89

Request headers

:method
GET
:authority
lzdmsmujepoc2xlgp13srg-on.drv.tw
:scheme
https
:path
/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.google.com/url?q=https%3A%2F%2Flzdmsmujepoc2xlgp13srg-on.drv.tw%2FDon%27tTouchYaFace%2Fwww.DontTouchYaFace.com.html&sa=D&sntz=1&usg=AFQjCNEDFRD7Fz5nnEG-m7ZOp-PcLvH7Lw
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://www.google.com/url?q=https%3A%2F%2Flzdmsmujepoc2xlgp13srg-on.drv.tw%2FDon%27tTouchYaFace%2Fwww.DontTouchYaFace.com.html&sa=D&sntz=1&usg=AFQjCNEDFRD7Fz5nnEG-m7ZOp-PcLvH7Lw

Response headers

status
200
server
nginx/1.14.0 (Ubuntu)
date
Thu, 12 Mar 2020 15:44:10 GMT
content-type
text/html
last-modified
Thu, 05 Mar 2020 03:42:39 GMT
cache-control
public, max-age=604800
vary
Accept-Encoding
content-encoding
gzip
x-cache
BYPASS
set-cookie
uid=rBEORV5qWMpM11HOHwXwAg==; domain=.drv.tw; path=/
tf.min.js
cdn.jsdelivr.net/npm/@tensorflow/tfjs@1.3.1/dist/ 		879 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@tensorflow/tfjs@1.3.1/dist/tf.min.js
Requested by
Host: lzdmsmujepoc2xlgp13srg-on.drv.tw
URL: https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cacc44b288b5e3362fe388e8058cdb9027e54018725c373d4c8d4831c1cbbd0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 12 Mar 2020 15:44:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
257292
cf-ray
572ea2921b061f51-FRA
x-cache
HIT
status
200
vary
Accept-Encoding
x-served-by
cache-fra19138-FRA
server
cloudflare
etag
W/"dbc7f-WVpcdeAmgn0wbe6VTaTT4dTVr0M"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
teachablemachine-image.min.js
cdn.jsdelivr.net/npm/@teachablemachine/image@0.8/dist/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@teachablemachine/image@0.8/dist/teachablemachine-image.min.js
Requested by
Host: lzdmsmujepoc2xlgp13srg-on.drv.tw
URL: https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5591b07e37c3edaf7475999a8f0b687ddf031e6eed8cb9c31aad53344f91a73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 12 Mar 2020 15:44:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
29920
cf-ray
572ea2921b0a1f51-FRA
x-cache
HIT
status
200
vary
Accept-Encoding
x-served-by
cache-fra19172-FRA
server
cloudflare
etag
W/"786a-eKWIBg9RVHkjFN7sFeCNL3kLG7E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
wd.js
drv.tw/inc/ 		365 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://drv.tw/inc/wd.js
Requested by
Host: lzdmsmujepoc2xlgp13srg-on.drv.tw
URL: https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.254.47.165 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
621f59e87c01610c253ac2f9c3f8f7df5f6492c1d2f804088948278849124b33

Request headers

Referer
https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 12 Mar 2020 15:44:10 GMT
last-modified
Thu, 30 Jan 2020 14:10:48 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e32e3e8-16d"
x-cache
BYPASS
content-type
application/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
365
expires
Fri, 13 Mar 2020 15:44:10 GMT
16Y_cjB0kk_VRvE09Rs-jNP3LgXwSqwqG
doc-0g-3k-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/eetmc0o77n97jgpdovfd56f9qb1043ba/1584027825000/12733288827823659179/*/
Redirect Chain
  • https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/Danger1.mp3
  • https://drive.google.com/uc?id=16Y_cjB0kk_VRvE09Rs-jNP3LgXwSqwqG
  • https://doc-0g-3k-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/eetmc0o77n97jgpdovfd56f9qb1043ba/1584027825000/12733288827823659179/*/16Y_cjB0kk_VRvE09Rs-jNP3LgXwSqwqG
33 KB
35 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://doc-0g-3k-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/eetmc0o77n97jgpdovfd56f9qb1043ba/1584027825000/12733288827823659179/*/16Y_cjB0kk_VRvE09Rs-jNP3LgXwSqwqG
Requested by
Host: lzdmsmujepoc2xlgp13srg-on.drv.tw
URL: https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
73dbc531bbfcc7f7523768578983d5fb48b304b061a8d68439a00f459605e1a4

Request headers

Referer
https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-goog-hash
crc32c=IvvCZw==
date
Thu, 12 Mar 2020 15:44:12 GMT
x-guploader-uploadid
AEnB2UoXnZzfpdts8uDr4qIq9LhYOkT2gtq4THkF62IXDpiVZKchPcnO95Py6fB6ajCHV6tkvusTGvXiehGtc3MeuPz62Xi1e2ZERyN3VZexrMSjlcrUpz8
status
206
content-disposition
inline;filename="Danger1.mp3";filename*=UTF-8''Danger1.mp3
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Content-Length
33365
Content-Range
bytes 0-33364/33365
server
UploadServer
access-control-allow-methods
GET,OPTIONS
content-type
audio/mp3
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, google-cloud-resource-prefix, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Goog-Meeting-Botguardid, X-Goog-Meeting-Debugid, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id
expires
Thu, 12 Mar 2020 15:44:12 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Mar 2020 15:44:11 GMT
x-content-type-options
nosniff
server
GSE
status
302
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
location
https://doc-0g-3k-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/eetmc0o77n97jgpdovfd56f9qb1043ba/1584027825000/12733288827823659179/*/16Y_cjB0kk_VRvE09Rs-jNP3LgXwSqwqG
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-R53ga7lUxwOQ5EflluqIEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
377
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
uc
drive.google.com/
Redirect Chain
  • https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/Danger2.mp3
  • https://drive.google.com/uc?id=1aEIxTUU0Z0suEU6KhIfGqYv8La0zxF7p
0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://drive.google.com/uc?id=1aEIxTUU0Z0suEU6KhIfGqYv8La0zxF7p
Requested by
Host: lzdmsmujepoc2xlgp13srg-on.drv.tw
URL: https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Thu, 12 Mar 2020 15:44:11 GMT
last-modified
Thu, 05 Mar 2020 03:15:21 GMT
server
nginx/1.14.0 (Ubuntu)
etag
0B-v3cEJXORR9S3ducUpVWno2dWVkU3p1ck1wL3VnV09NYVdrPQ
status
302
x-cache
BYPASS
content-type
audio/mp3
location
https://drive.google.com/uc?id=1aEIxTUU0Z0suEU6KhIfGqYv8La0zxF7p
cache-control
no-cache
x-d2w-target-length
33365
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Requested by
Host: drv.tw
URL: https://drv.tw/inc/wd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8661d5a3e03f1d00f87f74a78afb761575c41ba0b2d2eb8b76b26920598fab65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 12 Mar 2020 15:44:10 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28547
x-xss-protection
0
last-modified
Thu, 12 Mar 2020 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Mar 2020 15:44:10 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4239
date
Thu, 12 Mar 2020 14:33:31 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Thu, 12 Mar 2020 16:33:31 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=378203107&t=pageview&_s=1&dl=https%3A%2F%2Flzdmsmujepoc2xlgp13srg-on.drv.tw%2FDon%2527tTouchYaFace%2Fwww.DontTouchYaFace.com.html&dr=https%3A...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85417367-1&cid=576095289.1584027851&jid=111566263&_gid=1163209065.1584027851&gjid=1293588410&_v=j81&z=1441508448
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85417367-1&cid=576095289.1584027851&jid=111566263&_gid=1163209065.1584027851&gjid=1293588410&_v=j81&z=1441508448
Requested by
Host: lzdmsmujepoc2xlgp13srg-on.drv.tw
URL: https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lzdmsmujepoc2xlgp13srg-on.drv.tw/Don%27tTouchYaFace/www.DontTouchYaFace.com.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Thu, 12 Mar 2020 15:44:10 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Mar 2020 15:44:10 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85417367-1&cid=576095289.1584027851&jid=111566263&_gid=1163209065.1584027851&gjid=1293588410&_v=j81&z=1441508448
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| tf object| _tfengine object| tmImage function| init function| loop function| predict function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.drv.tw/ Name: _gat_gtag_UA_85417367_1
Value: 1
.drv.tw/ Name: _ga
Value: GA1.2.576095289.1584027851
.drv.tw/ Name: _gid
Value: GA1.2.1163209065.1584027851
.drv.tw/ Name: uid
Value: rBEORV5qWMpM11HOHwXwAg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0