urlscan.io logo urlscan.io
SecurityTrails logo

decayingmorning.carrd.co Open in urlscan Pro
104.18.40.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://decayingmorning.carrd.co/
Effective URL: https://decayingmorning.carrd.co/
Submission: On November 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 5 domains to perform 35 HTTP transactions. The main IP is 104.18.40.34, located in and belongs to CLOUDFLARENET, US. The main domain is decayingmorning.carrd.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2023. Valid for: a year.
This is the only time decayingmorning.carrd.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    172.64.147.222 (United States)

ASN13335 (CLOUDFLARENET, US)
decayingmorning.carrd.co
5    104.18.40.34 (None, )

ASN13335 (CLOUDFLARENET, US)
decayingmorning.carrd.co
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
drive.google.com
4    2a00:1450:4001:811::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
6    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
3    2a00:1450:4001:802::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
4    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
content.googleapis.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
15 google.com
drive.google.com — Cisco Umbrella Rank: 318
play.google.com — Cisco Umbrella Rank: 28
accounts.google.com — Cisco Umbrella Rank: 24
apis.google.com — Cisco Umbrella Rank: 112
www.google.com — Cisco Umbrella Rank: 2
175 KB
9 gstatic.com
www.gstatic.com
ssl.gstatic.com
fonts.gstatic.com
902 KB
6 carrd.co
decayingmorning.carrd.co
1 MB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
content.googleapis.com — Cisco Umbrella Rank: 1855
4 KB
4 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 504
35 5
Domain Requested by
6 www.gstatic.com drive.google.com
www.gstatic.com
6 decayingmorning.carrd.co 1 redirects decayingmorning.carrd.co
4 apis.google.com www.gstatic.com
content.googleapis.com
apis.google.com
4 csp.withgoogle.com decayingmorning.carrd.co
4 drive.google.com 1 redirects decayingmorning.carrd.co
www.gstatic.com
3 content.googleapis.com apis.google.com
3 accounts.google.com 2 redirects www.gstatic.com
3 play.google.com www.gstatic.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com decayingmorning.carrd.co
drive.google.com
1 www.google.com accounts.google.com
1 ssl.gstatic.com www.gstatic.com
35 12
Subject Issuer Validity Valid
carrd.co
Cloudflare Inc ECC CA-3		 2023-03-31 -
2024-03-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://decayingmorning.carrd.co/
Frame ID: FFF5AA142E3028264D56113F178406E7
Requests: 12 HTTP requests in this frame

Frame: https://drive.google.com/file/d/1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6/preview
Frame ID: 8AB7EEED8BAF3B2F37DC485291083F81
Requests: 18 HTTP requests in this frame

Frame: https://drive.google.com/auth_warmup?origin=https%3A%2F%2Fdrive.google.com
Frame ID: 545F9E859A5D571C848C346DF0568F19
Requests: 1 HTTP requests in this frame

Frame: https://csp.withgoogle.com/csp/docs-tt
Frame ID: 3FBCE6E9B2391A928EDA1E7C87CB1E8F
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp2T-quU4rmydcVT6uTSRaY18KsUeZk5pOfWKwL4YK3qDbkZu227_yeLthO3bIiqSN_hhO-L&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1559555756%3A1700583635224657&theme=glif
Frame ID: 610B9DB06895B7032AE53C605F0A8008
Requests: 2 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.CzrNRWo3AFk.O%2Fd%3D1%2Frs%3DAHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q%2Fm%3D__features__
Frame ID: DCD6D682246BB6728F402E655C02E460
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

soleil ⋆

Page URL History Show full URLs

  1. http://decayingmorning.carrd.co/ HTTP 301
    https://decayingmorning.carrd.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

35
Requests

100 %
HTTPS

85 %
IPv6

5
Domains

12
Subdomains

13
IPs

3
Countries

2523 kB
Transfer

6128 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://decayingmorning.carrd.co/ HTTP 301
    https://decayingmorning.carrd.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://drive.google.com/drivesharing/clientmodel?id=1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6&foreignService=texmex&authuser=0&origin=https%3A%2F%2Fdrive.google.com HTTP 302
  • https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://drive.google.com/drivesharing/clientmodel?id%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://drive.google.com/drivesharing/clientmodel?id%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&passive=1209600&ifkv=ASKXGp2IW7hoAkOHfuNcSjgvtOBmCoOFRi4VbcyM6DrGkd1qAGuQmlNob6E9mG1Rz22FhPw9RidQ HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp2T-quU4rmydcVT6uTSRaY18KsUeZk5pOfWKwL4YK3qDbkZu227_yeLthO3bIiqSN_hhO-L&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1559555756%3A1700583635224657&theme=glif

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
decayingmorning.carrd.co/
Redirect Chain
  • http://decayingmorning.carrd.co/
  • https://decayingmorning.carrd.co/
161 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://decayingmorning.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
808ad58c39893f458668359af687fc927fed440cf9c61c508f11a3f0c424b41c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
829a42be8a30195e-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 21 Nov 2023 16:20:34 GMT
expires
Tue, 21 Nov 2023 16:20:33 GMT
last-modified
Thu, 09 Nov 2023 10:13:27 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
829a42bcea4065d1-FRA
Cache-Control
max-age=0
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 21 Nov 2023 16:20:33 GMT
Expires
Tue, 21 Nov 2023 16:20:33 GMT
Location
https://decayingmorning.carrd.co/
Server
cloudflare
Transfer-Encoding
chunked
css2
fonts.googleapis.com/ 		837 B
761 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&family=B612+Mono:ital,wght@0,400;1,400
Requested by
Host: decayingmorning.carrd.co
URL: https://decayingmorning.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33448b66de90ef6bddeaa94ca59843879e44d76d4402be8539401847174a11fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://decayingmorning.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 Nov 2023 16:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 Nov 2023 16:20:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Nov 2023 16:20:34 GMT
truncated
/ 		185 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e2c3304c081c3c180d275bc6bc3b008befeb74633300ee2b8c56013244cc444

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
image02.png
decayingmorning.carrd.co/assets/images/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://decayingmorning.carrd.co/assets/images/image02.png?v=c37b6bae
Requested by
Host: decayingmorning.carrd.co
URL: https://decayingmorning.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca999df5d445344d0393376c470f6de02c146a42c0c170c5e39119da23d49bf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://decayingmorning.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:20:34 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Nov 2023 16:11:27 GMT
server
cloudflare
etag
"17fd4-6097e1b343700"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
829a42c0ed59195e-FRA
content-length
98260
expires
Tue, 28 Nov 2023 16:20:34 GMT
truncated
/ 		70 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9e19314fbc2d62546accbefbbc7705c60fbf52011ce51ffdf17d5bd1c23964d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
bg.jpg
decayingmorning.carrd.co/assets/images/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://decayingmorning.carrd.co/assets/images/bg.jpg?v=c37b6bae
Requested by
Host: decayingmorning.carrd.co
URL: https://decayingmorning.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefbed9f01bc2777ca74db8f086fd6fd216b93bb6e1b39bfb57f1e6abc8544c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://decayingmorning.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:20:34 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Jun 2023 16:06:48 GMT
server
cloudflare
etag
"145fe-5fe7db8cb2368"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
829a42c10d7f195e-FRA
content-length
83454
expires
Tue, 28 Nov 2023 16:20:34 GMT
truncated
/ 		397 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		185 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19b39dda198f73768d32a9b93b3a5a4098a7653e62ab1b9126f2a0eb2045b31d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		185 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b94be0827ea13061b2166f877e66e3474d7fc93e6640b0fca0d9e79a0c6d0f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		185 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc164e1ecbba6f0409597765b3aa4af530c4f9235b6d58c15d94b7479b3442b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
preview
drive.google.com/file/d/1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6/ Frame 8AB7 		70 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drive.google.com/file/d/1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6/preview
Requested by
Host: decayingmorning.carrd.co
URL: https://decayingmorning.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b69b681091ce6a0c1acf02c37818645aae947036ba5f5ff306655c54b22e91d5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dJBGzSa_da4BhgPzGA2jzw' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/ require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://decayingmorning.carrd.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dJBGzSa_da4BhgPzGA2jzw' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/ require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
content-type
text/html; charset=utf-8
date
Tue, 21 Nov 2023 16:20:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
GSE
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow, nosnippet
x-xss-protection
1; mode=block
docs-tt
csp.withgoogle.com/csp/ Frame 8AB7 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/docs-tt
Requested by
Host: decayingmorning.carrd.co
URL: https://decayingmorning.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://drive.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers
css
fonts.googleapis.com/ Frame 8AB7 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 Nov 2023 16:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 Nov 2023 15:48:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Nov 2023 16:20:34 GMT
rs=AO0039vxmpB_l5P_mTg14l7ocD5NRYTJ0Q
www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.QaLwlEC3Pik.L.W.O/am=IAw/d=0/ Frame 8AB7 		2 MB
247 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.QaLwlEC3Pik.L.W.O/am=IAw/d=0/rs=AO0039vxmpB_l5P_mTg14l7ocD5NRYTJ0Q
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
327eec72bdc52b51eb7312c7b25d990ae41cd1a56d67e31693dcc95dca6b6fa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:29:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
391845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252401
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 02:23:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-fileview"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 03:29:49 GMT
m=v,wb
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/ Frame 8AB7 		1 MB
473 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c22304c0429ca08d4147b588fc987380c6035611b5c369ffd6ed7bd67faa59f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
516973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
484288
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 21:14:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-fileview"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 16:44:21 GMT
rs=AA2YrTuFdMeuRY-i7JPqP_M8jfztH8nn8Q
www.gstatic.com/og/_/js/k=og.qtm.en_US._Y_GrwNhTr8.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ Frame 8AB7 		111 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/og/_/js/k=og.qtm.en_US._Y_GrwNhTr8.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTuFdMeuRY-i7JPqP_M8jfztH8nn8Q
Requested by
Host: drive.google.com
URL: https://drive.google.com/file/d/1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6/preview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e04eff2017544710257f635fd5667eeac55e4287691fa13dd51d23f073bcbda6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 11:28:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40948
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 02:34:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="one-google-eng"
vary
Accept-Encoding, Origin
report-to
{"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 11:28:28 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ Frame 8AB7 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e901ebb09fa9903e237ef74d0578bede0331fb3ef264ea7dabf79f894dd9556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 15:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36058
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 17:41:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 21 Nov 2023 16:36:10 GMT
m=MpJwZc,UUJqVe,sy1v,sy3,sy1w,s39S4,syk,sy1x,pw70Gc
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=0/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/ Frame 8AB7 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=0/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=MpJwZc,UUJqVe,sy1v,sy3,sy1w,s39S4,syk,sy1x,pw70Gc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5aec90b0ba239134aaa648aa2316097954bf994f31ecfc8a10a51c355d824691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 21:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
328117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4557
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 21:14:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-fileview"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 21:11:57 GMT
auth_warmup
drive.google.com/ Frame 545F 		0
842 B 		Document
General
Check archive.org
Download Go to
Full URL
https://drive.google.com/auth_warmup?origin=https%3A%2F%2Fdrive.google.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-pIjCESLm9Xdna9OirgT1bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-pIjCESLm9Xdna9OirgT1bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 21 Nov 2023 16:20:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
log
play.google.com/ Frame 8AB7 		131 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 21 Nov 2023 16:20:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://drive.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 21 Nov 2023 16:20:35 GMT
docs-tt
csp.withgoogle.com/csp/ Frame 3FBC 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/docs-tt
Requested by
Host: decayingmorning.carrd.co
URL: https://decayingmorning.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers
identifier
accounts.google.com/v3/signin/ Frame 610B
Redirect Chain
  • https://drive.google.com/drivesharing/clientmodel?id=1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6&foreignService=texmex&authuser=0&origin=https%3A%2F%2Fdrive.google.com
  • https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://drive.google.com/drivesharing/clientmodel?id%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%2...
  • https://accounts.google.com/InteractiveLogin?continue=https://drive.google.com/drivesharing/clientmodel?id%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dht...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3...
2 KB
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp2T-quU4rmydcVT6uTSRaY18KsUeZk5pOfWKwL4YK3qDbkZu227_yeLthO3bIiqSN_hhO-L&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1559555756%3A1700583635224657&theme=glif
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4698d8302701b61844352374072262d3294a9abb32debb0cc5e807b283dd8fe5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QmZ-IpKYShv-OrEO-S0JQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-QmZ-IpKYShv-OrEO-S0JQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="AccountsSignInUi"
date
Tue, 21 Nov 2023 16:20:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
474
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport script-src 'report-sample' 'nonce-zH8nFtxNsOUVA_DRwJqFng' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type
text/html; charset=UTF-8
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
date
Tue, 21 Nov 2023 16:20:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp2T-quU4rmydcVT6uTSRaY18KsUeZk5pOfWKwL4YK3qDbkZu227_yeLthO3bIiqSN_hhO-L&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1559555756%3A1700583635224657&theme=glif
pragma
no-cache
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
server
GSE
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/ Frame 8AB7 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/cb=gapi.loaded_0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US._Y_GrwNhTr8.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTuFdMeuRY-i7JPqP_M8jfztH8nn8Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d4e56038dcccd960ea62bd2ee6925469001254602dfb54b740f1a1adaf0d7b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 10:22:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40799
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:15:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 10:22:13 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/ Frame 8AB7 		202 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/cb=gapi.loaded_1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US._Y_GrwNhTr8.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTuFdMeuRY-i7JPqP_M8jfztH8nn8Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4848ea89a7964e61e05d3b105bd4fa974f7f81d89a5a02fbc1c1b72c9309562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 11:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70834
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:15:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 11:01:03 GMT
v-sprite54.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 8AB7 		113 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite54.svg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.QaLwlEC3Pik.L.W.O/am=IAw/d=0/rs=AO0039vxmpB_l5P_mTg14l7ocD5NRYTJ0Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64db3530653f3c614e2ef2daa616a5ab601c0cd3201b01f8b7842a0e666cbde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 10:21:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
280739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49026
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Sun, 17 Nov 2024 10:21:36 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8AB7 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://drive.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 09:09:18 GMT
x-content-type-options
nosniff
age
25877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 09:09:18 GMT
m=CmOog,sy2f,SB123c
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=0/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/ Frame 8AB7 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=0/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=CmOog,sy2f,SB123c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
827e8ba6d803c31a4bb102d7e88774e586e63b8f19549dcd1f3232b5dce7e772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drive.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:35:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4107
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 21:14:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-fileview"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 22:35:05 GMT
log
play.google.com/ Frame 8AB7 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 21 Nov 2023 16:20:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://drive.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 21 Nov 2023 16:20:35 GMT
uc
drive.google.com/ Frame 8AB7 		410 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://drive.google.com/uc?id=1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6&authuser=0&export=download
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f341165ebcef74f21c9dce9abbad303abcbd38aecd74da44f12a89e9f8330f8c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fUsGjpYTr4Jfq1DbVCVY9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
X-Drive-First-Party
DriveViewer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 21 Nov 2023 16:20:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-fUsGjpYTr4Jfq1DbVCVY9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://drive.google.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
proxy.html
content.googleapis.com/static/ Frame DCD6 		382 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.CzrNRWo3AFk.O%2Fd%3D1%2Frs%3DAHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21645a494a4f831417cc3b3151b5612591772c6c284cf6d52f4849c5f883d6f7
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-y4AANvKDn0s9Wf73y91rAQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
275
content-security-policy
script-src 'nonce-y4AANvKDn0s9Wf73y91rAQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type
text/html
cross-origin-embedder-policy
require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only
same-origin; report-to="apiserving"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 16:20:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
pragma
no-cache
report-to
{"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
docs-tt
csp.withgoogle.com/csp/ Frame DCD6 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/docs-tt
Requested by
Host: decayingmorning.carrd.co
URL: https://decayingmorning.carrd.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers
apiserving
csp.withgoogle.com/csp/ Frame DCD6 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/apiserving
Requested by
Host: decayingmorning.carrd.co
URL: https://decayingmorning.carrd.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://content.googleapis.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers
googleapis.proxy.js
apis.google.com/js/ Frame DCD6 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/googleapis.proxy.js?onload=startup
Requested by
Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.CzrNRWo3AFk.O%2Fd%3D1%2Frs%3DAHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b093037c5b94003859b96af6b27c8ba17832cfc8943b7511b905b571e78723
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 21 Nov 2023 16:20:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"23edfa0f3c3c3329"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 16:20:35 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/ Frame DCD6 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51bfed53838c4fc38e50188149988cbd23697cfd7460a2f9d24184ab6ba5f42c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 16:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27742
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:15:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 16:26:18 GMT
viewerimpressions
content.googleapis.com/drive/v2internal/ Frame DCD6 		1 KB
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6af913adc82c84119cea606d50435d25e956cc152a8e08b847afe3212f008381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://drive.google.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.CzrNRWo3AFk.O%2Fd%3D1%2Frs%3DAHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Goog-AuthUser
0
X-Referer
https://drive.google.com

Response headers

date
Tue, 21 Nov 2023 16:20:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
498
x-xss-protection
0
googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 610B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp2T-quU4rmydcVT6uTSRaY18KsUeZk5pOfWKwL4YK3qDbkZu227_yeLthO3bIiqSN_hhO-L&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1559555756%3A1700583635224657&theme=glif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:20:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 21 Nov 2023 16:20:35 GMT
image01.png
decayingmorning.carrd.co/assets/images/ 		501 KB
502 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://decayingmorning.carrd.co/assets/images/image01.png?v=c37b6bae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8f111484a77d090c6844c64bc61c236d73374e55bc7e3d2854adc1b7598fbf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://decayingmorning.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:20:35 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Nov 2023 14:57:29 GMT
server
cloudflare
etag
"7d585-6097d12ad01d0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
829a42c959fa195e-FRA
content-length
513413
expires
Tue, 28 Nov 2023 16:20:35 GMT
image03.png
decayingmorning.carrd.co/assets/images/ 		740 KB
741 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://decayingmorning.carrd.co/assets/images/image03.png?v=c37b6bae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6136553018fad65315a05ff8a66c661aa473aed96132cc68ccae35071a7b79e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://decayingmorning.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:20:35 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Nov 2023 14:57:29 GMT
server
cloudflare
etag
"b9166-6097d12aec6f0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
829a42c959fc195e-FRA
content-length
758118
expires
Tue, 28 Nov 2023 16:20:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8AB7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
Origin
https://drive.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 02:58:03 GMT
x-content-type-options
nosniff
age
307352
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 02:58:03 GMT
log
play.google.com/ Frame 8AB7 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://drive.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 21 Nov 2023 16:20:35 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://drive.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 21 Nov 2023 16:20:35 GMT
viewerimpressions
content.googleapis.com/drive/v2internal/ Frame DCD6 		1 KB
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a791e13104f953d8c0452845e402c47883f85d24f07e75fd8d47724c87a646b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://drive.google.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.CzrNRWo3AFk.O%2Fd%3D1%2Frs%3DAHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Goog-AuthUser
0
X-Referer
https://drive.google.com

Response headers

date
Tue, 21 Nov 2023 16:20:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
499
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| _scrollToTop function| _nextScrollPoint function| _previousScrollPoint function| _firstScrollPoint function| _lastScrollPoint function| _nextSection function| _previousSection function| _firstSection function| _lastSection

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=MjA-rGudUOUabms2dKdAwB8-APHyqteA59DLdkT1G7THGbgILC5v-Lr2tZAyKZjd-t2dZ8btzNvaIF1Shldh2sSmxy9wLZr9RGVbai_VscGjY497K8Xb8HJpCzXoy3EH8WKxt4quhHzxH4l58fmjlbW4ChZdK8fuFnWEdCA7V1g

7 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1gmO7f5nsZOABbdErAg3X3Fg4zvbwDNP6%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp2T-quU4rmydcVT6uTSRaY18KsUeZk5pOfWKwL4YK3qDbkZu227_yeLthO3bIiqSN_hhO-L&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1559555756%3A1700583635224657&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
content.googleapis.com
csp.withgoogle.com
decayingmorning.carrd.co
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
play.google.com
ssl.gstatic.com
www.google.com
www.gstatic.com
104.18.40.34
172.64.147.222
2a00:1450:4001:802::200d
2a00:1450:4001:811::200e
2a00:1450:4001:811::2011
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
19b39dda198f73768d32a9b93b3a5a4098a7653e62ab1b9126f2a0eb2045b31d
19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011
1e2c3304c081c3c180d275bc6bc3b008befeb74633300ee2b8c56013244cc444
21645a494a4f831417cc3b3151b5612591772c6c284cf6d52f4849c5f883d6f7
327eec72bdc52b51eb7312c7b25d990ae41cd1a56d67e31693dcc95dca6b6fa2
33448b66de90ef6bddeaa94ca59843879e44d76d4402be8539401847174a11fd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4698d8302701b61844352374072262d3294a9abb32debb0cc5e807b283dd8fe5
4e901ebb09fa9903e237ef74d0578bede0331fb3ef264ea7dabf79f894dd9556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51bfed53838c4fc38e50188149988cbd23697cfd7460a2f9d24184ab6ba5f42c
5aec90b0ba239134aaa648aa2316097954bf994f31ecfc8a10a51c355d824691
5b94be0827ea13061b2166f877e66e3474d7fc93e6640b0fca0d9e79a0c6d0f0
6136553018fad65315a05ff8a66c661aa473aed96132cc68ccae35071a7b79e2
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6af913adc82c84119cea606d50435d25e956cc152a8e08b847afe3212f008381
808ad58c39893f458668359af687fc927fed440cf9c61c508f11a3f0c424b41c
827e8ba6d803c31a4bb102d7e88774e586e63b8f19549dcd1f3232b5dce7e772
9a791e13104f953d8c0452845e402c47883f85d24f07e75fd8d47724c87a646b
9d4e56038dcccd960ea62bd2ee6925469001254602dfb54b740f1a1adaf0d7b2
a4848ea89a7964e61e05d3b105bd4fa974f7f81d89a5a02fbc1c1b72c9309562
a8f111484a77d090c6844c64bc61c236d73374e55bc7e3d2854adc1b7598fbf2
a9e19314fbc2d62546accbefbbc7705c60fbf52011ce51ffdf17d5bd1c23964d
b69b681091ce6a0c1acf02c37818645aae947036ba5f5ff306655c54b22e91d5
c22304c0429ca08d4147b588fc987380c6035611b5c369ffd6ed7bd67faa59f3
ca999df5d445344d0393376c470f6de02c146a42c0c170c5e39119da23d49bf9
d64db3530653f3c614e2ef2daa616a5ab601c0cd3201b01f8b7842a0e666cbde
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dc164e1ecbba6f0409597765b3aa4af530c4f9235b6d58c15d94b7479b3442b7
e04eff2017544710257f635fd5667eeac55e4287691fa13dd51d23f073bcbda6
e3b093037c5b94003859b96af6b27c8ba17832cfc8943b7511b905b571e78723
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eefbed9f01bc2777ca74db8f086fd6fd216b93bb6e1b39bfb57f1e6abc8544c6
f341165ebcef74f21c9dce9abbad303abcbd38aecd74da44f12a89e9f8330f8c