team.gdrive.vip Open in urlscan Pro
2606:4700:3032::ac43:abf0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://team.gdrive.vip/
Effective URL:
http://team.gdrive.vip/
Submission: On August 04 via manual (August 4th 2022, 7:19:16 pm UTC) from NL — Scanned from NL

Summary HTTP 102 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 18 domains to perform 102 HTTP transactions. The main IP is 2606:4700:3032::ac43:abf0, located in United States and belongs to CLOUDFLARENET, US. The main domain is team.gdrive.vip.

This is the only time team.gdrive.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3032::ac43:abf0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:303... 2606:4700:3034::6815:580f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:eac9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:2c44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
15	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	206.189.82.16 206.189.82.16	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3 7	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
102	25

2 2606:4700:3032::ac43:abf0 (United States)

ASN13335 (CLOUDFLARENET, US)

team.gdrive.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3034::6815:580f (United States)

ASN13335 (CLOUDFLARENET, US)

gdrive.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eac9 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bootcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:2c44 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.website-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.189.82.16 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

website-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria) 3 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

scontent-ams2-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

scontent-ams4-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	430 KB
21	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 557 scontent-ams2-1.xx.fbcdn.net — Cisco Umbrella Rank: 14263 scontent-ams4-1.xx.fbcdn.net — Cisco Umbrella Rank: 13722	679 KB
12	gdrive.vip team.gdrive.vip gdrive.vip	392 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	82 KB
7	facebook.com 3 redirects www.facebook.com — Cisco Umbrella Rank: 100	49 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	57 KB
4	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	1 KB
3	website-analytics.net cdn.website-analytics.net website-analytics.net	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	86 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	88 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2137	41 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	google.nl adservice.google.nl — Cisco Umbrella Rank: 13999	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	645 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	41 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	7 KB
1	bootcss.com cdn.bootcss.com — Cisco Umbrella Rank: 38614	32 KB
102	18

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
13	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
12	pagead2.googlesyndication.com	team.gdrive.vip pagead2.googlesyndication.com www.gstatic.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	gdrive.vip	team.gdrive.vip
7	www.facebook.com	3 redirects team.gdrive.vip connect.facebook.net
5	scontent-ams4-1.xx.fbcdn.net	www.facebook.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	scontent-ams2-1.xx.fbcdn.net	www.facebook.com
3	www.google.com	2 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	website-analytics.net	cdn.website-analytics.net
2	connect.facebook.net	team.gdrive.vip connect.facebook.net
2	stackpath.bootstrapcdn.com	team.gdrive.vip
2	team.gdrive.vip	team.gdrive.vip
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.nl	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	team.gdrive.vip
1	cdn.website-analytics.net	team.gdrive.vip
1	cdnjs.cloudflare.com	team.gdrive.vip
1	cdn.bootcss.com	team.gdrive.vip
102	25

This site contains links to these domains. Also see Links.

Domain
gdrive.vip
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-14` - `2022-08-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
website-analytics.net R3	`2022-06-26` - `2022-09-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh

This page contains 14 frames:

Primary Page: http://team.gdrive.vip/
Frame ID: 0A12CFEA35298F1742840C5591F7D67E
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/zrt_lookup.html
Frame ID: 6A7440D4F6528E09F035D4F33B6B94AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5601562035807538&output=html&h=90&slotname=6906265454&adk=2232709765&adf=854766408&pi=t.ma~as.6906265454&w=728&lmt=1659640752&psa=0&format=728x90&url=http%3A%2F%2Fteam.gdrive.vip%2F&wgl=1&dt=1659640751860&bpp=5&bdt=22584&idt=183&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&correlator=7923105646433&frm=20&pv=2&ga_vid=1494307977.1659640752&ga_sid=1659640752&ga_hid=744221702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068771%2C31068809&oid=2&pvsid=1123935176937356&tmod=1456723160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EWN2iySNoy&p=http%3A//team.gdrive.vip&dtd=199
Frame ID: F1DA631BD479CD2BD7CD0D74E099FA97
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5601562035807538&output=html&h=600&slotname=3186988626&adk=590598135&adf=2653354368&pi=t.ma~as.3186988626&w=300&lmt=1659640752&psa=0&format=300x600&url=http%3A%2F%2Fteam.gdrive.vip%2F&wgl=1&dt=1659640751880&bpp=2&bdt=22603&idt=183&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7923105646433&frm=20&pv=1&ga_vid=1494307977.1659640752&ga_sid=1659640752&ga_hid=744221702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068771%2C31068809&oid=2&pvsid=1123935176937356&tmod=1456723160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=99av1EDCuQ&p=http%3A//team.gdrive.vip&dtd=187
Frame ID: 8532695352FB906D54FF433298F78693
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5601562035807538&output=html&adk=1812271804&adf=3025194257&lmt=1659640752&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fteam.gdrive.vip%2F&ea=0&pra=7&wgl=1&dt=1659640751901&bpp=1&bdt=22624&idt=172&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&nras=1&correlator=7923105646433&frm=20&pv=1&ga_vid=1494307977.1659640752&ga_sid=1659640752&ga_hid=744221702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068771%2C31068809&oid=2&pvsid=1123935176937356&tmod=1456723160&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=177
Frame ID: D4FB778E4F9B6081D5A0DC2061F5B4B1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/index.html
Frame ID: C991B91FDFBA40E3D4451E90659A2353
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B31D232BF58E712B51A2252EDAC6560B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7AF818E3D2EC2D3797D9C2803FEBC118
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3114024c9ce858%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&href=https%3A%2F%2Fteam.gdrive.vip%2F&layout=button_count&locale=vi_VN&sdk=joey&share=true&size=small&width=
Frame ID: 5D7DF1CAF205E0074F79CF9D3145A37A
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width
Frame ID: 9D3F9DCA9CACE4D3DE70D926F85C409B
Requests: 20 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1926350767439578%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3e1800e9f2dff4%2526domain%253Dteam.gdrive.vip%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fteam.gdrive.vip%25252Ff225c420e2de858%2526relation%253Dparent.parent%26container_width%3D308%26height%3D220%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fwww.gdrive.vip%252F%26locale%3Dvi_VN%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width%3D303
Frame ID: D2398B3EBCA38614F746C018272B601F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: ECAA2495403C06507850A6BFD943A9F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 34CAFAF4149668424C2E7DA052B261D4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BEEE90886947692079ABE4D5203C39DA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tạo Bộ nhớ dùng chung MIỄN PHÍ - Team Drive Free - Google Shared Drives - Team.GDrive.VIP

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

102
Requests

98 %
HTTPS

92 %
IPv6

18
Domains

25
Subdomains

25
IPs

6
Countries

2010 kB
Transfer

5608 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://gdrive.vip/huong-dan-su-dung-bo-nho-dung-chung-shared-drives-tren-google-drive/
Title: Bộ nhớ dùng chung Google Drive là gì?

Search URL Search Domain Scan URL

URL: https://gdrive.vip/cach-tao-bo-nho-dung-chung-google-drive-mien-phi-team-drive-unlimited/
Title: Xem Video Hướng Dẫn Tại Đây

Search URL Search Domain Scan URL

URL: https://gdrive.vip/
Title: Google Drive không giới hạn dung lượng

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/2985102244906444/

Search URL Search Domain Scan URL

URL: https://gdrive.vip/cach-tao-tai-khoan-onedrive-5tb-mien-phi-trong-1-click/

Search URL Search Domain Scan URL

URL: https://gdrive.vip/mua-bo-nho-dung-chung-shared-drives/

Search URL Search Domain Scan URL

URL: https://gdrive.vip/tai-khoan-office-365-ban-quyen-5-may-tinh-onedrive-5tb/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

http://team.gdrive.vip/teamDriveThemes HTTP 307
https://team.gdrive.vip/teamDriveThemes

Request Chain 60

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 65

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 69

https://www.facebook.com/v4.0/plugins/comments.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width= HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width

Request Chain 70

https://www.facebook.com/v4.0/plugins/page.php?adapt_container_width=true&app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e1800e9f2dff4%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=308&height=220&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fwww.gdrive.vip%2F&locale=vi_VN&sdk=joey&show_facepile=true&small_header=false&tabs=&width=303 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1926350767439578%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3e1800e9f2dff4%2526domain%253Dteam.gdrive.vip%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fteam.gdrive.vip%25252Ff225c420e2de858%2526relation%253Dparent.parent%26container_width%3D308%26height%3D220%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fwww.gdrive.vip%252F%26locale%3Dvi_VN%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width%3D303

102 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
team.gdrive.vip/ 18 KB
6 KB 82ms
47ms Document
text/html 2606:4700:3032::ac43:abf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://team.gdrive.vip/
Protocol: HTTP/1.1
Server: 2606:4700:3032::ac43:abf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02266dc66baa43fcd34f0c48c0aa83e931e19de0d07ece80d95b59cd3406d2b2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
CF-RAY: 7359a41db82b9a24-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 04 Aug 2022 19:18:49 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMUIGu2BU9w26LD%2FCOey2sCiT2xXP%2BvrQ%2FmjXNs10ESdKcBsN3VmKXktoMEvUUn9iEbUC9sadTAbOq%2FcPYA6rrxnaLWdK02rsluDhcdz%2FPpjDt2Hkkn39K5ZMVswqWm%2B6bs5hV0UVtTAodLEpgk%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
gdrive.vip/team/ 2 KB
2 KB 97ms
34ms Stylesheet
text/css 2606:4700:3034::6815:580f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdrive.vip/team/style.css?v=10

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:580f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

66e1a446f965ca8f582273b13730cea5ad4e123e2783b73cbdb4d56a003b97af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131044
x-powered-by: LarVPS
x-rocket-nginx-serving-static: BYPASS
cf-polished: origSize=2695
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 19 Sep 2021 17:36:26 GMT
server: cloudflare
etag: W/"6147751a-a87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-download-options: noopen
content-type: text/css
cf-bgj: minify
vary: Accept-Encoding
cache-control: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDgHlTzDKI60%2FIzjOWc60ZHUbGr79%2BGVAxew2Jg6RGUuhXDBaSidNyrgEmTDRqr37uO44otQpZE3cli7W8ROcKIOgV4tk3wGVFhG0yRks%2FAmBxentYFQoCKQlj%2BlweVzSvXBsLpCTbUc"}],"group":"cf-nel","max_age":604800}
cf-ray: 7359a41e7e599031-FRA
expires: Fri, 02 Sep 2022 06:56:01 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
25 KB 77ms
32ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 3853925
cdn-cachedat: 12/27/2021 07:28:05
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5a4f218ff2cc791bfca3e2943b0791a7
cf-ray: 7359a41e5d4b9241-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
cdn.bootcss.com/jquery/3.4.1/ 86 KB
32 KB 22524ms
22045ms Script
application/javascript 2606:4700:3038::6815:eac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bootcss.com/jquery/3.4.1/jquery.min.js
Requested by: Host: team.gdrive.vip
URL: http://team.gdrive.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-encoding: br
content-md5: Igr9dD2elkOFLjGhNanzrg==
age: 28486
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtFqjx%2FPruPLB9R7KLyoayr04eAmk9q7mYIVMZGGIZYHAlUyXvcWC8y4nvfgA9SmdidZ3qX5DlF7c52Ty51xc7nuwgA%2FVsmbjYFSBqJ9XYH%2B07R0ob0FgQfkBsnWDK8SrjcP48AKzwH6ewCZ4xY%3D"}],"group":"cf-nel","max_age":604800}
x-swift-cachetime: 33387
content-disposition: inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js
x-swift-savetime: Sun, 03 Apr 2022 11:32:53 GMT
x-m-reqid: LhQAAKsD1KXjyq0W
x-m-log: QNM:jjh1911;QNM3:51/304
etag: W/"FohSOSQ1G6wLXVYP4MV4HiVW52k9.gz"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: max-age=2678400
x-qiniu-zone: 0
x-qnm-cache: Hit
eagleid: 2ff6179a16489904622132462e
expires: Thu, 04 Aug 2022 23:24:02 GMT
x-log: X-Log
date: Thu, 04 Aug 2022 19:18:49 GMT
via: cache1.l2de2[0,0,304-0,H], cache12.l2de2[1,0], cache8.us10[0,0,200-0,H], cache6.us10[3,0]
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-reqid: RbkAAABQP2FtL-IW
x-cache: HIT TCP_HIT dirn:11:49487431, HIT
content-transfer-encoding: binary
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
last-modified: Thu, 02 May 2019 01:43:43 GMT
server: cloudflare
x-svr: IO
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
ali-swift-global-savetime: 1648932560
cf-ray: 7359a4210ca9b7e8-AMS

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 71ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://team.gdrive.vip/
Origin: http://team.gdrive.vip
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12347619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78pAEzrK5N6DW90glSAMxb8HAeFGT%2FRaha9y3XG5JFbf%2Fcm8Syj1pTWOEnOutgfo25V3drx5PVhm%2F2ee7wzK4E4OepAOwWhlKYeKTDj9dxEoDbBESmwqbIUqcY5jEsVcoVxdtk4yq5%2FALTpRQhmASEIL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7359a41e5d7e5b9e-FRA
expires: Tue, 25 Jul 2023 19:18:49 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 83ms
39ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://team.gdrive.vip/
Origin: http://team.gdrive.vip
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
access-control-allow-origin: *
cdn-cachedat: 04/09/2022 02:51:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 41fb74441064aa134dd7d282b04a33db
cf-ray: 7359a41e587190b2-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 script.js Show response
cdn.website-analytics.net/js/ 746 B
1 KB 112ms
29ms Script
application/javascript 2606:4700:3036::6815:2c44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.website-analytics.net/js/script.js
Requested by: Host: team.gdrive.vip
URL: http://team.gdrive.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2c44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b75640250e69024fdf4487e83a538b5c07a516f16645329b0d2a63bca6df8b3a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Sep 2021 06:20:31 GMT
server: cloudflare
age: 621
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZlO%2FAaKyE1FR2xeIyIZApV5dgUWyQfj5a76IQn4rUnAWPImP%2BaIhCwWglSbHTl4zNkQDADzUzmXk%2Frf8LwL15yHZ9XauhZg6C6BWFAwq0nZnc94%2B2sjnOsZXOit8%2F6kz%2FW82k9KHOIzxOEX4cO39V2rdw5T6XW4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7359a41f3ddf5ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 11 Aug 2022 19:09:25 GMT

GET
H2 200 Team-Drive-GDrive-VIP.png
gdrive.vip/wp-content/uploads/2020/10/ 36 KB
36 KB 31ms
29ms Image
image/png 2606:4700:3034::6815:580f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdrive.vip/wp-content/uploads/2020/10/Team-Drive-GDrive-VIP.png

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:580f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

5f3413c82aa787bb8709e1c20b466113aedbbc46c7ce12c3d6d30eec5ff24214

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 274269
x-powered-by: LarVPS
x-rocket-nginx-serving-static: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36611
x-xss-protection: 1; mode=block
last-modified: Sun, 19 Sep 2021 17:36:23 GMT
server: cloudflare
etag: "61477517-8f03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9N5B0TmEqmcTPiWibnU3sJAR5w1dxT4F6H1rXnpQ%2B7mk17mq%2F1i6U6NUOHpKhRC7o4W28TRYw2xMDqSi7tGg2gFXdVEJvfp24v586guwx%2BeK9BmRk8glBO%2FXeR17VEEMsQcnsXOIhyDq"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7359a41f6f639031-FRA
expires: Wed, 31 Aug 2022 15:08:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
57 KB 122ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b6018b0f8c1f050081229ee87c8f8aeebeb1b71556504d966008d86431977f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57294
x-xss-protection: 0
server: cafe
etag: 17519063324394216220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 19:18:49 GMT

GET
H3 200 apple-touch-icon.png
gdrive.vip/team/ 11 KB
12 KB 2024ms
2024ms Image
image/png 2606:4700:3034::6815:580f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdrive.vip/team/apple-touch-icon.png

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:580f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

9dd1ad64445dd1dc3403c4396de91d7a514a0cca4f0e4e39a70d5ac7001938da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: LarVPS
x-rocket-nginx-serving-static: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11251
x-xss-protection: 1; mode=block
last-modified: Sun, 19 Sep 2021 17:36:26 GMT
server: cloudflare
etag: "6147751a-2bf3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMdW7JEDpKnhwC9vP9wRJXxaNjN2onHt%2BnUgnCCWSX2bY3fuTEb6xyH2n97vU4EiIBLFI6SuQ7g7KZdAtXezZU00YKz6bEJJRIvbwdbisWA%2ByQbYHWXOcmhB%2BjQp9PVUF28fpUl%2FT739"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7359a420a8799bef-FRA
expires: Sat, 03 Sep 2022 19:20:07 GMT

GET
H3 200 tham-gia-nhom.png
gdrive.vip/wp-content/uploads/2021/04/ 36 KB
36 KB 29ms
28ms Image
image/png 2606:4700:3034::6815:580f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdrive.vip/wp-content/uploads/2021/04/tham-gia-nhom.png

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:580f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

bca0d729549a122fc8a0ed9ce604c3fc7a4eaaba2311213e251a19e57792c5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1821697
x-powered-by: LarVPS
x-rocket-nginx-serving-static: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36667
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Oct 2021 08:55:41 GMT
server: cloudflare
etag: "61727c8d-8f3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1UC9Au8Kx7F6KzfL3r1etoQmTIAevt%2BsB52W2orXrBoJeUNI00FMZVzS8SPJR6K1AImydNdPaqYTyx91dLfYuLxduZ9KiFEEmNmVaZ2cnM0VFTwpyJwBFFVtg7zWo3cvWl%2Bzu1%2FwvU8"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7359a42d6f759bef-FRA
expires: Sat, 13 Aug 2022 17:18:19 GMT

GET
H3 200 onedrive-5tb-mien-phi.jpg
gdrive.vip/wp-content/uploads/2021/07/ 29 KB
30 KB 30ms
30ms Image
image/jpeg 2606:4700:3034::6815:580f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdrive.vip/wp-content/uploads/2021/07/onedrive-5tb-mien-phi.jpg

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:580f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

3a091ddd71b36dac5be8835a90c23e6c18ddc1a1103741cbb3e3079c1d7bef61

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56999
x-powered-by: LarVPS
x-rocket-nginx-serving-static: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29596
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Oct 2021 08:55:39 GMT
server: cloudflare
etag: "61727c8b-739c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EIIEAR5JUmWWBOf26KSn7rnnqKxAmAkgJ6PsDjuZ2xFxjWbcDAiYiRAHVMvK4cYWVYEy2RLYI7CVWtfOf2EFM3CcClb0mB0qjg%2Flylqgqxfo2H4%2FeIExKjlxE4ekE%2F7M9aIAZ2W2%2BMi"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7359a42db8229bef-FRA
expires: Sat, 03 Sep 2022 03:30:09 GMT

GET
H3 200 google-drive-team-drive-shared-drives.png
gdrive.vip/wp-content/uploads/2021/07/ 31 KB
32 KB 29ms
28ms Image
image/png 2606:4700:3034::6815:580f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdrive.vip/wp-content/uploads/2021/07/google-drive-team-drive-shared-drives.png

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:580f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

698421e1a916a0e1a825c4c2cb116fcd290304c1ad9aa7aa2de9e204bcb116df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56997
x-powered-by: LarVPS
x-rocket-nginx-serving-static: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31978
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Oct 2021 08:55:39 GMT
server: cloudflare
etag: "61727c8b-7cea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIEZ4IQBSHkRqepV6v2OkBA8yRPTJP3YhRSV9x7GZulwJ0NZ1kWBOwESCRRPHj%2FL3P6580Nhect5SH4dlTvB984BNLhYQv1QfKM1eOHEIryxSfArwvs65MrNSNRnKay5LJVd8ex1UaX1"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7359a42de8779bef-FRA
expires: Sat, 03 Sep 2022 03:30:10 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 80ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

92418920d2c9d33b6273aa30ae24394b5616065f80ccb8dff72d14fa227a9e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://team.gdrive.vip/
Origin: http://team.gdrive.vip
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2r5sHGL0sx+VGzSe3OLT7A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: Sk8f/wGOnEU6kSRB043a+V8d6+ONKa7qtspkCxj3M+TGIgrFWxTWz1wTSIfudV6AYU7afnQdpn8D082SEBqPPQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 5c1d8620d52e32a7f1b64e7a5b96d0a1
x-frame-options: DENY
date: Thu, 04 Aug 2022 19:18:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "93c789e4ebe0be8d35029faeb52bf4f6"
timing-allow-origin: *
expires: Thu, 04 Aug 2022 19:35:18 GMT

GET
H3 200 xac-nhan.gif
gdrive.vip/wp-content/uploads/2020/04/ 81 KB
81 KB 33ms
31ms Image
image/gif 2606:4700:3034::6815:580f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdrive.vip/wp-content/uploads/2020/04/xac-nhan.gif

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:580f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

c78417d4dc63e27aaa189d7471efca14b4e00cd0783557e45d7bf16512c1d4c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2282077
x-powered-by: LarVPS
x-rocket-nginx-serving-static: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 82645
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Oct 2021 08:55:47 GMT
server: cloudflare
etag: "61727c93-142d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/gif
cache-control: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gD3mH9DcXyxIZDFkdBz5Y0WaQIaR59RozyfaIVpvlYk5he8lLpEeEFsQr7AtU9Q382pO2NKI1Jz%2FZ9Rvbl%2Bhh2deSyoouj1%2Fc2zyBnILGckCuDzRh%2FyZseVHrdWz0Smpk95LtLS%2FvJw0"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7359a42ec9c69bef-FRA
expires: Mon, 08 Aug 2022 09:25:16 GMT

GET
H3 200 banner-gdrive-vip.jpg
gdrive.vip/wp-content/uploads/2021/05/ 96 KB
97 KB 31ms
31ms Image
image/jpeg 2606:4700:3034::6815:580f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdrive.vip/wp-content/uploads/2021/05/banner-gdrive-vip.jpg

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:580f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

2e280f9ecc4a12b599048278aafbcf2e3f3e1a974dfb8ddcb78333c2c0c49120

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56995
x-powered-by: LarVPS
x-rocket-nginx-serving-static: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98664
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Oct 2021 08:55:40 GMT
server: cloudflare
etag: "61727c8c-18168"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4WlwFfyBBcOKNGShNCf7HVXPGGArGaw5jlYZxraxoDnLzmwP2tZ5jI%2BZvbYjV5DZ9WoMUbg2kRvNbMo6PbCIfZvZKLS%2BF2bQ%2FdghDyaI8cfxrizqcrOd6Xy73Ee37%2FDmNADMQqKl263"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7359a42f1a419bef-FRA
expires: Sat, 03 Sep 2022 03:30:13 GMT

GET
H3 200 mua-bo-nho-dung-chung.jpg
gdrive.vip/wp-content/uploads/2022/04/ 25 KB
25 KB 27ms
27ms Image
image/jpeg 2606:4700:3034::6815:580f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdrive.vip/wp-content/uploads/2022/04/mua-bo-nho-dung-chung.jpg

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:580f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

338894dbb311beea8feae1abaf54f89f22c6d2b01d46e79bcdd1bbdcf0421a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 798258
x-powered-by: LarVPS
x-rocket-nginx-serving-static: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25272
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Apr 2022 14:55:40 GMT
server: cloudflare
etag: "624c586c-62b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9u2wVbGSVCH0qYdY2CIBcn6UMVUtZlSh%2BhxxoZibXskoOeJNbNqVlG1mc6sgSsdMZzaAnMnbfSoTJd6NHgjZMOPSWrwBh97IXEtuPvRLi6fcIUVq1PTjK7eRI1l6Rbrju7kWi5ddvHEj"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7359a42f7ab89bef-FRA
expires: Thu, 25 Aug 2022 13:35:45 GMT

GET
H3 200 banner-office-365.png
gdrive.vip/wp-content/uploads/2021/05/ 34 KB
35 KB 27ms
27ms Image
image/png 2606:4700:3034::6815:580f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdrive.vip/wp-content/uploads/2021/05/banner-office-365.png

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:580f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

18aadf7d1e3eec230b0f6a5b2b3285777ca0fd4ba526703315eba8702c859457

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:52 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1966579
x-powered-by: LarVPS
x-rocket-nginx-serving-static: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35210
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Oct 2021 08:55:40 GMT
server: cloudflare
etag: "61727c8c-898a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnlwYTyQGbVXYSZwJoaoEnX82mOJ%2FgsTSZxJMizN3YVOLrKx5ulPDBKKWiB1Y%2Fnsvq6pSJEotwD%2FAoIlkp5fSNmd%2F5Ece6vUUeXO2laD8TQUKMAeTNXfISlz1jbsmK0ir3%2F9IHakoCaE"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7359a42f9afb9bef-FRA
expires: Fri, 12 Aug 2022 01:03:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 147ms
38ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-64789231-24

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea1913f47f62728bd878b1c9acd1a571ac6f2667014bd36c6d3571a69e332d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:18:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41903
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Aug 2022 19:18:52 GMT

POST
H2 200 event Show response
website-analytics.net/api/ 3 B
132 B 215ms
215ms XHR
text/html 206.189.82.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://website-analytics.net/api/event
Requested by: Host: cdn.website-analytics.net
URL: https://cdn.website-analytics.net/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.189.82.16 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: http://team.gdrive.vip/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json, text/javascript; charset=UTF-8

Response headers

date: Thu, 04 Aug 2022 19:19:12 GMT
content-encoding: gzip
server: Apache
vary: Origin,Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://team.gdrive.vip
x-ratelimit-remaining: 59
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 60
content-length: 23

OPTIONS
H2 204 event
website-analytics.net/api/ Frame 0
0 555ms
201ms Preflight 206.189.82.16
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://website-analytics.net/api/event
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.189.82.16 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://team.gdrive.vip
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://team.gdrive.vip
access-control-max-age: 0
cache-control: no-cache, private
date: Thu, 04 Aug 2022 19:19:12 GMT
server: Apache
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/ 343 KB
121 KB 121ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5601562035807538&plah=team.gdrive.vip&bust=31068809

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

665d0d5775a87cd44a552d066a1735d65d9f8116869e8e750299ce70a571df49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123965
x-xss-protection: 0
server: cafe
etag: 1442021768916517691
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 19:19:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/ Frame 6A74 10 KB
5 KB 70ms
20ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://team.gdrive.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 59501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 02:47:30 GMT
etag: 8616628553774171045
expires: Thu, 18 Aug 2022 02:47:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET

teamDriveThemes
team.gdrive.vip/
Redirect Chain

http://team.gdrive.vip/teamDriveThemes
https://team.gdrive.vip/teamDriveThemes

0
0

GET
H3 200 sdk.js Show response
connect.facebook.net/vi_VN/ 302 KB
86 KB 52ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=838d208b5d134848a3d8b50ddc99b0e4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef4cc7bd1b300553992eec7e8c170197d6f337b8e54bf9ab02758f0fd18d85b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://team.gdrive.vip/
Origin: http://team.gdrive.vip
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DL4N6NKvNNNDQTwTl3RNtg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87982
x-fb-rlafr: 0
x-fb-debug: +6JyPIFyDer4lbWK38IQQOGnxg6m3OgBf/vB6JxulZBxQTsmHhG7wtB/p5scj+zUcfyG50/ld8zr4ujGgFGy6g==
x-fb-content-md5: 0058b982e50a166d0dc328eeda63f4b3
x-frame-options: DENY
date: Thu, 04 Aug 2022 19:19:11 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "85b76466968c430fce08667b4e2f6c3f"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 04 Aug 2023 16:24:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64789231-24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1031
date: Thu, 04 Aug 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 04 Aug 2022 21:02:00 GMT

OPTIONS
H2 200 teamDriveThemes
team.gdrive.vip/ Frame 0
0 346ms
297ms Preflight
application/json 2606:4700:3032::ac43:abf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://team.gdrive.vip/teamDriveThemes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:abf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: http://team.gdrive.vip
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 7359a4abcbdb91e9-FRA
content-encoding: br
content-type: application/json
date: Thu, 04 Aug 2022 19:19:12 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2UodUNBZOOifU%2Fxz9xCBsxCBMjQ%2BNci%2Be%2F2oYG7AFas92K%2Bzd2C7xbDIxEj9Kyd60%2B0l4hVRpj4qFJBMYlw1C9rNycYww2kkPQ5iDBOyZiG2fyVlaY8x%2FKOU7Py4oradXWPFv0kxPisozqANUs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 69ms
27ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=744221702&t=pageview&_s=1&dl=http%3A%2F%2Fteam.gdrive.vip%2F&ul=en-us&de=UTF-8&dt=T%E1%BA%A1o%20B%E1%BB%99%20nh%E1%BB%9B%20d%C3%B9ng%20chung%20MI%E1%BB%84N%20PH%C3%8D%20-%20Team%20Drive%20Free%20-%20Google%20Shared%20Drives%20-%20Team.GDrive.VIP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1689632892&gjid=245304973&cid=1494307977.1659640752&tid=UA-64789231-24&_gid=1984913977.1659640752&_r=1&gtm=2ou830&z=1211833725

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://team.gdrive.vip/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:19:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://team.gdrive.vip
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 98ms
33ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1926350767439578&ev=fb_page_view&dl=http%3A%2F%2Fteam.gdrive.vip%2F&rl=&if=false&ts=1659640752016&sw=1600&sh=1200&at=

Requested by

Host: team.gdrive.vip
URL: http://team.gdrive.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 04 Aug 2022 19:19:12 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
645 B 91ms
28ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=team.gdrive.vip&callback=_gfp_s_&client=ca-pub-5601562035807538

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5601562035807538&plah=team.gdrive.vip&bust=31068809

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2b56f98847eba6fb1f67527ea71176244401b8fc268831f45d128f829ed4df2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 95ms
31ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=team.gdrive.vip

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 19:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 77ms
28ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=team.gdrive.vip

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 19:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F1DA 95 KB
34 KB 459ms
396ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5601562035807538&output=html&h=90&slotname=6906265454&adk=2232709765&adf=854766408&pi=t.ma~as.6906265454&w=728&lmt=1659640752&psa=0&format=728x90&url=http%3A%2F%2Fteam.gdrive.vip%2F&wgl=1&dt=1659640751860&bpp=5&bdt=22584&idt=183&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&correlator=7923105646433&frm=20&pv=2&ga_vid=1494307977.1659640752&ga_sid=1659640752&ga_hid=744221702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068771%2C31068809&oid=2&pvsid=1123935176937356&tmod=1456723160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EWN2iySNoy&p=http%3A//team.gdrive.vip&dtd=199

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd72262550b7b11685734ecf6a363bf167efaa741b955599a1de4289cb9f925d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://team.gdrive.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34879
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 19:19:12 GMT
expires: Thu, 04 Aug 2022 19:19:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8532 120 KB
43 KB 431ms
375ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5601562035807538&output=html&h=600&slotname=3186988626&adk=590598135&adf=2653354368&pi=t.ma~as.3186988626&w=300&lmt=1659640752&psa=0&format=300x600&url=http%3A%2F%2Fteam.gdrive.vip%2F&wgl=1&dt=1659640751880&bpp=2&bdt=22603&idt=183&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7923105646433&frm=20&pv=1&ga_vid=1494307977.1659640752&ga_sid=1659640752&ga_hid=744221702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068771%2C31068809&oid=2&pvsid=1123935176937356&tmod=1456723160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=99av1EDCuQ&p=http%3A//team.gdrive.vip&dtd=187

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d78847a0c739efd548346d7af7f34d0ddbaaa6f6d3a322a09e06de938bb66ce

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLq38svzrfkCFRawewodPWYJmw&gqi=sBvsYrXNCMWW9u8Pu-SZ0AQ&layout=/sadbundle/%24csp%253Der3%24/11869517317275704607/300x600_EN/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://team.gdrive.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43522
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLq38svzrfkCFRawewodPWYJmw&gqi=sBvsYrXNCMWW9u8Pu-SZ0AQ&layout=/sadbundle/%24csp%253Der3%24/11869517317275704607/300x600_EN/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 19:19:12 GMT
expires: Thu, 04 Aug 2022 19:19:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D4FB 0
19 B 76ms
30ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5601562035807538&output=html&adk=1812271804&adf=3025194257&lmt=1659640752&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fteam.gdrive.vip%2F&ea=0&pra=7&wgl=1&dt=1659640751901&bpp=1&bdt=22624&idt=172&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&nras=1&correlator=7923105646433&frm=20&pv=1&ga_vid=1494307977.1659640752&ga_sid=1659640752&ga_hid=744221702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068771%2C31068809&oid=2&pvsid=1123935176937356&tmod=1456723160&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=177

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://team.gdrive.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 19:19:12 GMT
expires: Thu, 04 Aug 2022 19:19:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/ Frame C991 7 KB
3 KB 96ms
45ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5601562035807538&output=html&h=600&slotname=3186988626&adk=590598135&adf=2653354368&pi=t.ma~as.3186988626&w=300&lmt=1659640752&psa=0&format=300x600&url=http%3A%2F%2Fteam.gdrive.vip%2F&wgl=1&dt=1659640751880&bpp=2&bdt=22603&idt=183&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7923105646433&frm=20&pv=1&ga_vid=1494307977.1659640752&ga_sid=1659640752&ga_hid=744221702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068771%2C31068809&oid=2&pvsid=1123935176937356&tmod=1456723160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=99av1EDCuQ&p=http%3A//team.gdrive.vip&dtd=187

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42a0e21d598c298a2e4a49bd09948ea89b7e470ec32b2e8af508391cd8f038da

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 54608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1650
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 04:09:04 GMT
expires: Fri, 04 Aug 2023 04:09:04 GMT
last-modified: Tue, 12 Jul 2022 13:38:08 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8532 0
0 68ms
68ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Chg6usBvsYrqfCZbg7gO9zKXYCf2zu8ZrvrPwk7EQ3auDwvAiEAEggde6OGCRBKAB7pik7QHIAQmpAvkyYEV5G6o-qAMByANIqgTlAU_QSA3dTSinuYD4fkCRwOHTP0H14b7RdPmhNYdDSxvj4JZZOeIqfl4DP9YTIULRR8aLBYgSGPcS6Txad-mt5IhdstUa4vVcRVzBcsF-Anw8Dv9VBNIA6-AnFZayaotI43j8KPrdSX1_G_MJR9IvdPcb0zOI5uPjQdcvXU2ZM5rC0piZus1bD2U0612gBPe-sxFj66sRhsczRtYMbcKp9wqVbE_r-JF8h2UkfFgdiGY5uU-bOz7UZ9wwxDVaXT6gPCe_tkbQMNZ-EA0Cc7QqK4Vnt_sdFl5fZs1kgf9OiIlDVjXL173ABLfJ5M6DBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf65tuSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPTLAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTU2MDE1NjIwMzU4MDc1MzgYAA&sigh=0SyaZn8jqHQ&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5601562035807538&output=html&h=600&slotname=3186988626&adk=590598135&adf=2653354368&pi=t.ma~as.3186988626&w=300&lmt=1659640752&psa=0&format=300x600&url=http%3A%2F%2Fteam.gdrive.vip%2F&wgl=1&dt=1659640751880&bpp=2&bdt=22603&idt=183&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7923105646433&frm=20&pv=1&ga_vid=1494307977.1659640752&ga_sid=1659640752&ga_hid=744221702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068771%2C31068809&oid=2&pvsid=1123935176937356&tmod=1456723160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=99av1EDCuQ&p=http%3A//team.gdrive.vip&dtd=187
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 04 Aug 2022 19:19:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 04 Aug 2022 19:19:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/ Frame 8532 23 KB
10 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9503
x-xss-protection: 0
server: cafe
etag: 7252816286414963076
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 18:30:54 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 8532 3 KB
1 KB 92ms
44ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 19:00:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8532 139 KB
43 KB 107ms
44ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659527892023609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 19:19:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 8532 18 KB
8 KB 71ms
23ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:14:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 19:14:38 GMT

GET
H2 200 e9729a99e2ce9704c0788d1ab658d164.js Show response
www.gstatic.com/mysidia/ Frame F1DA 12 KB
5 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5601562035807538&output=html&h=90&slotname=6906265454&adk=2232709765&adf=854766408&pi=t.ma~as.6906265454&w=728&lmt=1659640752&psa=0&format=728x90&url=http%3A%2F%2Fteam.gdrive.vip%2F&wgl=1&dt=1659640751860&bpp=5&bdt=22584&idt=183&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&correlator=7923105646433&frm=20&pv=2&ga_vid=1494307977.1659640752&ga_sid=1659640752&ga_hid=744221702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068771%2C31068809&oid=2&pvsid=1123935176937356&tmod=1456723160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EWN2iySNoy&p=http%3A//team.gdrive.vip&dtd=199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 20:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4942
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 20:13:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 20:55:37 GMT

GET
H2 200 cbe1efddb302f605da3fa48f2d8380b0.js Show response
www.gstatic.com/mysidia/ Frame F1DA 20 KB
8 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbe1efddb302f605da3fa48f2d8380b0.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2eaac5c0600c2978475f641c7ae004ce88dd3abbcee6226504b3ae32bd8f4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 21:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7953
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 20:13:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 21:04:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F1DA 8 KB
1 KB 53ms
20ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 18:15:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 04 Aug 2022 19:19:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Aug 2022 19:19:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame F1DA 2 KB
902 B 68ms
24ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 19:13:15 GMT

GET
H2 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame F1DA 6 KB
2 KB 74ms
25ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 00:17:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 16:51:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/ Frame F1DA 23 KB
9 KB 85ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9503
x-xss-protection: 0
server: cafe
etag: 7252816286414963076
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 18:30:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame F1DA 3 KB
1 KB 70ms
26ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 19:09:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1DA 139 KB
43 KB 132ms
72ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659527892023609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 19:19:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame F1DA 18 KB
8 KB 71ms
27ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:14:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 19:14:38 GMT

GET
H3 200 feee445475856395ba7fe4dbc8183291.js Show response
www.gstatic.com/mysidia/ Frame F1DA 31 KB
13 KB 84ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/feee445475856395ba7fe4dbc8183291.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc59f9b5fce9cdc25d3dc8ca8011fe8bf3e07ca3d24440fa26b221c57ffd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 20:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 20:13:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Oct 2022 20:47:29 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B31D 143 B
163 B 23ms
21ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5601562035807538&output=html&h=600&slotname=3186988626&adk=590598135&adf=2653354368&pi=t.ma~as.3186988626&w=300&lmt=1659640752&psa=0&format=300x600&url=http%3A%2F%2Fteam.gdrive.vip%2F&wgl=1&dt=1659640751880&bpp=2&bdt=22603&idt=183&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7923105646433&frm=20&pv=1&ga_vid=1494307977.1659640752&ga_sid=1659640752&ga_hid=744221702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=2393&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068771%2C31068809&oid=2&pvsid=1123935176937356&tmod=1456723160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=99av1EDCuQ&p=http%3A//team.gdrive.vip&dtd=187
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 19:10:51 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F1DA 0
0 65ms
65ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cm7uksBvsYoWbCZSI4gGV76rYCdG6rr1rr8mZ2sgP8NvnyY8OEAEggde6OGCRBKABpN2aiwPIAQGoAwHIA8sEqgTfAU_Qhp6QuwieU4sFIQIXIAzDOvcqG_rS62mPh6uqNskqioyvWGMfpdkOcYAGzLL-Zyyk2VcRrDmHReXjYTYQ9Q88lCsx0onYolvfMhNpPYPfcgBYGFqNNOIZdtO3XvLmIqIBxbRIwkoSkNpq0HxUrly5ap9HoQgEmTuEz_Ox_dNU36qCzRRqLuA3uUvmWXPRdy9qy1bohX6qsi5nBVqY5WTgVeWAxFlX-HkVearLgNfQnT0kFSyL7jnNr30o4EYZcrg9ulX4xX6vU8OMb13n3043LEPD9h8nfiIVqhXYMkLABM6Ftc_BA5IFBAgEGAGSBQQIBRgEgAfEouV0qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ6uMf0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGiDAgqBgoE-Z6xAtgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi01NjAxNTYyMDM1ODA3NTM4GAA&sigh=UR_E2y6zPrQ&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5601562035807538&output=html&h=90&slotname=6906265454&adk=2232709765&adf=854766408&pi=t.ma~as.6906265454&w=728&lmt=1659640752&psa=0&format=728x90&url=http%3A%2F%2Fteam.gdrive.vip%2F&wgl=1&dt=1659640751860&bpp=5&bdt=22584&idt=183&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&correlator=7923105646433&frm=20&pv=2&ga_vid=1494307977.1659640752&ga_sid=1659640752&ga_hid=744221702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068771%2C31068809&oid=2&pvsid=1123935176937356&tmod=1456723160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EWN2iySNoy&p=http%3A//team.gdrive.vip&dtd=199
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 04 Aug 2022 19:19:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C991 9 KB
3 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 09:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 05 Aug 2022 09:41:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C991 26 KB
10 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 05 Aug 2022 16:14:17 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/assets/ Frame C991 3 KB
3 KB 21ms
21ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/assets/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d95acc6e9f1881448ee456bc7bddd296d08251d4a93bae1cc2901a7159a2cdb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 51537
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2935
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:38:08 GMT
server: sffe
date: Thu, 04 Aug 2022 05:00:15 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Aug 2023 05:00:15 GMT

GET
H3 200 text-one.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/assets/ Frame C991 6 KB
6 KB 22ms
22ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/assets/text-one.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d7cc6a3cf68805b80d5e4e9ffe7247d64a8a1b435210c0e58fbc9d0bc42bb19

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 54608
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6088
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:38:08 GMT
server: sffe
date: Thu, 04 Aug 2022 04:09:04 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Aug 2023 04:09:04 GMT

GET
H3 200 text-two.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/assets/ Frame C991 9 KB
9 KB 25ms
25ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/assets/text-two.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

925f3cea7f6688ccca6632672a68d8dc63eeb17b842d7de18493f54221f5a6e1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 90150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9239
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:38:08 GMT
server: sffe
date: Wed, 03 Aug 2022 18:16:42 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Aug 2023 18:16:42 GMT

GET
H3 200 text-three.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/assets/ Frame C991 5 KB
5 KB 22ms
22ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/assets/text-three.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73eece6580f4496997a583b9123501b83b3744d9487028796e26474d7866bd38

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 94136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5409
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:38:08 GMT
server: sffe
date: Wed, 03 Aug 2022 17:10:16 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Aug 2023 17:10:16 GMT

GET
H3 200 background.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/assets/ Frame C991 112 KB
112 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/assets/background.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11869517317275704607/300x600_EN/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8349700a8cdfc2061e0b331e6728ca11fa14108a2796177d1e9ac51eb15d57f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 54608
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114585
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:38:08 GMT
server: sffe
date: Thu, 04 Aug 2022 04:09:04 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Aug 2023 04:09:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7AF8 143 B
163 B 20ms
20ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5601562035807538&output=html&h=90&slotname=6906265454&adk=2232709765&adf=854766408&pi=t.ma~as.6906265454&w=728&lmt=1659640752&psa=0&format=728x90&url=http%3A%2F%2Fteam.gdrive.vip%2F&wgl=1&dt=1659640751860&bpp=5&bdt=22584&idt=183&shv=r20220803&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&correlator=7923105646433&frm=20&pv=2&ga_vid=1494307977.1659640752&ga_sid=1659640752&ga_hid=744221702&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068771%2C31068809&oid=2&pvsid=1123935176937356&tmod=1456723160&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=EWN2iySNoy&p=http%3A//team.gdrive.vip&dtd=199
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 19:10:51 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B31D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

43ms
43ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 19:19:12 GMT
expires: Thu, 04 Aug 2022 19:19:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 19:19:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8532 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5376e4bec32c757caf14f5532242926bfcf458c99dc41e0e7b78a8f37be33dfc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F1DA 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDWJhbm5lci1ub2xvZ28KCggCKgZzZXJ2ZXIKKggEKiZteXNpZGlhX2FuYWx5dGljcyxteXNpZGlhX3JlbGVhc2VfcHJvZAoNECshAAAAAAAAGEAwBAoNEAMhAAAAmpmtgUAwBAoNEAohAAAAAAAAGkAwBAoNEA0hAAAAAICZuT8wBAoMEB4qBjcyOHg5MDAECgwQGSoGNzI4eDkwMAQKDRAOIQAAAAAAAAAAMAQKDRAEIQAAAM3M6IFAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAAC5AMAQKDRAFIQAAAJqZ6YFAMAQSGkNJV3o4c3Z6cmZrQ0ZSU0VPQW9kbGJjS213Ihx0ZXh0L21hY2F3X3dpbGRjYXRfbG9uZ3RpdGxlKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cbe1efddb302f605da3fa48f2d8380b0.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:19:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F1DA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b82493062c683f6799d63a54acf2673e411e4c56570dbda72f590aac1046d4b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame F1DA 28 KB
28 KB 90ms
31ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 81738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 20:36:54 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7AF8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

43ms
43ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 19:19:12 GMT
expires: Thu, 04 Aug 2022 19:19:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 19:19:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js Show response
pagead2.googlesyndication.com/bg/ Frame C991 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 08:28:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14039
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 08:28:32 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F1DA 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cbe1efddb302f605da3fa48f2d8380b0.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:19:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 like.php Show response
www.facebook.com/v4.0/plugins/ Frame 5D7D 45 KB
15 KB 204ms
168ms Document
text/html 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3114024c9ce858%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&href=https%3A%2F%2Fteam.gdrive.vip%2F&layout=button_count&locale=vi_VN&sdk=joey&share=true&size=small&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=838d208b5d134848a3d8b50ddc99b0e4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d64a03794a08610f8e94c0d51252ada2285152b89e25547762aaf644a72ccefe

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://team.gdrive.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 04 Aug 2022 19:19:13 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: b6G7RYd+sRehelKYxceL44oHs+BxuZw99EBPtaLILj4krxz+cxBauXlIgoNuAELyw8dIlIWwosn5noub55+Otw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 9D3F
Redirect Chain

https://www.facebook.com/v4.0/plugins/comments.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3D...
https://www.facebook.com/plugins/comments.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam....
https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam....

145 KB
34 KB

231ms
231ms

Document
text/html

2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=838d208b5d134848a3d8b50ddc99b0e4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17f3ed0c9c2fca36add9e8696b9af69617aa4cd4489f994db033b1862ed7d1b2

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Thu, 04 Aug 2022 19:19:13 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: fUqm0rLnl2maSDlc84cDkH+8dcmRpKhITtWhAkATYEIGISZ1xqgyhsJaVA88XaX1EqLVNQ08LjPcOtIwVTJzyQ==
x-fb-rlafr: 0
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 04 Aug 2022 19:19:13 GMT
location: https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width
priority: u=0
strict-transport-security: max-age=15552000; preload
x-fb-debug: 8auwpamstanRkPxOGiNUBXcAN7Ou8ggTopMoyHrfSuPEiYRA12B0JR3TSezYYQpgmCY2oD7TymfL9YxEN6/3Mw==

GET
H3

200

/
www.facebook.com/login/ Frame D239
Redirect Chain

https://www.facebook.com/v4.0/plugins/page.php?adapt_container_width=true&app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1926350767439578%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook...

0
0

130ms
129ms

Document
text/html

2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1926350767439578%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3e1800e9f2dff4%2526domain%253Dteam.gdrive.vip%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fteam.gdrive.vip%25252Ff225c420e2de858%2526relation%253Dparent.parent%26container_width%3D308%26height%3D220%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fwww.gdrive.vip%252F%26locale%3Dvi_VN%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width%3D303

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js?hash=838d208b5d134848a3d8b50ddc99b0e4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 04 Aug 2022 19:19:13 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: DNIjx9ZQXqvAUiXXlmVPijeNWCDy/M4H3qohf78lI9fSmiXCx/5e5u0vBhSOiXdsrZwSksqo8J3qtR6787LYMw==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 04 Aug 2022 19:19:13 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v8.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1926350767439578%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3e1800e9f2dff4%2526domain%253Dteam.gdrive.vip%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fteam.gdrive.vip%25252Ff225c420e2de858%2526relation%253Dparent.parent%26container_width%3D308%26height%3D220%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fwww.gdrive.vip%252F%26locale%3Dvi_VN%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width%3D303
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: 6JvtSnZjlxcK48qr4HYAPOH+OxNFREF8yDRyHGPubhhiw+WMvAPIat1v/Vrs40Prw4cGrEe3uZX1pSmyUJTVwg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 98ms
48ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220803&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d938aa9fd95b07402c8793e7e3f4665a6d046f6c0cae428dcbf288e9e0f556ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 19:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10666
x-xss-protection: 0

GET
H3 200 3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js Show response
pagead2.googlesyndication.com/bg/ Frame ECAA 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 08:28:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14039
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 08:28:32 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F1DA 0
20 B 58ms
57ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDWJhbm5lci1ub2xvZ28KCggCKgZzZXJ2ZXIKKggEKiZteXNpZGlhX2FuYWx5dGljcyxteXNpZGlhX3JlbGVhc2VfcHJvZAoNEBQhAAAAAMDw6EAwBAoNEBUhAAAAAAAAKkAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAAzcwki0AwBAoNEDIhAAAAAJyZ6T8wBAoNEDMhAAAAADQz-z8wBAoNEDQhAAAAADQz-z8wBAoNEDUhAAAAADQz-z8wBAoNEDYhAAAA0MwsUEAwBAoNEDchAAAAAM7M_D8wBAoNEDghAAAAmJk5UEAwBAoNEDkhAAAAAADIfEAwBAoNEDohAAAAzsyMfUAwBAoNEDshAAAAzczchUAwBAoNEDwhAAAAzczchUAwBAoNED0hAAAAZ2behUAwBAoNED4hAAAAmpnpikAwBAoNED8hAAAAZ2bqikAwBAoNEEAhAAAAAAA8i0AwBBIaQ0lXejhzdnpyZmtDRlJTRU9Bb2RsYmNLbXciHHRleHQvbWFjYXdfd2lsZGNhdF9sb25ndGl0bGUoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cbe1efddb302f605da3fa48f2d8380b0.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:19:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 19:19:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 34CA 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://team.gdrive.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 19:06:09 GMT
expires: Fri, 04 Aug 2023 19:06:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BEEE 783 B
535 B 32ms
32ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

818a73d96ec1c8e2e9cc2145a55795810aeefc7825b263f7f3640d7966d05d92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hQ-ugFd_736Uj8n-loIwAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://team.gdrive.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hQ-ugFd_736Uj8n-loIwAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 19:19:13 GMT
expires: Thu, 04 Aug 2022 19:19:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 5D7D 299 B
725 B 75ms
22ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/like.php?action=like&app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3114024c9ce858%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&href=https%3A%2F%2Fteam.gdrive.vip%2F&layout=button_count&locale=vi_VN&sdk=joey&share=true&size=small&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: QQAooN0MGau+8YeYtXxEHTTGPSl2q5YNVdxEokwnadLwRkMwON2yHAozAe1hznFpeRN6ZabPJm1jcWMdKTBPeQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 23 Jul 2023 05:06:30 GMT

GET
H2 200 _qg4gXeYVhp.js Show response
static.xx.fbcdn.net/rsrc.php/v3iSa94/yp/l/vi_VN/ Frame 5D7D 534 KB
139 KB 23ms
22ms XHR
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iSa94/yp/l/vi_VN/_qg4gXeYVhp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5859876e1a2f8dbbdd8feb94acc7c38add4f9ddde68e83101b1de5d4a2ea59eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /CoVQWYjrajI7WarbC4Oug==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 142188
x-fb-rlafr: 0
x-fb-debug: STgaGRDE1aest7zkdnda802MCPSQkvX/KoqG705Svei9ML3JlOvwFLFJDrd8R7Y7UuPIZYbnyPc/ymHb53IFpA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 04 Aug 2023 18:24:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BEEE 0
0 56ms
56ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220803&jk=1123935176937356&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js Show response
pagead2.googlesyndication.com/bg/ Frame 34CA 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 08:28:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14039
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 08:28:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 34CA 0
9 B 20ms
20ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cP2EyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 Mk94vMMnE0_.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ Frame 9D3F 721 B
447 B 20ms
20ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/Mk94vMMnE0_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8PXgZwd+47LIQZAIO7K6FA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 393
x-fb-rlafr: 0
x-fb-debug: rIWZbUYzMmthor+jmVmMLODbb0XwjZTfroB/PkjfpesFM1xGpskURHcX7jaLH39YEXMb7iFJfVO/auD8CMohmg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Sun, 23 Jul 2023 03:22:47 GMT

GET
H3 200 VLszwXaVNLI.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ Frame 9D3F 123 KB
20 KB 21ms
20ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/VLszwXaVNLI.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19d7b84626aafa560a707ee58619e00f95556327e0aca4ea9575e3b67ae15cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VGPainmStmnRv3eqAU4KVA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20171
x-fb-rlafr: 0
x-fb-debug: n/5btxTOc+s+FfM+dYa+4iY5OZjCgUPdGEDzbAXDKL/nO70/wsJpPI4GBboohHg8QJTx7QgU6ImfKyVKCcZqYg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 04 Aug 2023 14:37:45 GMT

GET
H3 200 RI5Ki3mPi72.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 9D3F 320 KB
86 KB 22ms
20ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/RI5Ki3mPi72.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7ecaefadad41efb3fb2dcc127d919af777b4f1de15254b69d8b1c89a52744b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sYtIdvJpFKzfzbH/vnqsWA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88180
x-fb-rlafr: 0
x-fb-debug: TiL8Otz0kb3QYM7tY5q3MTHvx2uzvbfejAe0zS11yUxERBOarY+VhSfG487f2Ihng0Wyepqk8h/yD+tPzarulw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 29 Jul 2023 03:43:52 GMT

GET
H3 200 XuHULdcLLA4.js Show response
static.xx.fbcdn.net/rsrc.php/v3iJ044/yX/l/vi_VN/ Frame 9D3F 153 KB
42 KB 29ms
28ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iJ044/yX/l/vi_VN/XuHULdcLLA4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2c9607ab39234b1798084984a43c775f55010927a6fd4eb2f31e2671236644e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VSuzT7RP+ATw03XpB5ffMg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43363
x-fb-rlafr: 0
x-fb-debug: /GnSZPABr7Fszr+ht90f4wfNcY7xoTrxGBkyIj9D4UgHwZhtn1X9nQyKQ72qYBlX5hoiJjt8n1UGZVu0YO2b5A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 03 Aug 2023 18:19:28 GMT

GET
H3 200 YM8M1OaSXYj.js Show response
static.xx.fbcdn.net/rsrc.php/v3ioLQ4/yh/l/vi_VN/ Frame 9D3F 1 MB
243 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ioLQ4/yh/l/vi_VN/YM8M1OaSXYj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7a436f2a8fee8e9407358439b2e2f119d6ce0f83ad4ce7245fd7aa5fcf7d747e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: B+0vOHub/LEFaZXN4eDdQQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 248682
x-fb-rlafr: 0
x-fb-debug: vXi30wVvb4ofg0cvUWrJoysPkvMsGRIc3q0FnUy3K6IULqXSqpHXmdwV3ZlkJMMxiQLdGLhKAicdUHXbVRdifA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 04 Aug 2023 14:54:48 GMT

GET
H3 200 KM4vffuo-0L.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 9D3F 2 KB
842 B 66ms
65ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/KM4vffuo-0L.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SuHjmWcicjHzSu82QnUDDg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 788
x-fb-rlafr: 0
x-fb-debug: YQQuadCiafQbywyRB9pQ2zoS/Y6I5YHxXAs/A3T3g3e9ycFVdA4RNq80P6pg9eg7WzFyfM/ltfGdy0VRmGj8Zw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 23 Jul 2023 03:17:28 GMT

GET
H3 200 lbAKCbOhTns.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 9D3F 33 KB
10 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/lbAKCbOhTns.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

327fabc96d44f5eaf163e0849722b761a00fa8b8079c77ccef3bc5f4577a1fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gnDv+5ZxfDdlMJoV4LsWMQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10342
x-fb-rlafr: 0
x-fb-debug: B2QyiDBN2eWZ4zcZxO7ItXER+Pgsm0TXsQEtCaSSK/aFS6R+Kc5SpiYuKOsgjQm4uLLf41PNAmyTvI7Pascepw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 23 Jul 2023 02:45:58 GMT

GET
H3 200 TmwG4qyINcN.js Show response
static.xx.fbcdn.net/rsrc.php/v3iVPV4/yI/l/vi_VN/ Frame 9D3F 42 KB
12 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iVPV4/yI/l/vi_VN/TmwG4qyINcN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ebbc864946d384c47f902225415b8fe3f15c0a64594e3a9dd467dbfef5d64aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zK762DBpeZIsuQU1PXESnw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12670
x-fb-rlafr: 0
x-fb-debug: YNCe3o56z8qm85WiCjeIYmWIfjWkmWxVoTsIJoBzaaTf28YVbPqGaa3BitHcqccDKOz2fgefmwOSEiMgicG2yA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 03 Aug 2023 16:09:47 GMT

GET
H3 200 OVjJjwx0GMQ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 9D3F 330 KB
52 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/OVjJjwx0GMQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/RI5Ki3mPi72.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c34db816318ad9c1c96c0963413f0149db93a0535bfdc9f8ebb3c96132f839c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BjG7/DhoCGOQBHuByk2noA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 52834
x-fb-rlafr: 0
x-fb-debug: eoMLali0Ejr6hAf/bjeQ67e9pN5A6M+7MdBstzlkzlHjTaxfaZgIUuuIsyqrmNQ+B63TyBm6Yj9BKcU7DQxxFQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 04 Aug 2023 14:33:24 GMT

GET
H3 200 V97GKi756IV.png
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 9D3F 59 KB
59 KB 45ms
20ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/V97GKi756IV.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/VLszwXaVNLI.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

101ebcb86496e0dc26bb97bf4ed18ca235cdf5f14d8fb6fab8fe9fe355e8dc18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/VLszwXaVNLI.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
x-content-type-options: nosniff
content-md5: 02vudmRqOKQGFjtyzoR9kQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 60426
x-fb-rlafr: 0
x-fb-debug: FOjqEZv6x5njBrtru48unA4FK+lRl5yhc/4sXVSE8Ko5+UPTKfF1Buc5RWXE9Fua+oC32B3fGx5F+da2niD3HA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Mon, 24 Jul 2023 01:23:47 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 9D3F 1 KB
1 KB 66ms
58ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 19:19:13 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1131
x-fb-rlafr: 0
x-fb-debug: PfPb6TrZkvbL6dYoIArlwZ8HGqnScw7tLxp3S3AqCXMr6X2zKSywEepSd/Gn6g7idmFQfEh2mztOWNLweXd5LQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 21 Jul 2023 23:31:11 GMT

GET
H2 200 273142610_1007914576429449_4796820617041754030_n.jpg
scontent-ams2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 9D3F 2 KB
2 KB 61ms
16ms Image
image/jpeg 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams2-1.xx.fbcdn.net/v/t39.30808-1/273142610_1007914576429449_4796820617041754030_n.jpg?stp=c3.7.48.49a_cp0_dst-jpg_p56x56&_nc_cat=104&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=YllwNtG8W7kAX9BhMwo&_nc_ht=scontent-ams2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT87iGlCTjSMNNmFbCG1pDQMpWwLSSmE733D7dHkcpRuSA&oe=62F14181
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 866575558b7262781aab5d07d8756b05cd3944019a0243a36c2cbdc0a41be610

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 3998798311
date: Thu, 04 Aug 2022 19:19:13 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=234713740
cache-control: max-age=1209600, no-transform
last-modified: Tue, 01 Feb 2022 13:37:18 GMT
cross-origin-resource-policy: cross-origin
x-needle-checksum: 580276273
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1801

GET
H2 200 290172705_461395292657870_6045854575456972842_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t39.30808-1/ Frame 9D3F 1 KB
2 KB 77ms
17ms Image
image/jpeg 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t39.30808-1/290172705_461395292657870_6045854575456972842_n.jpg?stp=c0.4.48.48a_cp0_dst-jpg_p48x48&_nc_cat=107&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=Hom9f-AsD0YAX8GcDmL&_nc_ht=scontent-ams4-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT9JJUWycmEdAlA4MSDSdUkbkU9VVQL56Y6Z-l9iRQp1FQ&oe=62F1053E
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e865d06c602f7fc635943d3746b317cb83529ea95e3b43741ad433c17f278789

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 2452858749
date: Thu, 04 Aug 2022 19:19:13 GMT
x-fb-trip-id: 1709462857
last-modified: Tue, 05 Jul 2022 16:06:44 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=44691098
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1937243690
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1504

GET
H2 200 285282525_1371587240020149_6776584545749372442_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t39.30808-1/ Frame 9D3F 1 KB
1 KB 94ms
34ms Image
image/jpeg 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t39.30808-1/285282525_1371587240020149_6776584545749372442_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=109&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=t_6cJvtQYisAX9kYCoZ&_nc_oc=AQmV9L5VKCvPb3ElP9ngkD6hTdL8oPShYQPxVJtafQU9YoPSoWVaas9eRMMHnscRC1sNE8vpq_o3jV1O95q5v0El&_nc_ht=scontent-ams4-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT_QSdZfGSc7k_ng_PI-_YR2-gPVFjSibKGxxSqsOVWpnw&oe=62F18501
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f39ddbd0860eaf9fa22ad5e0005ac1117e9d2ec76c0f252c5e397817a0cfe194

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 1311749945
date: Thu, 04 Aug 2022 19:19:13 GMT
x-fb-trip-id: 1709462857
last-modified: Mon, 30 May 2022 13:39:30 GMT
x-content-cdn-origin-ts: 1659640753695
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=436564189
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: g7xMLiUhTTWPILnmPcJ4yTHjB1SU22-0pO1r0fEt5unlVQwEt5lQRi8rySS_TirKnH478jpbHpMIeefu8qtoOy7fjyoSgtXRaVUqImrdYV8
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2646199266
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1247

GET
H2 200 84702798_579370612644419_4516628711310622720_n.png
scontent-ams2-1.xx.fbcdn.net/v/t1.30497-1/ Frame 9D3F 1 KB
1 KB 60ms
16ms Image
image/png 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams2-1.xx.fbcdn.net/v/t1.30497-1/84702798_579370612644419_4516628711310622720_n.png?stp=c14.0.48.48a_cp0_dst-png_p48x48&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=rACoOu_Vq3UAX_oZbSh&_nc_ht=scontent-ams2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT9KUXqmQ1n9iSCaXeVh0n7d8vq5O201iHP7zVhTprr6tA&oe=63122509
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d11c2ab01dd30055d2259ca7fcd9a18069a9462883f48903401aee19272bd6fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 4038111584
date: Thu, 04 Aug 2022 19:19:13 GMT
x-fb-trip-id: 1679558926
last-modified: Wed, 05 Feb 2020 19:00:22 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=1173757910
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 733051822
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1146

GET
H2 200 10355863_1539914452912729_4554291318628951106_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/ Frame 9D3F 1 KB
1 KB 77ms
17ms Image
image/jpeg 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/10355863_1539914452912729_4554291318628951106_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=105&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=BKfqzMPC5o8AX_hwDhD&_nc_oc=AQkawaX5KtZgmPCJs7Drr-IWegriK6kmMSJQ11Q5DTQIi-jkbS1yubNiOl4HZbORo1XYl2L2YKLkAMUqkmHGAixL&_nc_ht=scontent-ams4-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT-GKV1V2UU5y9u35qMu1H9rLENxlbM-RImS-7pmdsSwOQ&oe=6311EE15
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f02fd82bebf0370f857d7261c77951532419637004bffaa9fd28f5c1bde442eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 365818664
date: Thu, 04 Aug 2022 19:19:13 GMT
x-fb-trip-id: 1709462857
last-modified: Thu, 23 Oct 2014 09:05:18 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3073715935
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3578955009
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1153

GET
H2 200 296786375_181632254323556_2604887924057450866_n.jpg
scontent-ams2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 9D3F 2 KB
2 KB 60ms
17ms Image
image/jpeg 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams2-1.xx.fbcdn.net/v/t39.30808-1/296786375_181632254323556_2604887924057450866_n.jpg?stp=c11.0.48.48a_cp0_dst-jpg_p48x48&_nc_cat=106&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=7LuyWBUsNxYAX-ht4B-&_nc_ht=scontent-ams2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT-DhOJsgHGn3EMEWq3zr2Ujhew_b_RQi7nwcjTLPBUkqg&oe=62F080DC
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 295feb7ca3972c46fd8cb5392bfefadddcdb9e1f442281c70a92978fa2414b6f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 830759901
date: Thu, 04 Aug 2022 19:19:13 GMT
x-fb-trip-id: 1679558926
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=250285865
cache-control: max-age=1209600, no-transform
last-modified: Wed, 03 Aug 2022 02:00:19 GMT
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4114221650
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1593

GET
H2 200 279535494_2607009369436081_2325291045064759844_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t39.30808-1/ Frame 9D3F 1 KB
1 KB 77ms
18ms Image
image/jpeg 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t39.30808-1/279535494_2607009369436081_2325291045064759844_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=105&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=Wgi0CbQMbIUAX8pFm2A&_nc_ht=scontent-ams4-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT-1IJWbesv5R1maamAfKJkczA7ZN3xjLYUNwcuNNyrcEg&oe=62F1F1E2
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1521106bfa75fb9f7888563ab64fa8094be5b9474591c397356d826eb3ae3937

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 3075982801
date: Thu, 04 Aug 2022 19:19:13 GMT
x-fb-trip-id: 1709462857
last-modified: Sat, 07 May 2022 17:16:59 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=182015538
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1781773493
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1194

GET
H2 200 123802891_10214677091879851_430578488815399724_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t1.6435-1/ Frame 9D3F 2 KB
2 KB 77ms
18ms Image
image/jpeg 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-ams4-1.xx.fbcdn.net/v/t1.6435-1/123802891_10214677091879851_430578488815399724_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=105&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=UkvVZ2J95EoAX80sPpq&_nc_ht=scontent-ams4-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT9IB5qxF_5-1w5xYCXojgOD248LRRbethcf7hUjfcVisA&oe=63109EF2
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=1926350767439578&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3eee0576a2d8%26domain%3Dteam.gdrive.vip%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fteam.gdrive.vip%252Ff225c420e2de858%26relation%3Dparent.parent&container_width=688&height=100&href=https%3A%2F%2Fteam.gdrive.vip%2F&locale=vi_VN&numposts=7&order_by=reverse_time&sdk=joey&version=v4.0&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d4934449669ddb90d9023329b3feece02649c85451e4d0afa5eddfce4de6bbcf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 1970606534
date: Thu, 04 Aug 2022 19:19:13 GMT
x-fb-trip-id: 1709462857
last-modified: Fri, 06 Nov 2020 22:49:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=894635304
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2924897859
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1588

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220803&jk=1123935176937356&bg=!aWqlai7NAAZGjrx1Zo47ACkAdvg8Wujet5kGwbKH4SKL6nlCfgULCzBu-G8AOoWzQJInykNUQXZIdAIAAABLUgAAAAZoAQeZAueBJTUAlmHetiYxuY0Bhrdpmlpsaqy1eAEkN0qt7uMywhZLe932SniOENwZDtbJNkAvYtBu0o9nFVLrWb9NFafvueZKEUrcdM92bp7xKN917kHTkhYMV0zDHZolGcE7ROld6O5h1D9ua0ZMzKJjEgzcUHWuulGO9Hf9fQ-w5CAw3jhpn96NesFWh_CkTkjVWNFKJk1O1l6Yqke7xd8gzxQ68UD1AiV7Trqq7DV9Arh9y3x85cnJIL_iNSlTgvKx6MEGrecvh-OSqs3py7QXL9bIh27YSQWdML8OaP2C1A2b8Eto5RZvTQH0TThkf1nDpUZRbKBHYDz2SV23Lt1rir96uAdY3vqWWm76qA1m-NOWOcdlzFOKOnKJJkFLpf7QJ-NA97jva0K6tICdkPQlAgby7zln0EVPGt3pMocKatBz4eOVCUQ7Wvy4Kmuo9nQ7Yvv9uxcC3O1fW9rBYhiA7Gb9R3H_H-y3Uud9fSYwsFlCEaQHKPvVKK7cRHdXf24GXvrEb7Dxi1u3LsiaJpIqyRSdtWhbvzW9D0GAGi2w5F-bN-kL6EnC3kwxFLD3hbWKxeMt8LkhoCIMjuag-TE_vNhgb89--UJFbqlTrX0K3FAslOxW3hXs2NxJ_H_JkNBrklKZ5va5IH-BclsKCUCrgar1WWIolyjL2h86EMP_yJ4WMQj7vlCvgNTS7nMH2xfQFcZZhJ3LDl71rNRFo6DPAOxeW-4khjzBX4fTQ0O0YK-E1hGWpoppw2S8vYLMlHOhdQ36ddqOifsQehi6eGMLE3TaHydmo_0gNPN3I2_skk67UxxuYekm783OVXn2OMKOURsQtdifdBGnPFMG3wwTJZpTl2I5SyhnhdSucSbrkQb5RoBDphfj4ikPokeQ1uucFVzqOf8yc4-M0nu4OTs4SgIS_PR7xASGcVps3GEDzs2XeH4rB2R7fI2yMXRGUqt1JDcArRz9bHJidikYddPECxuRza0b1AI1Mg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://team.gdrive.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F1DA 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBKdU-jUMZnEttI3pqnwAI3fN54GMODoC4G4e0DslaaiNNIML_50FNGWyiMTtsRVg-kaduEU25p0n_cP_ZtKT2Ns0_EtjVmKMDxbM2Omzg57hmiOvq-SRVin61xKQ516rqFGpIxNdlzzh9&sai=AMfl-YRLWlJlKP2vK1TIhji_p5fGjLoL56uv5R94x7zHvB0anyGIobozok3UB_OOwvzPn5kk3QBtNUxbFYWL&sig=Cg0ArKJSzO4lUWKFyZymEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220803&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2232709765&rs=2&la=0&cr=0&vs=4&r=v&rst=1659640752061&rpt=869&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 19:19:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: team.gdrive.vip
URL: https://team.gdrive.vip/teamDriveThemes

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gdrive.vip/	1970-01-20 14:36:40	Name: _ga Value: GA1.2.1494307977.1659640752
.gdrive.vip/	1970-01-20 05:02:07	Name: _gid Value: GA1.2.1984913977.1659640752
.gdrive.vip/	1970-01-20 05:00:40	Name: _gat_gtag_UA_64789231_24 Value: 1
.gdrive.vip/	1970-01-20 14:22:16	Name: __gads Value: ID=6eecc65dd3fb9bf8-2259548fe6cd00e5:T=1659640752:RT=1659640752:S=ALNI_MZ5wqUVDVBjMOnDE-CNMpz1tlJNMA
.doubleclick.net/	1970-01-20 14:22:16	Name: IDE Value: AHWqTUn1ckXDlVRxYhdjW5qdnpLhwYpxnknxsaSr51uZldvHgPx7gtl6-Dixe1B7j5I
.doubleclick.net/	1970-01-20 05:00:44	Name: DSID Value: NO_DATA
.facebook.com/	1970-01-20 14:36:40	Name: sb Value: sRvsYliQGfK02vllPuPzmbbT
.facebook.com/	1970-01-20 07:10:16	Name: fr Value: 0kRXYrVECuga1fAth..Bi7Buw.2b.AAA.0.0.Bi7Bux.AWUUeFdjOoI

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://team.gdrive.vip/ Message: Access to XMLHttpRequest at 'https://team.gdrive.vip/teamDriveThemes' (redirected from 'http://team.gdrive.vip/teamDriveThemes') from origin 'http://team.gdrive.vip' has been blocked by CORS policy: Request header field x-requested-with is not allowed by Access-Control-Allow-Headers in preflight response.
network	error	URL: https://team.gdrive.vip/teamDriveThemes Message: Failed to load resource: net::ERR_FAILED
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
cdn.bootcss.com
cdn.website-analytics.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gdrive.vip
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
scontent-ams2-1.xx.fbcdn.net
scontent-ams4-1.xx.fbcdn.net
stackpath.bootstrapcdn.com
static.xx.fbcdn.net
team.gdrive.vip
tpc.googlesyndication.com
website-analytics.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
team.gdrive.vip
142.250.181.226
206.189.82.16
2606:4700:3032::ac43:abf0
2606:4700:3034::6815:580f
2606:4700:3036::6815:2c44
2606:4700:3038::6815:eac9
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:801::2008
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:400e:80c::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
02266dc66baa43fcd34f0c48c0aa83e931e19de0d07ece80d95b59cd3406d2b2
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0d95acc6e9f1881448ee456bc7bddd296d08251d4a93bae1cc2901a7159a2cdb
101ebcb86496e0dc26bb97bf4ed18ca235cdf5f14d8fb6fab8fe9fe355e8dc18
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1521106bfa75fb9f7888563ab64fa8094be5b9474591c397356d826eb3ae3937
17f3ed0c9c2fca36add9e8696b9af69617aa4cd4489f994db033b1862ed7d1b2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18aadf7d1e3eec230b0f6a5b2b3285777ca0fd4ba526703315eba8702c859457
19d7b84626aafa560a707ee58619e00f95556327e0aca4ea9575e3b67ae15cc3
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
295feb7ca3972c46fd8cb5392bfefadddcdb9e1f442281c70a92978fa2414b6f
2b56f98847eba6fb1f67527ea71176244401b8fc268831f45d128f829ed4df2f
2e280f9ecc4a12b599048278aafbcf2e3f3e1a974dfb8ddcb78333c2c0c49120
2ebbc864946d384c47f902225415b8fe3f15c0a64594e3a9dd467dbfef5d64aa
327fabc96d44f5eaf163e0849722b761a00fa8b8079c77ccef3bc5f4577a1fd1
338894dbb311beea8feae1abaf54f89f22c6d2b01d46e79bcdd1bbdcf0421a91
3a091ddd71b36dac5be8835a90c23e6c18ddc1a1103741cbb3e3079c1d7bef61
3b6018b0f8c1f050081229ee87c8f8aeebeb1b71556504d966008d86431977f0
42a0e21d598c298a2e4a49bd09948ea89b7e470ec32b2e8af508391cd8f038da
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c34db816318ad9c1c96c0963413f0149db93a0535bfdc9f8ebb3c96132f839c
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d7cc6a3cf68805b80d5e4e9ffe7247d64a8a1b435210c0e58fbc9d0bc42bb19
5376e4bec32c757caf14f5532242926bfcf458c99dc41e0e7b78a8f37be33dfc
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5859876e1a2f8dbbdd8feb94acc7c38add4f9ddde68e83101b1de5d4a2ea59eb
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
5f3413c82aa787bb8709e1c20b466113aedbbc46c7ce12c3d6d30eec5ff24214
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
665d0d5775a87cd44a552d066a1735d65d9f8116869e8e750299ce70a571df49
66e1a446f965ca8f582273b13730cea5ad4e123e2783b73cbdb4d56a003b97af
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
698421e1a916a0e1a825c4c2cb116fcd290304c1ad9aa7aa2de9e204bcb116df
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d78847a0c739efd548346d7af7f34d0ddbaaa6f6d3a322a09e06de938bb66ce
73eece6580f4496997a583b9123501b83b3744d9487028796e26474d7866bd38
7a436f2a8fee8e9407358439b2e2f119d6ce0f83ad4ce7245fd7aa5fcf7d747e
7ecaefadad41efb3fb2dcc127d919af777b4f1de15254b69d8b1c89a52744b7f
818a73d96ec1c8e2e9cc2145a55795810aeefc7825b263f7f3640d7966d05d92
866575558b7262781aab5d07d8756b05cd3944019a0243a36c2cbdc0a41be610
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
92418920d2c9d33b6273aa30ae24394b5616065f80ccb8dff72d14fa227a9e70
925f3cea7f6688ccca6632672a68d8dc63eeb17b842d7de18493f54221f5a6e1
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9dd1ad64445dd1dc3403c4396de91d7a514a0cca4f0e4e39a70d5ac7001938da
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
acc59f9b5fce9cdc25d3dc8ca8011fe8bf3e07ca3d24440fa26b221c57ffd499
b2c9607ab39234b1798084984a43c775f55010927a6fd4eb2f31e2671236644e
b75640250e69024fdf4487e83a538b5c07a516f16645329b0d2a63bca6df8b3a
b82493062c683f6799d63a54acf2673e411e4c56570dbda72f590aac1046d4b5
b897cc9c51f604bf6b8fbd53f46d216627c0e079bb6bc2f049b2344dfa3bb277
bca0d729549a122fc8a0ed9ce604c3fc7a4eaaba2311213e251a19e57792c5ba
c78417d4dc63e27aaa189d7471efca14b4e00cd0783557e45d7bf16512c1d4c9
d11c2ab01dd30055d2259ca7fcd9a18069a9462883f48903401aee19272bd6fb
d2eaac5c0600c2978475f641c7ae004ce88dd3abbcee6226504b3ae32bd8f4ea
d4934449669ddb90d9023329b3feece02649c85451e4d0afa5eddfce4de6bbcf
d64a03794a08610f8e94c0d51252ada2285152b89e25547762aaf644a72ccefe
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d8349700a8cdfc2061e0b331e6728ca11fa14108a2796177d1e9ac51eb15d57f
d938aa9fd95b07402c8793e7e3f4665a6d046f6c0cae428dcbf288e9e0f556ee
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e
e865d06c602f7fc635943d3746b317cb83529ea95e3b43741ad433c17f278789
ea1913f47f62728bd878b1c9acd1a571ac6f2667014bd36c6d3571a69e332d7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4cc7bd1b300553992eec7e8c170197d6f337b8e54bf9ab02758f0fd18d85b0
f02fd82bebf0370f857d7261c77951532419637004bffaa9fd28f5c1bde442eb
f39ddbd0860eaf9fa22ad5e0005ac1117e9d2ec76c0f252c5e397817a0cfe194
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
fd72262550b7b11685734ecf6a363bf167efaa741b955599a1de4289cb9f925d
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e

team.gdrive.vip Open in urlscan Pro 2606:4700:3032::ac43:abf0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

102 Requests

98 %HTTPS

92 %IPv6

18 Domains

25 Subdomains

25 IPs

6 Countries

2010 kBTransfer

5608 kBSize

8 Cookies

7 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

team.gdrive.vip Open in urlscan Pro
2606:4700:3032::ac43:abf0 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

98 %
HTTPS

92 %
IPv6

18
Domains

25
Subdomains

25
IPs

6
Countries

2010 kB
Transfer

5608 kB
Size

8
Cookies

102 HTTP transactions
2 data transactions