urlscan.io logo urlscan.io
SecurityTrails logo

nexdrive.lol Open in urlscan Pro
2606:4700:3036::6815:388d  Public Scan

Go To Rescan Add Verdict Report
URL: https://nexdrive.lol/
Submission: On November 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3036::6815:388d, located in United States and belongs to CLOUDFLARENET, US. The main domain is nexdrive.lol.
TLS certificate: Issued by WE1 on October 6th 2024. Valid for: 3 months.
This is the only time nexdrive.lol was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.255.103.103 7979 (SERVERS-COM)
1 2a04:4e42:600... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.67.150.119 13335 (CLOUDFLAR...)
1 172.67.184.140 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
2 139.45.197.245 9002 (RETN-AS R...)
2 172.67.152.125 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
21 12
3    2606:4700:3036::6815:388d (United States)

ASN13335 (CLOUDFLARENET, US)
nexdrive.lol
3    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.255.103.103 (Netherlands)

ASN7979 (SERVERS-COM, US)
nu.wolfmandiked.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.67.150.119 (United States)

ASN13335 (CLOUDFLARENET, US)
arvigorothan.com
1    172.67.184.140 (United States)

ASN13335 (CLOUDFLARENET, US)
ads.myfirstname.in
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
lordeeksogoatee.net
2    172.67.152.125 (United States)

ASN13335 (CLOUDFLARENET, US)
nexdrive.lol
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
Apex Domain
Subdomains		 Transfer
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 3353
21 KB
5 nexdrive.lol
nexdrive.lol
88 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
284 KB
2 lordeeksogoatee.net
lordeeksogoatee.net
5 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565 Failed
908 B
1 myfirstname.in
ads.myfirstname.in
40 KB
1 arvigorothan.com
arvigorothan.com — Cisco Umbrella Rank: 167701
30 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
23 KB
1 wolfmandiked.com
nu.wolfmandiked.com
1 KB
21 9
Domain Requested by
5 nexdrive.lol nexdrive.lol
3 region1.google-analytics.com www.googletagmanager.com
3 www.googletagmanager.com nexdrive.lol
www.googletagmanager.com
cdn.jsdelivr.net
2 lordeeksogoatee.net arvigorothan.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 my.rtmark.net arvigorothan.com
1 ads.myfirstname.in cdn.jsdelivr.net
1 arvigorothan.com nexdrive.lol
1 cdn.jsdelivr.net nexdrive.lol
1 nu.wolfmandiked.com nexdrive.lol
21 10

This site contains no links.

Subject Issuer Validity Valid
nexdrive.lol
WE1		 2024-10-06 -
2025-01-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
nu.wolfmandiked.com
R11		 2024-11-15 -
2025-02-13		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
arvigorothan.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
myfirstname.in
WE1		 2024-10-31 -
2025-01-29		 3 months crt.sh
lordeeksogoatee.net
R10		 2024-11-19 -
2025-02-17		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nexdrive.lol/
Frame ID: E389FF5575A90D698BEA21A165311622
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NextGen Drive

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

21
Requests

95 %
HTTPS

45 %
IPv6

9
Domains

10
Subdomains

12
IPs

4
Countries

494 kB
Transfer

1448 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nexdrive.lol/ 		102 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nexdrive.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:388d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd413faee0623eba317e4a270d60df4e4e73a668084a62f32c4f1211cb19d1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=7200
cf-cache-status
MISS
cf-edge-cache
cache,platform=wordpress
cf-ray
8e5c32c9592191e7-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 23:25:18 GMT
last-modified
Wed, 20 Nov 2024 23:25:17 GMT
link
<https://nexdrive.lol/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfFt1tDhLxB60A%2Bo%2Bx%2FFoUipdWkZL8mDzmV65DYJZPvyJvaPPfPkbNy0QnPW9KqrdJ1G8RtjdVRLUpolnO3DOKtSM2NTHVWBeeW4GI%2FBKT76Wnk%2FedL2E017S1NgP07tscVnmycH%2FM8RAqQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=38650&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3988&recv_bytes=2344&delivery_rate=99491&cwnd=254&unsent_bytes=0&cid=a065de660e083b62&ts=620&x=0"
strict-transport-security
max-age=31536000
vary
Accept-Encoding
wpo-cache-status
saving to cache
x-cache
HIT from Backend
x-content-type-options
nosniff nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
x-xss-protection
1; mode=block 1; mode=block
wpo-minify-header-34891e36.min.css
nexdrive.lol/wp-content/cache/wpo-minify/1729755666/assets/ 		199 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nexdrive.lol/wp-content/cache/wpo-minify/1729755666/assets/wpo-minify-header-34891e36.min.css
Requested by
Host: nexdrive.lol
URL: https://nexdrive.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:388d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c37ad876b3d096c9f685f979456e3fcf37c7ba0859722846d661fd137cfe925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

content-encoding
gzip
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2Bg2dTs9cXA%2F1EHMWK91tD7DRIhkGrFbdq8MC7RzlwnXnLjnnsI1VCu6d8Feu7l7VJcPEaj4PFoQYKIOMvhZeIaNU%2BYcUE4S97f8yQKVPDCbwz%2FxKo4MJiOMcNyQLBXWbgDfLSxbLYaXoL0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 23:25:18 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=38194&sent=54&recv=19&lost=0&retrans=0&sent_bytes=47813&recv_bytes=2634&delivery_rate=1259641&cwnd=254&unsent_bytes=0&cid=a065de660e083b62&ts=1172&x=0"
date
Wed, 20 Nov 2024 23:25:18 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 07:43:06 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5c32cd6b0f91e7-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
server
cloudflare
js
www.googletagmanager.com/gtag/ 		223 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-158883125-9
Requested by
Host: nexdrive.lol
URL: https://nexdrive.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
702fd66a8b1db25d00bf99433f30c12c629cdf406e8ca2817b3d4a50b57e5347
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 20 Nov 2024 23:25:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 23:25:18 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 20 Nov 2024 22:52:37 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81423
x-xss-protection
0
server
Google Tag Manager
54950
nu.wolfmandiked.com/rdfFRIgw0NIMu9MDV/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nu.wolfmandiked.com/rdfFRIgw0NIMu9MDV/54950
Requested by
Host: nexdrive.lol
URL: https://nexdrive.lol/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.255.103.103 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
Date
Wed, 20 Nov 2024 23:25:19 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://nexdrive.lol
Server
nginx
wpo-minify-footer-47130656.min.js
nexdrive.lol/wp-content/cache/wpo-minify/1729755666/assets/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexdrive.lol/wp-content/cache/wpo-minify/1729755666/assets/wpo-minify-footer-47130656.min.js
Requested by
Host: nexdrive.lol
URL: https://nexdrive.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:388d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b050366d90a0d8d71782200274a92edf69858950670e3382af08381762bbbfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
2994
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=waVRV00Sjj9aF0E9tys%2FmlmADAfoUPGC4sBzm1Go36B6xflTurCBELBLMHQMevb%2F%2BRd1Wc7n%2F0OM3k2qjpjrA7ZPeCCR%2B7ha%2BlDTlef0XTFGKZGKhE4WkCBy0%2BuLE51pOkXNdadZ2QRSudc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 22:35:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=38027&sent=48&recv=18&lost=0&retrans=0&sent_bytes=44367&recv_bytes=2634&delivery_rate=1259641&cwnd=254&unsent_bytes=0&cid=a065de660e083b62&ts=751&x=0"
date
Wed, 20 Nov 2024 23:25:18 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 07:41:07 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5c32cd6b1091e7-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
server
cloudflare
extra.js
cdn.jsdelivr.net/gh/vgmjs/assets/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/vgmjs/assets/extra.js
Requested by
Host: nexdrive.lol
URL: https://nexdrive.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dde6d0e988f63fffe096dfa4b52483b16f40109cee8963e73cbd35f4ecc8ae2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"f7a5-v0vbOO1VBcE3GQIf9Z+WBq8grrY"
age
34896
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 20 Nov 2024 23:25:18 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230079-FRA, cache-cph2320021-CPH
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
23493
x-jsd-version
master
js
www.googletagmanager.com/gtag/ 		274 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HLHKH2VJT0&l=dataLayer&cx=c&gtm=457e4bj0za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158883125-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
efb4b8e495a7d86e615f8c17f5b39d2bf56119f92aadd7aa2ebfd07b93b2259b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 20 Nov 2024 23:25:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 23:25:18 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98132
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158883125-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

content-encoding
gzip
age
6912
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 23:30:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 21:30:06 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
tag.min.js
arvigorothan.com/ 		70 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arvigorothan.com/tag.min.js
Requested by
Host: nexdrive.lol
URL: https://nexdrive.lol/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89369d7e3bb535cecc4e756593af0baf909f80cb84ff20e5d0330698fd2dd52a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

access-control-max-age
86400
content-encoding
zstd
cf-cache-status
HIT
age
27605
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Ait3WtSpWX4STTAvjbcnMFEcENewKj7aAfHWovICr3NTngCMyoWamKvO1Wkdv9qTxrfSFFYoVIJDzwN9Xs3Pn95nUWWWRtKGewRcbU%2FZ2uPvZlYqNHcmMoM0oayGrRNM0pt"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 21 Nov 2024 15:45:13 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37937&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4157&recv_bytes=4231&delivery_rate=86701&cwnd=12000&unsent_bytes=0&cid=1ffdfa80f3ced821&ts=55&x=1", cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 23:25:18 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 20 Nov 2024 15:37:02 GMT
vary
Accept-Encoding
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cache-control
max-age=86400
timing-allow-origin
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
830920f224b801bf7d57f4683fd30531
cf-ray
8e5c32d11f7fdc62-FRA
access-control-allow-origin
*
server
cloudflare
js
www.googletagmanager.com/gtag/ 		323 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P36YDXY7SM
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vgmjs/assets/extra.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d38f4ab2b314ec6f1c9eaf19c429eacead4c1fa5b889d4bb1d30f80497bb201f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 20 Nov 2024 23:25:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 23:25:18 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109868
x-xss-protection
0
server
Google Tag Manager
vgm.js
ads.myfirstname.in/js/ 		94 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.myfirstname.in/js/vgm.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/vgmjs/assets/extra.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7701665700b18e9fe7c3390dcf1d577b74e9845e7300c3a0a0d4d30c1a90386e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
1035
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EEZb1VInxSuA3xFpfDU1rYYyNNBP3uRS1xfqK0HslV9rZfWjmBH5kbDGJAq0SqMD%2FXpP7ML0f75YRbvHkyDFmeK4oQ0XAure6vaBWf3FuHzYZeqU%2Fo61ahj2Lt%2BlqsqeISyNhZk%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37525&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4209&recv_bytes=4280&delivery_rate=83815&cwnd=12000&unsent_bytes=0&cid=4aa9befe23e5f080&ts=122&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 23:25:19 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 20 Nov 2024 22:49:25 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors 'self'
cache-control
max-age=1800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5c32d2cbacbb80-FRA
x-xss-protection
1; mode=block
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HLHKH2VJT0&gtm=45je4bj0v9126363692za200&_p=1732145118773&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=613806450.1732145119&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1732145119&sct=1&seg=0&dl=https%3A%2F%2Fnexdrive.lol%2F&dt=NextGen%20Drive&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1572
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HLHKH2VJT0&l=dataLayer&cx=c&gtm=457e4bj0za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nexdrive.lol
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 23:25:19 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/j/ 		1 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1787189045&t=pageview&_s=1&dl=https%3A%2F%2Fnexdrive.lol%2F&ul=de-de&de=UTF-8&dt=NextGen%20Drive&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1882722974&gjid=2080879820&cid=613806450.1732145119&tid=UA-158883125-9&_gid=1535634897.1732145119&_r=1&gtm=457e4bj0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&npa=1&z=1241919292
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://nexdrive.lol/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 23:25:19 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://nexdrive.lol
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P36YDXY7SM&gtm=45je4bj0v9137295900za200&_p=1732145118773&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=613806450.1732145119&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732145119&sct=1&seg=0&dl=https%3A%2F%2Fnexdrive.lol%2F&dt=NextGen%20Drive&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1630
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P36YDXY7SM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nexdrive.lol
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 23:25:19 GMT
content-type
text/plain
server
Golfe2
/
lordeeksogoatee.net/5/7236202/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lordeeksogoatee.net/5/7236202/?oo=1&js_build=iclick-v1.1008.1&dmn=arvigorothan.com&tt=2&ix=0&is_mobile=false
Requested by
Host: arvigorothan.com
URL: https://arvigorothan.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
46fb6fd188bbc7dd2f62693d4d1a16433c6ceeb471952bbe02b17c7070c2b8b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
date
Wed, 20 Nov 2024 23:25:19 GMT
content-type
application/json
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache, no-cache
access-control-allow-credentials
true
x-trace-id
19b9eb28ee88f42237a00dc55a1ecb46
access-control-allow-origin
https://nexdrive.lol
server
nginx
0a4c642.png
nexdrive.lol/wp-content/uploads/2022/09/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nexdrive.lol/wp-content/uploads/2022/09/0a4c642.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
304fb3b381b5a9ade0d1ac4e60d14b0e17125daaf3d94631da65621af5ce1aad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
3728
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QkPjUTp54BcRFFAXdvY3DLrasaNnkqFoNBmQVJLDz5FeJ199ipzXABi%2BWmfdMQAi4nDvgh%2F8CeQecQLXVKxxoJzqxL2CKwj2EjLfDfqO5qFT1tdYVwaSfr8XVxkvy%2Bk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 19 Jan 2025 22:23:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41065&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4264&recv_bytes=4614&delivery_rate=347&cwnd=12000&unsent_bytes=0&cid=89d87169432e1e4a&ts=1066&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 23:25:19 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=1,i
last-modified
Wed, 14 Sep 2022 10:08:28 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5c32d3e8ecdb9f-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
server
cloudflare
gid.js
my.rtmark.net/ 		0
0
0a4c642.png
nexdrive.lol/wp-content/uploads/2022/09/ 		17 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://nexdrive.lol/wp-content/uploads/2022/09/0a4c642.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
304fb3b381b5a9ade0d1ac4e60d14b0e17125daaf3d94631da65621af5ce1aad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
3728
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QkPjUTp54BcRFFAXdvY3DLrasaNnkqFoNBmQVJLDz5FeJ199ipzXABi%2BWmfdMQAi4nDvgh%2F8CeQecQLXVKxxoJzqxL2CKwj2EjLfDfqO5qFT1tdYVwaSfr8XVxkvy%2Bk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 19 Jan 2025 22:23:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41065&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4264&recv_bytes=4614&delivery_rate=347&cwnd=12000&unsent_bytes=0&cid=89d87169432e1e4a&ts=1066&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 23:25:19 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=1,i
last-modified
Wed, 14 Sep 2022 10:08:28 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5c32d3e8ecdb9f-FRA
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
server
cloudflare
gid.js
my.rtmark.net/ 		65 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=t6le394382ts651239422g1y2maff204
Requested by
Host: arvigorothan.com
URL: https://arvigorothan.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d325768917245151ce09e67857c48465f44ec5e8175f852b615d44e9035e3e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

access-control-expose-headers
Authorization
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EBPf%2FddRHLktfTUkjKtS13v8rRlq9U2ZyO2ALQ11s7Z3YI85p%2BiSuJ%2BJmX00tFiGiYV37SJ2ENTrlHRj%2BzFzjj%2BhVmoCLT7MxjZ3%2FOWGcrbt6F755vK7OHC7KivcqEai"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=199144&sent=15&recv=8&lost=2&retrans=5&sent_bytes=5640&recv_bytes=4662&delivery_rate=84&cwnd=8400&unsent_bytes=0&cid=2d34eebadd00a800&ts=1367&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 23:25:20 GMT
content-type
application/json; charset=utf-8
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e5c32dcfc375287-LAX
access-control-allow-origin
https://nexdrive.lol
server
cloudflare
/
lordeeksogoatee.net/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lordeeksogoatee.net/?rb=wOvrS85wvFWBK8rThMrkC75yTC4QGlc9TJPCIGIfW6knBOp0X44KUHV7XfmPJ-yhGHkgePAs1sDPFHx_jKtXmF9g3FzbJPE3t_K9LnTuXGnXpeZDwl_7RmQaOeaWDcLwP_QAz5FdzXG0GwGIRvZxmWWp3Hg22_8GhYiZ7rryLXEKGjLEYaop8tFAGKB-0wQH-NtLrNgo-9yBVHJ9EE9t1dt8Bd3J7NhWw4ghGnSb0SyIQ0Uhx26U-bWx2kMZXyllN0ZOQ2YOzcQRfFIJOTcZ2A78VpJOjLNqBV3uBSbGluBTlo7XgWoFnlikXL1jTJdE&request_ab2=0&zoneid=7236202&js_build=iclick-v1.1008.1&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1285&sah=1200&wx=90&wy=90&cw=1600&wfc=0&pl=https%3A%2F%2Fnexdrive.lol%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FBerlin&bto=-60&tt=2&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.1008.1&navlng=de-DE&vsbl=true&pnt=0&pnrc=0&bml=1&bmi=1&bs=e22bb950-7b7f-4644-a13d-24a7713f1d17&wasm=1&userId=t6le394382ts651239422g1y2maff204&is_mobile=false&m=link
Requested by
Host: arvigorothan.com
URL: https://arvigorothan.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
4b6f9c54018dd09cf69c6e7e9ac07d19ed8f752d6fc4a8b7dfaa7de6260f9c9c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Wed, 20 Nov 2024 23:25:20 GMT
content-type
application/json
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
322e9fa98c7ca7924a4a56cb36ff3cea
access-control-allow-origin
https://nexdrive.lol
server
nginx
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P36YDXY7SM&gtm=45je4bj0v9137295900za200&_p=1732145118773&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=613806450.1732145119&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732145119&sct=1&seg=0&dl=https%3A%2F%2Fnexdrive.lol%2F&dt=NextGen%20Drive&en=scroll&epn.percent_scrolled=90&_et=8&tfd=6645
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P36YDXY7SM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexdrive.lol/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nexdrive.lol
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 23:25:24 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
my.rtmark.net
URL
https://my.rtmark.net/gid.js?userId=00811a9d3f884e86ed9cb3f3b5cc5029

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_manager object| google_tag_data object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga object| links object| emojiImages object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle object| bodyElement object| gtagScript string| customScript function| _0x48c84d function| _0x56afdc function| _0x4ed9 function| _0x243420 function| _0x5150c4 function| _0x3dd2aa function| _0x3cba2f function| _0x19f286 function| _0x528085 function| _0x2abfbd function| _0x20d5 function| _0x16e311 function| _0x20a3eb function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| gaGlobal object| gaplugins object| gaData function| onYouTubeIframeAPIReady object| zfgstorage object| rh178mcvjh object| zfgformats function| onClickTrigger boolean| zfgloadedpopup string| script function| isMobileDevice function| handleVisibilityChange function| primeiframe function| rrrr object| currentDate number| timezoneOffset number| targetNumber number| randomNum object| urlss object| insElement object| iframeElement function| loadURLs number| ok function| DisableDevtool boolean| zfgonclickfirst object| syncCallbacks function| arrive function| unbindArrive function| leave function| unbindLeave

12 Cookies

Domain/Path Name / Value
.nexdrive.lol/ Name: _ga_HLHKH2VJT0
Value: GS1.1.1732145119.1.0.1732145119.0.0.0
.nexdrive.lol/ Name: _gid
Value: GA1.2.1535634897.1732145119
.nexdrive.lol/ Name: _gat_gtag_UA_158883125_9
Value: 1
.nexdrive.lol/ Name: _ga
Value: GA1.1.613806450.1732145119
.nexdrive.lol/ Name: _ga_P36YDXY7SM
Value: GS1.1.1732145119.1.0.1732145119.0.0.0
nu.wolfmandiked.com/ Name: GL_UI4
Value: eJw9jVtugzAQRSFgkrSBdiQW0CVAns1nld%2FuwTLjgbgBT2Qc0u6%2BbqX26z50dG8URbPyCeIpW0JyUzt4oUOF1f74ut8S1kjUHnbrDa4Rj822blHD0ozSq6Ynn8JiHJTz0k8prDqy5AxKZE05PAfqr7lYvtsUROOU1TmIIRB9DvPG8X0kVyaQWjUQZKez46BiUB%2FsIKk3VfDGBh9XMOOxTIoHEO%2FG3j6LVRYVRRbB47VXvmU3SKNDFJ1TmiB%2BgwUqTx27L5hrGi%2BerwDca%2FnP%2F36K%2FmcNMk2TwRDZn8l9Ayg%2FTvw%3D
nu.wolfmandiked.com/ Name: GL_GI10
Value: eJwVyEEKwjAQRuHMLFqEZvHTXsOghaDrVuk5YgxSxEmYFsHb2y7et3jGGO4a8FzQXE%2Bu995d3Ln3oBf4dgdHQT0l%2FQT5gdSCVSwobs2wY9Z0HEJ8P7IksCw4bKtkDWsClYrAa95dnp0Bfav2D%2BkGF8Y%3D
nexdrive.lol/ Name: prefetchAd_7236202
Value: true
lordeeksogoatee.net/ Name: OAID
Value: t6le394382ts651239422g1y2maff204
lordeeksogoatee.net/ Name: oaidts
Value: 1732145120
lordeeksogoatee.net/ Name: syncedCookie
Value: true
my.rtmark.net/ Name: ID
Value: t6le394382ts651239422g1y2maff204

1 Console Messages

Source Level URL
Text
rendering warning URL: https://nexdrive.lol/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F03C02CC130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.myfirstname.in
arvigorothan.com
cdn.jsdelivr.net
lordeeksogoatee.net
my.rtmark.net
nexdrive.lol
nu.wolfmandiked.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
my.rtmark.net
139.45.197.245
172.255.103.103
172.67.150.119
172.67.152.125
172.67.184.140
188.114.96.3
2001:4860:4802:34::36
2606:4700:3036::6815:388d
2a00:1450:4001:801::200e
2a00:1450:4001:828::2008
2a04:4e42:600::485
0c37ad876b3d096c9f685f979456e3fcf37c7ba0859722846d661fd137cfe925
2cd413faee0623eba317e4a270d60df4e4e73a668084a62f32c4f1211cb19d1a
304fb3b381b5a9ade0d1ac4e60d14b0e17125daaf3d94631da65621af5ce1aad
46fb6fd188bbc7dd2f62693d4d1a16433c6ceeb471952bbe02b17c7070c2b8b3
4b6f9c54018dd09cf69c6e7e9ac07d19ed8f752d6fc4a8b7dfaa7de6260f9c9c
6b050366d90a0d8d71782200274a92edf69858950670e3382af08381762bbbfd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
702fd66a8b1db25d00bf99433f30c12c629cdf406e8ca2817b3d4a50b57e5347
7701665700b18e9fe7c3390dcf1d577b74e9845e7300c3a0a0d4d30c1a90386e
89369d7e3bb535cecc4e756593af0baf909f80cb84ff20e5d0330698fd2dd52a
a2d325768917245151ce09e67857c48465f44ec5e8175f852b615d44e9035e3e
d38f4ab2b314ec6f1c9eaf19c429eacead4c1fa5b889d4bb1d30f80497bb201f
dde6d0e988f63fffe096dfa4b52483b16f40109cee8963e73cbd35f4ecc8ae2e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb4b8e495a7d86e615f8c17f5b39d2bf56119f92aadd7aa2ebfd07b93b2259b