urlscan.io logo urlscan.io
SecurityTrails logo

footbucks.net Open in urlscan Pro
162.0.229.222  Public Scan

Go To Rescan Add Verdict Report
URL: https://footbucks.net/
Submission: On September 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 6 domains to perform 42 HTTP transactions. The main IP is 162.0.229.222, located in United States and belongs to NAMECHEAP-NET, US. The main domain is footbucks.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 9th 2023. Valid for: a year.
This is the only time footbucks.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    162.0.229.222 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium124-1.web-hosting.com
footbucks.net
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
drive.google.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:82a::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
4    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
content.googleapis.com
2    2607:f8b0:4003:c00::78 (Tulsa, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
16 footbucks.net
footbucks.net
3 MB
10 gstatic.com
www.gstatic.com
ssl.gstatic.com
fonts.gstatic.com
csi.gstatic.com
827 KB
8 google.com
drive.google.com — Cisco Umbrella Rank: 353
apis.google.com — Cisco Umbrella Rank: 125
play.google.com — Cisco Umbrella Rank: 40
166 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
content.googleapis.com — Cisco Umbrella Rank: 2240
3 KB
3 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 663
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 69
45 KB
42 6
Domain Requested by
16 footbucks.net footbucks.net
5 www.gstatic.com drive.google.com
www.gstatic.com
4 apis.google.com www.gstatic.com
content.googleapis.com
apis.google.com
3 content.googleapis.com apis.google.com
3 play.google.com www.gstatic.com
3 csp.withgoogle.com footbucks.net
2 csi.gstatic.com drive.google.com
2 ssl.gstatic.com www.gstatic.com
1 lh3.googleusercontent.com drive.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com drive.google.com
1 drive.google.com footbucks.net
42 12

This site contains no links.

Subject Issuer Validity Valid
footbucks.net
Sectigo RSA Domain Validation Secure Server CA		 2023-09-09 -
2024-09-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://footbucks.net/
Frame ID: B998B32753715FC4347143A918AE4373
Requests: 16 HTTP requests in this frame

Frame: https://drive.google.com/file/d/163Uzp92pGwzqIyY7du4v6vboFGNvWRN-/preview
Frame ID: 20B120D42B6066136BCE70F94459127B
Requests: 19 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.vIVemAYlBvo.O%2Fd%3D1%2Frs%3DAHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g%2Fm%3D__features__
Frame ID: 251F83B73652F1A16ACC3C3C432B2240
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FootBucks

Page Statistics

42
Requests

100 %
HTTPS

92 %
IPv6

6
Domains

12
Subdomains

12
IPs

2
Countries

3974 kB
Transfer

8507 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
footbucks.net/ 		685 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://footbucks.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
bc0b6a62217b1b6bf5f6cee9b5d2c60acdc641cf12f56b04d5cf1157454ece06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
313
content-type
text/html
date
Thu, 14 Sep 2023 08:44:59 GMT
last-modified
Tue, 12 Sep 2023 18:05:29 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
main.4a857192.js
footbucks.net/static/js/ 		2 MB
447 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://footbucks.net/static/js/main.4a857192.js
Requested by
Host: footbucks.net
URL: https://footbucks.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
07e3ee8bc8c78994cb7534c4ef360a9db5fc302a5aee0dc19719ffd90eaa157b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:44:59 GMT
content-encoding
br
last-modified
Tue, 12 Sep 2023 18:09:01 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
456860
expires
Thu, 21 Sep 2023 08:44:59 GMT
main.e2eb7583.css
footbucks.net/static/css/ 		116 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://footbucks.net/static/css/main.e2eb7583.css
Requested by
Host: footbucks.net
URL: https://footbucks.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
14db4b506ffe027db23ba612a1db6ae728a68f66cc313f3cfe4e821deae71f7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:44:59 GMT
content-encoding
br
last-modified
Tue, 12 Sep 2023 18:09:01 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
14318
expires
Thu, 21 Sep 2023 08:44:59 GMT
preview
drive.google.com/file/d/163Uzp92pGwzqIyY7du4v6vboFGNvWRN-/ Frame 20B1 		67 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drive.google.com/file/d/163Uzp92pGwzqIyY7du4v6vboFGNvWRN-/preview
Requested by
Host: footbucks.net
URL: https://footbucks.net/static/js/main.4a857192.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0e6e36f2780ae5962b9df934bde866d506abc68abc942847fe8a6615cd55c942
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt script-src 'report-sample' 'nonce-G2A2LZru0bOzVTNhgCvHnw' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://footbucks.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt script-src 'report-sample' 'nonce-G2A2LZru0bOzVTNhgCvHnw' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/
content-type
text/html; charset=utf-8
date
Thu, 14 Sep 2023 08:45:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
GSE
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow, nosnippet
x-xss-protection
1; mode=block
footbucks-logo.30989f111a5fd4513b7b.png
footbucks.net/static/media/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://footbucks.net/static/media/footbucks-logo.30989f111a5fd4513b7b.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
33f860655ee4750ff7f01d641935bb05248826f7116fef8dd9894e5b78a7344d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:00 GMT
last-modified
Tue, 12 Sep 2023 18:09:01 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
76920
expires
Thu, 21 Sep 2023 08:45:00 GMT
bucks-hero.509411127f47fc1bec8c.jpg
footbucks.net/static/media/ 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://footbucks.net/static/media/bucks-hero.509411127f47fc1bec8c.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
77aa21d2efa00843e08760b8f1adc3f8b1f6be2840f90db96dae109d6905fac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:00 GMT
last-modified
Tue, 12 Sep 2023 18:09:01 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
202226
expires
Thu, 21 Sep 2023 08:45:00 GMT
mission_image.3ba0a5ee3c1f091b48f7.png
footbucks.net/static/media/ 		594 KB
595 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://footbucks.net/static/media/mission_image.3ba0a5ee3c1f091b48f7.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
802af7e9bddd438b64be3f799e5db21004a51c3b30015092c747803d88688a45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:00 GMT
last-modified
Tue, 12 Sep 2023 18:09:01 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
608351
expires
Thu, 21 Sep 2023 08:45:00 GMT
vision_image.6fa548db82efbd92cd8d.png
footbucks.net/static/media/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://footbucks.net/static/media/vision_image.6fa548db82efbd92cd8d.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
11a25d6fa0c71f0514b8e12c2f59d114f8953966a628b291562feac1a188c12c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:00 GMT
last-modified
Tue, 12 Sep 2023 18:09:02 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1258600
expires
Thu, 21 Sep 2023 08:45:00 GMT
NFT1.5ac68fd4da7d2fdc7284.jpeg
footbucks.net/static/media/ 		183 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://footbucks.net/static/media/NFT1.5ac68fd4da7d2fdc7284.jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
c5e7c716cf80d1c2a5f61fc10540e2350eeb79a3024838cbb55c0c3c8b545b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:00 GMT
last-modified
Tue, 12 Sep 2023 18:09:02 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
187077
expires
Thu, 21 Sep 2023 08:45:00 GMT
NFT2.69825200774533b46266.jpeg
footbucks.net/static/media/ 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://footbucks.net/static/media/NFT2.69825200774533b46266.jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
c127bb7d76be2b7ba5ff5af3b0ffb2b7c9e057a96cf76f9b247e804f969b8798

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:00 GMT
last-modified
Tue, 12 Sep 2023 18:09:01 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
189415
expires
Thu, 21 Sep 2023 08:45:00 GMT
telegram.4a0578538b62dda82a7b16768c311879.svg
footbucks.net/static/media/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://footbucks.net/static/media/telegram.4a0578538b62dda82a7b16768c311879.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
5a52038f87936fe72988d6faa4323616a89bf859e4d7250b3b1061066e1a0a56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:00 GMT
content-encoding
br
last-modified
Tue, 12 Sep 2023 18:09:01 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
859
expires
Thu, 21 Sep 2023 08:45:00 GMT
instagram.08fb39d8600f17604f7adb1716057750.svg
footbucks.net/static/media/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://footbucks.net/static/media/instagram.08fb39d8600f17604f7adb1716057750.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
803c9172784432ead4d54d3e3dc7a120591ccc25c8013d302be8e627d8051b1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:00 GMT
content-encoding
br
last-modified
Tue, 12 Sep 2023 18:09:01 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1710
expires
Thu, 21 Sep 2023 08:45:00 GMT
x2.19141a5517d7891a511be685d357d5e0.svg
footbucks.net/static/media/ 		361 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://footbucks.net/static/media/x2.19141a5517d7891a511be685d357d5e0.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
1aea5c6b5a674bd6869bd851da1dc23af627667e6f30f101f33aff9409858cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:00 GMT
content-encoding
br
last-modified
Tue, 12 Sep 2023 18:09:01 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
231
expires
Thu, 21 Sep 2023 08:45:00 GMT
facebook.fda3b5452c6e3e7e2bcb4867e2e12ae3.svg
footbucks.net/static/media/ 		559 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://footbucks.net/static/media/facebook.fda3b5452c6e3e7e2bcb4867e2e12ae3.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
e74b1ec4eb96b738fe99e4fee62936fddb651606a483eb41061b7341dc3da101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:00 GMT
content-encoding
br
last-modified
Tue, 12 Sep 2023 18:09:01 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
304
expires
Thu, 21 Sep 2023 08:45:00 GMT
discord.416aee748200619afaacc5d8e6fd8d95.svg
footbucks.net/static/media/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://footbucks.net/static/media/discord.416aee748200619afaacc5d8e6fd8d95.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
aac7fbf376799ea49f0266fe3d361c1cae827bc0b2f5769f564cdf29b67a99f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:01 GMT
content-encoding
br
last-modified
Tue, 12 Sep 2023 18:09:01 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1517
expires
Thu, 21 Sep 2023 08:45:01 GMT
x.c80ba5c368a084c718119e7aaec24055.svg
footbucks.net/static/media/ 		323 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://footbucks.net/static/media/x.c80ba5c368a084c718119e7aaec24055.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
a0d83c1618a0bb6604c5c43b03eff88b4763ee4b5285ad3ffe4fc0595b4cdede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:01 GMT
content-encoding
br
last-modified
Tue, 12 Sep 2023 18:09:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
214
expires
Thu, 21 Sep 2023 08:45:01 GMT
copyright.afade7b6fa3a26c73a246e3b33d7cf40.svg
footbucks.net/static/media/ 		1 KB
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://footbucks.net/static/media/copyright.afade7b6fa3a26c73a246e3b33d7cf40.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.229.222 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium124-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
eb5562d5ec3149ff98ee5293777fd884972edfc27e2de0b26161583494845062

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://footbucks.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:01 GMT
content-encoding
br
last-modified
Tue, 12 Sep 2023 18:09:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
484
expires
Thu, 21 Sep 2023 08:45:01 GMT
css
fonts.googleapis.com/ Frame 20B1 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/163Uzp92pGwzqIyY7du4v6vboFGNvWRN-/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Sep 2023 08:45:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 06:57:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Sep 2023 08:45:01 GMT
rs=AO0039vk6nDvzni4WrZk3q8o_Pf-CYc5vw
www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.E-JM0XrnXWY.L.W.O/d=0/ Frame 20B1 		2 MB
232 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.E-JM0XrnXWY.L.W.O/d=0/rs=AO0039vk6nDvzni4WrZk3q8o_Pf-CYc5vw
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/163Uzp92pGwzqIyY7du4v6vboFGNvWRN-/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c990486be226722924ac05de07695ae1f577c45e3c5667b26fdac46600b62e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 15:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236879
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 07:04:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-fileview"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 15:11:07 GMT
m=v,wb
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.DloH03001sA.O/d=1/rs=AO0039vjZVEWS6Ojgwlfse99BRevt7up8A/ Frame 20B1 		1 MB
461 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.DloH03001sA.O/d=1/rs=AO0039vjZVEWS6Ojgwlfse99BRevt7up8A/m=v,wb
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/163Uzp92pGwzqIyY7du4v6vboFGNvWRN-/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4b4348fc802c1bd6aef2b134229a42d06c3b13866fd3d97e68b2104c1f61c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 17:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
471849
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 07:04:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-fileview"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 17:05:28 GMT
docs-tt
csp.withgoogle.com/csp/ Frame 20B1 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/docs-tt
Requested by
Host: footbucks.net
URL: https://footbucks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://drive.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/csp-report

Response headers
rs=AA2YrTuMMWzIe93bR1aOKU84uwoZXXgRWg
www.gstatic.com/og/_/js/k=og.qtm.en_US.l-fBq1XNBvc.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ Frame 20B1 		108 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/og/_/js/k=og.qtm.en_US.l-fBq1XNBvc.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTuMMWzIe93bR1aOKU84uwoZXXgRWg
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/163Uzp92pGwzqIyY7du4v6vboFGNvWRN-/preview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3661cb407c3455cdfed39f2f62b8b016efbadc42b74fb9177ecf4b51af41dd23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 13:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157392
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39560
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 01:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="one-google-eng"
vary
Accept-Encoding, Origin
report-to
{"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 13:01:49 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.vIVemAYlBvo.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g/ Frame 20B1 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.vIVemAYlBvo.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g/cb=gapi.loaded_0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.l-fBq1XNBvc.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTuMMWzIe93bR1aOKU84uwoZXXgRWg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a2267d907959bc0dd45938b71b5a43e42c365953fee9a9700a021fd08e7f346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 02:11:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41112
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 15:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Sep 2024 02:11:18 GMT
m=MpJwZc,UUJqVe,syj,sy4,syk,s39S4,syl,sy19,pw70Gc
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.DloH03001sA.O/d=0/rs=AO0039vjZVEWS6Ojgwlfse99BRevt7up8A/ Frame 20B1 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.DloH03001sA.O/d=0/rs=AO0039vjZVEWS6Ojgwlfse99BRevt7up8A/m=MpJwZc,UUJqVe,syj,sy4,syk,s39S4,syl,sy19,pw70Gc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.DloH03001sA.O/d=1/rs=AO0039vjZVEWS6Ojgwlfse99BRevt7up8A/m=v,wb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3645fc28523c72c31c30a04af84dc8242cf4813032edf3d610285b0b5e89217
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 17:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4431
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 07:04:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-fileview"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 17:05:28 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.vIVemAYlBvo.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g/ Frame 20B1 		201 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.vIVemAYlBvo.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g/cb=gapi.loaded_1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.l-fBq1XNBvc.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTuMMWzIe93bR1aOKU84uwoZXXgRWg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9dcd98250518ccb7d18cbd6ea81df70055fb8a4b60bec6b03602b84eeb80ced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 07:35:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70745
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 15:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Sep 2024 07:35:32 GMT
log
play.google.com/ Frame 20B1 		131 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.DloH03001sA.O/d=1/rs=AO0039vjZVEWS6Ojgwlfse99BRevt7up8A/m=v,wb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 14 Sep 2023 08:45:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://drive.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 14 Sep 2023 08:45:01 GMT
v-sprite53.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 20B1 		112 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite53.svg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.E-JM0XrnXWY.L.W.O/d=0/rs=AO0039vk6nDvzni4WrZk3q8o_Pf-CYc5vw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64279a6dce5ee0384451a864f74943de5aa79e1b44a90ef817ca2a12c1103812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 07:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
175655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48836
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Wed, 11 Sep 2024 07:57:26 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 20B1 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://drive.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:14:28 GMT
x-content-type-options
nosniff
age
99033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Sep 2024 05:14:28 GMT
log
play.google.com/ Frame 20B1 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.DloH03001sA.O/d=1/rs=AO0039vjZVEWS6Ojgwlfse99BRevt7up8A/m=v,wb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 14 Sep 2023 08:45:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://drive.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 14 Sep 2023 08:45:01 GMT
AITFw-yz4-DEtzj_mVeoPgbjqECUX8k26zJZa-QiFjoWI1iN0rVLEwCListmSguaUrnqbJbCDSRTOev084f2jPasbjtQbhyN1Q=w1920-h1080-k-pd
lh3.googleusercontent.com/drive-viewer/ Frame 20B1 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/drive-viewer/AITFw-yz4-DEtzj_mVeoPgbjqECUX8k26zJZa-QiFjoWI1iN0rVLEwCListmSguaUrnqbJbCDSRTOev084f2jPasbjtQbhyN1Q=w1920-h1080-k-pd
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/163Uzp92pGwzqIyY7du4v6vboFGNvWRN-/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
076c65c9d535e62684e213306740c8336214d66b7262cf5d734db152ef72f907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:45:01 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="project_video.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46042
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=sy1p,sy34,sAbmxd
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.DloH03001sA.O/d=0/rs=AO0039vjZVEWS6Ojgwlfse99BRevt7up8A/ Frame 20B1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.DloH03001sA.O/d=0/rs=AO0039vjZVEWS6Ojgwlfse99BRevt7up8A/m=sy1p,sy34,sAbmxd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.DloH03001sA.O/d=1/rs=AO0039vjZVEWS6Ojgwlfse99BRevt7up8A/m=v,wb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
652610467706d1c299f9ad94ae89997f7726520bffd10acc0200c5139e82e183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:58:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6281
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 07:04:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-fileview"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 17:58:13 GMT
proxy.html
content.googleapis.com/static/ Frame 251F 		382 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.vIVemAYlBvo.O%2Fd%3D1%2Frs%3DAHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.vIVemAYlBvo.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1c23084add808ee92925a362e24df0e0ce20c5761c98daff252145277b53fbf
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-XaWAu69jo69B15KSMPdB3w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
274
content-security-policy
script-src 'nonce-XaWAu69jo69B15KSMPdB3w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type
text/html
cross-origin-embedder-policy
require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only
same-origin; report-to="apiserving"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 08:45:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
pragma
no-cache
report-to
{"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
docs-tt
csp.withgoogle.com/csp/ Frame 251F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/docs-tt
Requested by
Host: footbucks.net
URL: https://footbucks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/csp-report

Response headers
csi
csi.gstatic.com/ Frame 20B1 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csi.gstatic.com/csi?v=3&s=gapi_module&action=gapi_iframes__googleapis_cli3&it=mli.191,mei.8&srt=336&e=abc_l0,abc_m0,abc_pgapi_iframes__googleapis_cli3,abc_u0&rt=
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/163Uzp92pGwzqIyY7du4v6vboFGNvWRN-/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c00::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 08:45:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 20B1 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csi.gstatic.com/csi?v=3&s=gapi_module&action=client___gapi_iframes__googl12&it=mli.117,mei.7&e=abc_l0,abc_m0,abc_pclient___gapi_iframes__googl12,abc_u0&rt=
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/163Uzp92pGwzqIyY7du4v6vboFGNvWRN-/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c00::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 08:45:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
play-overlay.png
ssl.gstatic.com/s2/tt/images/ Frame 20B1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/tt/images/play-overlay.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.E-JM0XrnXWY.L.W.O/d=0/rs=AO0039vk6nDvzni4WrZk3q8o_Pf-CYc5vw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08cce022c4202effcfcbebaea07eb5df4e18569c64b438636ee1efa8547d56f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 05:15:40 GMT
x-content-type-options
nosniff
age
444561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/focus
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1638
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="focus"
vary
Origin
report-to
{"group":"focus","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/focus"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Sep 2024 05:15:40 GMT
apiserving
csp.withgoogle.com/csp/ Frame 251F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/apiserving
Requested by
Host: footbucks.net
URL: https://footbucks.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://content.googleapis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/csp-report

Response headers
googleapis.proxy.js
apis.google.com/js/ Frame 251F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/googleapis.proxy.js?onload=startup
Requested by
Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.vIVemAYlBvo.O%2Fd%3D1%2Frs%3DAHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
582c4b6011bacbce512b482c954bf8ea0246073ee539f687b69868364d290013
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 14 Sep 2023 08:45:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7117
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"590fc6f47962183f"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 08:45:01 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.vIVemAYlBvo.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g/ Frame 251F 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.vIVemAYlBvo.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7da794be3c0ad56452ca5804d39f487bd2211e22d51e8ead1c38f41d428180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 07:55:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27791
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 15:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Sep 2024 07:55:18 GMT
viewerimpressions
content.googleapis.com/drive/v2internal/ Frame 251F 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.vIVemAYlBvo.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://drive.google.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.187%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.187%20Safari%2F537.36
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.vIVemAYlBvo.O%2Fd%3D1%2Frs%3DAHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Goog-AuthUser
0
X-Referer
https://drive.google.com

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 08:45:01 GMT
x-content-type-options
nosniff
server
ESF
etag
"vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin, X-Origin
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
log
play.google.com/ Frame 20B1 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.DloH03001sA.O/d=1/rs=AO0039vjZVEWS6Ojgwlfse99BRevt7up8A/m=v,wb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 14 Sep 2023 08:45:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://drive.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 14 Sep 2023 08:45:01 GMT
viewerimpressions
content.googleapis.com/drive/v2internal/ Frame 251F 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.vIVemAYlBvo.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://drive.google.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.187%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.187%20Safari%2F537.36
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.vIVemAYlBvo.O%2Fd%3D1%2Frs%3DAHpOoo_eZqauDOH0vAaumGJQwp71CTPx9g%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Goog-AuthUser
0
X-Referer
https://drive.google.com

Response headers

pragma
no-cache
date
Thu, 14 Sep 2023 08:45:02 GMT
x-content-type-options
nosniff
server
ESF
etag
"vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin, X-Origin
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _ethers

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=tMjbXWkSEsxMph9qsj0jHB-KqPt44BpXes8umWyoqI7xl09TrOToNMqS5DGzrP1vSFqUm8IIJu--smHzVHzlEVr7AE1iPAegGzzDxQsM8i2shAQ9QDIDT9QxQS_wjb7xguLbpZ7I8hDuvZ77KdivuGfWqcE0Em4xgZhIvIYBjVg

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
content.googleapis.com
csi.gstatic.com
csp.withgoogle.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
footbucks.net
lh3.googleusercontent.com
play.google.com
ssl.gstatic.com
www.gstatic.com
162.0.229.222
2607:f8b0:4003:c00::78
2a00:1450:4001:803::200e
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2011
2a00:1450:4001:830::2003
076c65c9d535e62684e213306740c8336214d66b7262cf5d734db152ef72f907
07e3ee8bc8c78994cb7534c4ef360a9db5fc302a5aee0dc19719ffd90eaa157b
08cce022c4202effcfcbebaea07eb5df4e18569c64b438636ee1efa8547d56f8
0a2267d907959bc0dd45938b71b5a43e42c365953fee9a9700a021fd08e7f346
0e6e36f2780ae5962b9df934bde866d506abc68abc942847fe8a6615cd55c942
11a25d6fa0c71f0514b8e12c2f59d114f8953966a628b291562feac1a188c12c
14db4b506ffe027db23ba612a1db6ae728a68f66cc313f3cfe4e821deae71f7f
1aea5c6b5a674bd6869bd851da1dc23af627667e6f30f101f33aff9409858cfa
2a7da794be3c0ad56452ca5804d39f487bd2211e22d51e8ead1c38f41d428180
33f860655ee4750ff7f01d641935bb05248826f7116fef8dd9894e5b78a7344d
3661cb407c3455cdfed39f2f62b8b016efbadc42b74fb9177ecf4b51af41dd23
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
582c4b6011bacbce512b482c954bf8ea0246073ee539f687b69868364d290013
5a52038f87936fe72988d6faa4323616a89bf859e4d7250b3b1061066e1a0a56
64279a6dce5ee0384451a864f74943de5aa79e1b44a90ef817ca2a12c1103812
652610467706d1c299f9ad94ae89997f7726520bffd10acc0200c5139e82e183
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
77aa21d2efa00843e08760b8f1adc3f8b1f6be2840f90db96dae109d6905fac5
77c990486be226722924ac05de07695ae1f577c45e3c5667b26fdac46600b62e
802af7e9bddd438b64be3f799e5db21004a51c3b30015092c747803d88688a45
803c9172784432ead4d54d3e3dc7a120591ccc25c8013d302be8e627d8051b1f
a0d83c1618a0bb6604c5c43b03eff88b4763ee4b5285ad3ffe4fc0595b4cdede
aac7fbf376799ea49f0266fe3d361c1cae827bc0b2f5769f564cdf29b67a99f7
b3645fc28523c72c31c30a04af84dc8242cf4813032edf3d610285b0b5e89217
b4b4348fc802c1bd6aef2b134229a42d06c3b13866fd3d97e68b2104c1f61c61
bc0b6a62217b1b6bf5f6cee9b5d2c60acdc641cf12f56b04d5cf1157454ece06
c127bb7d76be2b7ba5ff5af3b0ffb2b7c9e057a96cf76f9b247e804f969b8798
c5e7c716cf80d1c2a5f61fc10540e2350eeb79a3024838cbb55c0c3c8b545b5a
d1c23084add808ee92925a362e24df0e0ce20c5761c98daff252145277b53fbf
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
d9dcd98250518ccb7d18cbd6ea81df70055fb8a4b60bec6b03602b84eeb80ced
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74b1ec4eb96b738fe99e4fee62936fddb651606a483eb41061b7341dc3da101
eb5562d5ec3149ff98ee5293777fd884972edfc27e2de0b26161583494845062