urlscan.io logo urlscan.io
SecurityTrails logo

zxppy.carrd.co Open in urlscan Pro
104.18.40.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zxppy.carrd.co/
Effective URL: https://zxppy.carrd.co/
Submission: On November 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 5 domains to perform 34 HTTP transactions. The main IP is 104.18.40.34, located in and belongs to CLOUDFLARENET, US. The main domain is zxppy.carrd.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2023. Valid for: a year.
This is the only time zxppy.carrd.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    172.64.147.222 (United States)

ASN13335 (CLOUDFLARENET, US)
zxppy.carrd.co
3    104.18.40.34 (None, )

ASN13335 (CLOUDFLARENET, US)
zxppy.carrd.co
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
drive.google.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:828::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
3    2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
4    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
content.googleapis.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
15 google.com
drive.google.com — Cisco Umbrella Rank: 294
play.google.com — Cisco Umbrella Rank: 32
accounts.google.com — Cisco Umbrella Rank: 23
apis.google.com — Cisco Umbrella Rank: 116
www.google.com — Cisco Umbrella Rank: 2
176 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
ssl.gstatic.com
929 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
content.googleapis.com — Cisco Umbrella Rank: 1801
3 KB
4 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 415
4 carrd.co
zxppy.carrd.co
121 KB
34 5
Domain Requested by
6 www.gstatic.com drive.google.com
www.gstatic.com
4 apis.google.com www.gstatic.com
content.googleapis.com
apis.google.com
4 csp.withgoogle.com zxppy.carrd.co
4 drive.google.com 1 redirects zxppy.carrd.co
www.gstatic.com
4 zxppy.carrd.co 1 redirects zxppy.carrd.co
3 content.googleapis.com apis.google.com
3 accounts.google.com 2 redirects www.gstatic.com
3 play.google.com www.gstatic.com
3 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com zxppy.carrd.co
drive.google.com
1 www.google.com accounts.google.com
1 ssl.gstatic.com www.gstatic.com
34 12

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.roblox.com
www.buymeacoffee.com
carrd.co
Subject Issuer Validity Valid
carrd.co
Cloudflare Inc ECC CA-3		 2023-03-31 -
2024-03-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://zxppy.carrd.co/
Frame ID: 3F4C77ED462F33D61533D14AB93E55CC
Requests: 7 HTTP requests in this frame

Frame: https://drive.google.com/file/d/1mrPzauDVTORoNINdNTyGpuBBBihyxex4/preview
Frame ID: 7526E4EC33F7904DF13C13830FD63D72
Requests: 18 HTTP requests in this frame

Frame: https://drive.google.com/auth_warmup
Frame ID: 5762891785FE7BB0863E85487E628484
Requests: 1 HTTP requests in this frame

Frame: https://csp.withgoogle.com/csp/docs-tt
Frame ID: F91F971C0A040287B78DCF085111BF25
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp3HO94Tg88JzF5_df6UZALo_MAQxjN-X4cc_BRrSqWPHf6NvG1maAbjKhUO1HPHmRkgei2Jlg&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1527023657%3A1701378845458806&theme=glif
Frame ID: E16FB9EFB36F0939021D7518DE13EB01
Requests: 2 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.q86ihocu0HA.O%2Fd%3D1%2Frs%3DAHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ%2Fm%3D__features__
Frame ID: F332E8407A80D8B51A8FB2F4250D9EFC
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

zxppy bio carrd

Page URL History Show full URLs

  1. http://zxppy.carrd.co/ HTTP 301
    https://zxppy.carrd.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

34
Requests

100 %
HTTPS

85 %
IPv6

5
Domains

12
Subdomains

13
IPs

3
Countries

1226 kB
Transfer

4664 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zxppy.carrd.co/ HTTP 301
    https://zxppy.carrd.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://drive.google.com/drivesharing/clientmodel?id=1mrPzauDVTORoNINdNTyGpuBBBihyxex4&foreignService=texmex&authuser=0&origin=https%3A%2F%2Fdrive.google.com HTTP 302
  • https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://drive.google.com/drivesharing/clientmodel?id%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://drive.google.com/drivesharing/clientmodel?id%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&passive=1209600&ifkv=ASKXGp3cm7y3O94urmnt0RtvQL63igxdJA2tyskhApG46tMGpb30DeosUkEdpibt8zClY_W4FT9rVw HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp3HO94Tg88JzF5_df6UZALo_MAQxjN-X4cc_BRrSqWPHf6NvG1maAbjKhUO1HPHmRkgei2Jlg&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1527023657%3A1701378845458806&theme=glif

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zxppy.carrd.co/
Redirect Chain
  • http://zxppy.carrd.co/
  • https://zxppy.carrd.co/
45 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zxppy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61611d8c08f3995091303c6420a40a1008321722a06ce48ad7480a3c06f43614

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
82e6190d4f724528-TXL
content-encoding
gzip
content-type
text/html
date
Thu, 30 Nov 2023 21:14:04 GMT
expires
Thu, 30 Nov 2023 21:14:03 GMT
last-modified
Sat, 11 Nov 2023 06:25:30 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
82e6190adfbfaca9-TXL
Cache-Control
max-age=0
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 30 Nov 2023 21:14:03 GMT
Expires
Thu, 30 Nov 2023 21:14:03 GMT
Location
https://zxppy.carrd.co/
Server
cloudflare
Transfer-Encoding
chunked
css2
fonts.googleapis.com/ 		2 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Sora:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700
Requested by
Host: zxppy.carrd.co
URL: https://zxppy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c7ffc2f00683af55910c2043be12c297f5cf8228ddf7766cd6a09f462246edb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zxppy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 21:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 21:14:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 21:14:04 GMT
image01.png
zxppy.carrd.co/assets/images/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zxppy.carrd.co/assets/images/image01.png?v=2949c484
Requested by
Host: zxppy.carrd.co
URL: https://zxppy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a759c1b97c58466067dc2ba2946407ee6cc7e7a0f216aeb08ba12aea53369596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zxppy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:14:04 GMT
cf-cache-status
MISS
last-modified
Sat, 11 Nov 2023 04:37:35 GMT
server
cloudflare
etag
"19a62-609d8fefce748"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
82e619100dac4528-TXL
content-length
105058
expires
Thu, 07 Dec 2023 21:14:04 GMT
preview
drive.google.com/file/d/1mrPzauDVTORoNINdNTyGpuBBBihyxex4/ Frame 7526 		70 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drive.google.com/file/d/1mrPzauDVTORoNINdNTyGpuBBBihyxex4/preview
Requested by
Host: zxppy.carrd.co
URL: https://zxppy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8bbd8bd98959e53b7e1216a2fb84c2d96171e5d038a447872d044391e2119667
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Xbw2xxwiVSrQC2lwduBVjg' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/ require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zxppy.carrd.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Xbw2xxwiVSrQC2lwduBVjg' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/ require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
content-type
text/html; charset=utf-8
date
Thu, 30 Nov 2023 21:14:04 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
GSE
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow, nosnippet
x-xss-protection
1; mode=block
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f85ca9907a04517a45a5a8b03810019d2d8d30ff0769f0e73c641d541ddb9e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
bg.gif
zxppy.carrd.co/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zxppy.carrd.co/assets/images/bg.gif?v=2949c484
Requested by
Host: zxppy.carrd.co
URL: https://zxppy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0762fc75493451882d9582b0e5339a1fa24d293f17609918a17cfb7e9dd2b1d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zxppy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:14:04 GMT
cf-cache-status
MISS
last-modified
Fri, 10 Nov 2023 04:11:49 GMT
server
cloudflare
etag
"195c-609c48501bab8"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
82e61910efeb4528-TXL
content-length
6492
expires
Thu, 07 Dec 2023 21:14:04 GMT
truncated
/ 		146 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12cfcd6e2b0c91c50b95a5822f7a55105c0cc9f3d2793611760f521c162a62aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2
fonts.gstatic.com/s/sora/v12/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sora/v12/xMQ9uFFYT72X5wkB_18qmnndmSdSnh2BAfO5mnuyOo1lfiQwV6-x.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Sora:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34f389410a7c00bca7ca2822478e236e1b5f388c49519ef8147bf035b2e20417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zxppy.carrd.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 22:34:12 GMT
x-content-type-options
nosniff
age
599992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25064
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:16:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 22:34:12 GMT
css
fonts.googleapis.com/ Frame 7526 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/1mrPzauDVTORoNINdNTyGpuBBBihyxex4/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 21:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 19:24:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 21:14:04 GMT
rs=AO0039sY7Sm1t2B9OxjysI-VpkY_Lydvbg
www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.iZURKu5NHAM.L.W.O/am=IAw/d=0/ Frame 7526 		2 MB
246 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.iZURKu5NHAM.L.W.O/am=IAw/d=0/rs=AO0039sY7Sm1t2B9OxjysI-VpkY_Lydvbg
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/1mrPzauDVTORoNINdNTyGpuBBBihyxex4/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc15e3f73cb924d1411034b5b32825b54fe9a8ee26c68eecd070c7c6e9e271c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 14:40:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251068
x-xss-protection
0
last-modified
Wed, 22 Nov 2023 20:20:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-fileview"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 14:40:49 GMT
docs-tt
csp.withgoogle.com/csp/ Frame 7526 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/docs-tt
Requested by
Host: zxppy.carrd.co
URL: https://zxppy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://drive.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/csp-report

Response headers
m=v,wb
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=1/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/ Frame 7526 		1 MB
476 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=1/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/m=v,wb
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/1mrPzauDVTORoNINdNTyGpuBBBihyxex4/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be970546e9308bd633b654e67f02ef2fabc476981e3ea7ebf9e60f99a09637c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 14:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
486949
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 06:07:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-fileview"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 14:49:10 GMT
rs=AA2YrTvJokvtG8N6jN8YSW2ganpY-9G4eQ
www.gstatic.com/og/_/js/k=og.qtm.en_US.ypE8V67UKTU.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ Frame 7526 		111 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/og/_/js/k=og.qtm.en_US.ypE8V67UKTU.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvJokvtG8N6jN8YSW2ganpY-9G4eQ
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/1mrPzauDVTORoNINdNTyGpuBBBihyxex4/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a66807d5aa36e17e63c97b581be23982242d9da022fe6588f6b2abb8144b4da7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 11:00:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40954
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 02:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="one-google-eng"
vary
Accept-Encoding, Origin
report-to
{"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 11:00:45 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ Frame 7526 		106 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=1/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/m=v,wb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3e5dee13ca61bcbceccdb9f56160e261eb1e2efdb3ccfd55e8384347b0f2943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36927
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 16:54:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 21:20:23 GMT
m=MpJwZc,UUJqVe,sy1u,sy3,sy1v,s39S4,syk,sy1w,pw70Gc
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=0/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/ Frame 7526 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=0/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/m=MpJwZc,UUJqVe,sy1u,sy3,sy1v,s39S4,syk,sy1w,pw70Gc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=1/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/m=v,wb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e617b34fa1b1ffcd876d798364b0a239fd22d5b89c439dc6172b7d695338e504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 14:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4566
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 06:07:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-fileview"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 14:49:10 GMT
auth_warmup
drive.google.com/ Frame 5762 		0
842 B 		Document
General
Check archive.org
Download Go to
Full URL
https://drive.google.com/auth_warmup
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=1/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/m=v,wb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-Hfo34ds3GdpnNEKg2J9UKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-Hfo34ds3GdpnNEKg2J9UKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Thu, 30 Nov 2023 21:14:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
log
play.google.com/ Frame 7526 		131 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=1/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/m=v,wb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 30 Nov 2023 21:14:05 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://drive.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 Nov 2023 21:14:05 GMT
docs-tt
csp.withgoogle.com/csp/ Frame F91F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/docs-tt
Requested by
Host: zxppy.carrd.co
URL: https://zxppy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/csp-report

Response headers
identifier
accounts.google.com/v3/signin/ Frame E16F
Redirect Chain
  • https://drive.google.com/drivesharing/clientmodel?id=1mrPzauDVTORoNINdNTyGpuBBBihyxex4&foreignService=texmex&authuser=0&origin=https%3A%2F%2Fdrive.google.com
  • https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://drive.google.com/drivesharing/clientmodel?id%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%2...
  • https://accounts.google.com/InteractiveLogin?continue=https://drive.google.com/drivesharing/clientmodel?id%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dht...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp3HO94Tg88JzF5_df6UZALo_MAQxjN-X4cc_BRrSqWPHf6NvG1maAbjKhUO1HPHmRkgei2Jlg&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1527023657%3A1701378845458806&theme=glif
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=1/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/m=v,wb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3969e737abaa80c86d61e7df08c502e6b5d8db2164e390302adf3007182971d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UQ1S-86ovpd_trL1Qff_DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UQ1S-86ovpd_trL1Qff_DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="AccountsSignInUi"
date
Thu, 30 Nov 2023 21:14:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
477
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport script-src 'report-sample' 'nonce--ujWbRk-nVIRCQbbF9d_kA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type
text/html; charset=UTF-8
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
date
Thu, 30 Nov 2023 21:14:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp3HO94Tg88JzF5_df6UZALo_MAQxjN-X4cc_BRrSqWPHf6NvG1maAbjKhUO1HPHmRkgei2Jlg&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1527023657%3A1701378845458806&theme=glif
pragma
no-cache
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
server
GSE
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/ Frame 7526 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.ypE8V67UKTU.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvJokvtG8N6jN8YSW2ganpY-9G4eQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e14a8c1b9a0bb7b7b36cd163d168074b385572518dbe6cbc66115880c701996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40994
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 21:49:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 17:10:37 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/ Frame 7526 		202 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.ypE8V67UKTU.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvJokvtG8N6jN8YSW2ganpY-9G4eQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60fd18fb14b4861e0baedb5a288a5524763c965608360bef29b4cc0b39da4da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 18:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70861
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 21:49:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 18:05:51 GMT
v-sprite54.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 7526 		113 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite54.svg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.iZURKu5NHAM.L.W.O/am=IAw/d=0/rs=AO0039sY7Sm1t2B9OxjysI-VpkY_Lydvbg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64db3530653f3c614e2ef2daa616a5ab601c0cd3201b01f8b7842a0e666cbde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 14:55:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
541100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49026
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Sat, 23 Nov 2024 14:55:45 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7526 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://drive.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 09:09:18 GMT
x-content-type-options
nosniff
age
216287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Nov 2024 09:09:18 GMT
m=CmOog,sy2e,SB123c
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=0/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/ Frame 7526 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=0/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/m=CmOog,sy2e,SB123c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=1/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/m=v,wb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0791379b2a2f4e43da4e228025c7588e54dc50a7c898818a5d4cc3418a8e035a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 15:22:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4101
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 06:07:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-fileview"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 15:22:36 GMT
log
play.google.com/ Frame 7526 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=1/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/m=v,wb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 30 Nov 2023 21:14:05 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://drive.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 Nov 2023 21:14:05 GMT
uc
drive.google.com/ Frame 7526 		396 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://drive.google.com/uc?id=1mrPzauDVTORoNINdNTyGpuBBBihyxex4&authuser=0&export=download
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=1/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/m=v,wb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2652f4e277190f822632f27fa7d740bb055ffdfd36b0c0bc2250fd51a5d02985
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UYuW1mW46DvkUE8VStJDmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
X-Drive-First-Party
DriveViewer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 30 Nov 2023 21:14:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-UYuW1mW46DvkUE8VStJDmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://drive.google.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
proxy.html
content.googleapis.com/static/ Frame F332 		382 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.q86ihocu0HA.O%2Fd%3D1%2Frs%3DAHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2ef970ada85f074a4bc2f03dff5fbce2c13b2c95b1a0eba02d0f1aef78b8b5f
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-319Q9iLX5binwgK36nOqsw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
274
content-security-policy
script-src 'nonce-319Q9iLX5binwgK36nOqsw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type
text/html
cross-origin-embedder-policy
require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only
same-origin; report-to="apiserving"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 21:14:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
pragma
no-cache
report-to
{"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
docs-tt
csp.withgoogle.com/csp/ Frame F332 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/docs-tt
Requested by
Host: zxppy.carrd.co
URL: https://zxppy.carrd.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/csp-report

Response headers
apiserving
csp.withgoogle.com/csp/ Frame F332 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/apiserving
Requested by
Host: zxppy.carrd.co
URL: https://zxppy.carrd.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://content.googleapis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/csp-report

Response headers
googleapis.proxy.js
apis.google.com/js/ Frame F332 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/googleapis.proxy.js?onload=startup
Requested by
Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.q86ihocu0HA.O%2Fd%3D1%2Frs%3DAHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eccc3985e6323c3b984dda3b4fca6f1eb3c0dda9821d72f7bf3de4267c72b54b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 Nov 2023 21:14:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7118
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"9fa817d2951cd6fe"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Nov 2023 21:14:05 GMT
googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame E16F 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp3HO94Tg88JzF5_df6UZALo_MAQxjN-X4cc_BRrSqWPHf6NvG1maAbjKhUO1HPHmRkgei2Jlg&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1527023657%3A1701378845458806&theme=glif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:14:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 30 Nov 2023 21:14:05 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/ Frame F332 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df9a73036272bc6608881ae0f033ea819c228da01b8c3035cc1f46fc4c54b0b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27949
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 21:49:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 17:24:02 GMT
viewerimpressions
content.googleapis.com/drive/v2internal/ Frame F332 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://drive.google.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.q86ihocu0HA.O%2Fd%3D1%2Frs%3DAHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Goog-AuthUser
0
X-Referer
https://drive.google.com

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 21:14:05 GMT
x-content-type-options
nosniff
server
ESF
etag
"vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin, X-Origin
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
log
play.google.com/ Frame 7526 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.r0elCe4hQlg.O/am=IAw/d=1/rs=AO0039tur4WopW4CteQGbRDypk3vbqwNYQ/m=v,wb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 30 Nov 2023 21:14:05 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://drive.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 Nov 2023 21:14:05 GMT
viewerimpressions
content.googleapis.com/drive/v2internal/ Frame F332 		0
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://drive.google.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.q86ihocu0HA.O%2Fd%3D1%2Frs%3DAHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Goog-AuthUser
0
X-Referer
https://drive.google.com

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 21:14:05 GMT
x-content-type-options
nosniff
server
ESF
etag
"vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin, X-Origin
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7526 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
Origin
https://drive.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 02:58:03 GMT
x-content-type-options
nosniff
age
497763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 02:58:03 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| _scrollToTop

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=bJmI80QmSIooy1LQnA6nt-ZWTOf_HaPECFPh8QXRsMwePZlPAvKdaBWo_4tXW1QqTzcTF_ToUQ_ClGGDzUCNCb__961lEyVje7RgIErZIt2nT0YMmQJqQr6hX8XiyWRmZpXg5zxUrCjQ817sgCE5bWUQ6RgeOaWpkxYnyfzuqlw

5 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1mrPzauDVTORoNINdNTyGpuBBBihyxex4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp3HO94Tg88JzF5_df6UZALo_MAQxjN-X4cc_BRrSqWPHf6NvG1maAbjKhUO1HPHmRkgei2Jlg&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1527023657%3A1701378845458806&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
content.googleapis.com
csp.withgoogle.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
play.google.com
ssl.gstatic.com
www.google.com
www.gstatic.com
zxppy.carrd.co
104.18.40.34
172.64.147.222
2a00:1450:4001:801::200a
2a00:1450:4001:80e::200d
2a00:1450:4001:81c::200e
2a00:1450:4001:828::2004
2a00:1450:4001:828::2011
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
0762fc75493451882d9582b0e5339a1fa24d293f17609918a17cfb7e9dd2b1d6
0791379b2a2f4e43da4e228025c7588e54dc50a7c898818a5d4cc3418a8e035a
12cfcd6e2b0c91c50b95a5822f7a55105c0cc9f3d2793611760f521c162a62aa
2652f4e277190f822632f27fa7d740bb055ffdfd36b0c0bc2250fd51a5d02985
34f389410a7c00bca7ca2822478e236e1b5f388c49519ef8147bf035b2e20417
3e14a8c1b9a0bb7b7b36cd163d168074b385572518dbe6cbc66115880c701996
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
60fd18fb14b4861e0baedb5a288a5524763c965608360bef29b4cc0b39da4da2
61611d8c08f3995091303c6420a40a1008321722a06ce48ad7480a3c06f43614
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
7f85ca9907a04517a45a5a8b03810019d2d8d30ff0769f0e73c641d541ddb9e8
8bbd8bd98959e53b7e1216a2fb84c2d96171e5d038a447872d044391e2119667
a66807d5aa36e17e63c97b581be23982242d9da022fe6588f6b2abb8144b4da7
a759c1b97c58466067dc2ba2946407ee6cc7e7a0f216aeb08ba12aea53369596
be970546e9308bd633b654e67f02ef2fabc476981e3ea7ebf9e60f99a09637c2
c3e5dee13ca61bcbceccdb9f56160e261eb1e2efdb3ccfd55e8384347b0f2943
c7ffc2f00683af55910c2043be12c297f5cf8228ddf7766cd6a09f462246edb7
d64db3530653f3c614e2ef2daa616a5ab601c0cd3201b01f8b7842a0e666cbde
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dc15e3f73cb924d1411034b5b32825b54fe9a8ee26c68eecd070c7c6e9e271c7
df9a73036272bc6608881ae0f033ea819c228da01b8c3035cc1f46fc4c54b0b4
e3969e737abaa80c86d61e7df08c502e6b5d8db2164e390302adf3007182971d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e617b34fa1b1ffcd876d798364b0a239fd22d5b89c439dc6172b7d695338e504
eccc3985e6323c3b984dda3b4fca6f1eb3c0dda9821d72f7bf3de4267c72b54b
f2ef970ada85f074a4bc2f03dff5fbce2c13b2c95b1a0eba02d0f1aef78b8b5f