wfi55exikstjy1dmgkjnqw-on.drv.tw Open in urlscan Pro
47.89.250.243 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
Submission: On September 07 via manual (September 7th 2020, 11:07:18 am UTC) from IN

Summary HTTP 16 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 16 HTTP transactions. The main IP is 47.89.250.243, located in San Mateo, United States and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN. The main domain is wfi55exikstjy1dmgkjnqw-on.drv.tw.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 6th 2020. Valid for: 3 months.

This is the only time wfi55exikstjy1dmgkjnqw-on.drv.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	47.89.250.243 47.89.250.243	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
9 9	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:818::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
16	6

2 47.89.250.243 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

wfi55exikstjy1dmgkjnqw-on.drv.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
drv.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:821::200e (Frankfurt am Main, Germany) 9 redirects

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

doc-0c-1c-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0k-1c-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

doc-0g-1c-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0o-1c-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0s-1c-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googleusercontent.com doc-0c-1c-docs.googleusercontent.com doc-0g-1c-docs.googleusercontent.com doc-0o-1c-docs.googleusercontent.com doc-0s-1c-docs.googleusercontent.com doc-0k-1c-docs.googleusercontent.com	146 KB
9	google.com 9 redirects drive.google.com	6 KB
3	google-analytics.com www.google-analytics.com	18 KB
2	drv.tw wfi55exikstjy1dmgkjnqw-on.drv.tw drv.tw	4 KB
1	doubleclick.net stats.g.doubleclick.net	100 B
1	googletagmanager.com www.googletagmanager.com	35 KB
16	6

	Domain	Requested by
9	drive.google.com	9 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	doc-0c-1c-docs.googleusercontent.com	wfi55exikstjy1dmgkjnqw-on.drv.tw
2	doc-0s-1c-docs.googleusercontent.com	wfi55exikstjy1dmgkjnqw-on.drv.tw
2	doc-0g-1c-docs.googleusercontent.com	wfi55exikstjy1dmgkjnqw-on.drv.tw
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	drv.tw
1	doc-0k-1c-docs.googleusercontent.com	wfi55exikstjy1dmgkjnqw-on.drv.tw
1	drv.tw	wfi55exikstjy1dmgkjnqw-on.drv.tw
1	doc-0o-1c-docs.googleusercontent.com	wfi55exikstjy1dmgkjnqw-on.drv.tw
1	wfi55exikstjy1dmgkjnqw-on.drv.tw
16	11

This site contains links to these domains. Also see Links.

Domain
bit.ly
www.facebook.com
twitter.com
youtube.com
proxy-connect.com

Subject Issuer	Validity	Valid
*.drv.tw Let's Encrypt Authority X3	`2020-08-06` - `2020-11-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
Frame ID: D8CDE56451C7493C628D7404D8527A85
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

11
Subdomains

6
IPs

3
Countries

203 kB
Transfer

283 kB
Size

4
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://bit.ly/2N0V5xR

Search URL Search Domain Scan URL

URL: https://www.facebook.com/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/
Title:

Search URL Search Domain Scan URL

URL: https://youtube.com/
Title:

Search URL Search Domain Scan URL

URL: https://proxy-connect.com/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://drive.google.com/uc?export=view&id=1Lt3u-HtYnMe3pmpYHnuNyeDVkFKg1AR3 HTTP 302
https://doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/7hbrupgs0chglnekp0hv87b4db34t9b6/1599476775000/00727204398708469894/*/1Lt3u-HtYnMe3pmpYHnuNyeDVkFKg1AR3?e=view

Request Chain 1

https://drive.google.com/uc?export=view&id=1R8tAoHRSclDC4VqZkWxWRiXV4MWkivra HTTP 302
https://doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/aln27bbr5j842bhodkdc5hvbpdv2aelr/1599476775000/00727204398708469894/*/1R8tAoHRSclDC4VqZkWxWRiXV4MWkivra?e=view

Request Chain 2

https://drive.google.com/uc?export=view&id=1boFEvenTtNQFekl-BHHC_nFQfBOMgQ9H HTTP 302
https://doc-0g-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5tn16f8clrb7smt5oi3mgrib178l23fb/1599476775000/00727204398708469894/*/1boFEvenTtNQFekl-BHHC_nFQfBOMgQ9H?e=view

Request Chain 3

https://drive.google.com/uc?export=view&id=1fSlsXV4WnetYoXDMvvbqefMG9ddRbo09 HTTP 302
https://doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/nndeholj7c3ohpbnc4jnhdr1hfosggj0/1599476775000/00727204398708469894/*/1fSlsXV4WnetYoXDMvvbqefMG9ddRbo09?e=view

Request Chain 4

https://drive.google.com/uc?export=view&id=1bNY1PxZyGyEt_btYDsres2Z3DNl6sKa3 HTTP 302
https://doc-0o-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/77tgmcjbpi8gn2kptj037v0ooecdhr5l/1599476775000/00727204398708469894/*/1bNY1PxZyGyEt_btYDsres2Z3DNl6sKa3?e=view

Request Chain 5

https://drive.google.com/uc?export=view&id=1P5IBRk0mMIcTF0rwfz76pA3JDw0PxVhr HTTP 302
https://doc-0g-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/uv9e9lpdp39tpuq02kd09pvnepacqkti/1599476775000/00727204398708469894/*/1P5IBRk0mMIcTF0rwfz76pA3JDw0PxVhr?e=view

Request Chain 6

https://drive.google.com/uc?export=view&id=1WnH6hRZ-Jp0hpnjpDim0ORUzUOkAQA3n HTTP 302
https://doc-0s-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/cie94upst92j74ebn26g6da2hpf4v3s1/1599476775000/00727204398708469894/*/1WnH6hRZ-Jp0hpnjpDim0ORUzUOkAQA3n?e=view

Request Chain 7

https://drive.google.com/uc?export=view&id=1Vg7clOqHcEgIFdj93iHHT-Hp0sYHHq1x HTTP 302
https://doc-0s-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/pskui9cevc38c1m4ampumfnrg19pki02/1599476775000/00727204398708469894/*/1Vg7clOqHcEgIFdj93iHHT-Hp0sYHHq1x?e=view

Request Chain 9

https://drive.google.com/uc?export=view&id=1nuV4ijk5_b-SHVBFtzb2DP5syyH-dh9c HTTP 302
https://doc-0k-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/62t9q0lkf0mvtbf3vc3o8dk6dmf4s24i/1599476775000/00727204398708469894/*/1nuV4ijk5_b-SHVBFtzb2DP5syyH-dh9c?e=view

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/ 10 KB
3 KB 2109ms
1699ms Document
text/html 47.89.250.243
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.89.250.243 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b2441c2b18f72c4da951befb118cab0d9f5b1889c44711100d726a0a99a38833

Request headers

:method: GET
:authority: wfi55exikstjy1dmgkjnqw-on.drv.tw
:scheme: https
:path: /www.mail/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx/1.14.0 (Ubuntu)
date: Mon, 07 Sep 2020 11:06:59 GMT
content-type: text/html
last-modified: Wed, 17 Jun 2020 12:51:12 GMT
cache-control: public, max-age=604800
vary: Accept-Encoding
content-encoding: gzip
x-cache: BYPASS
set-cookie: uid=rBEO6V9WFFN8ED1e32NQAg==; domain=.drv.tw; path=/

GET
H2

200

1Lt3u-HtYnMe3pmpYHnuNyeDVkFKg1AR3
doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/7hbrupgs0chglnekp0hv87b4db34t9b6/1599476775000/00727204398708469894/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1Lt3u-HtYnMe3pmpYHnuNyeDVkFKg1AR3
https://doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/7hbrupgs0chglnekp0hv87b4db34t9b6/1599476775000/00727204398708469894/*/1Lt3u-HtYnMe3pmpYHnuNyeDVkFKg1AR3?e...

612 B
828 B

197ms
197ms

Image
image/png

2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/7hbrupgs0chglnekp0hv87b4db34t9b6/1599476775000/00727204398708469894/*/1Lt3u-HtYnMe3pmpYHnuNyeDVkFKg1AR3?e=view
Requested by: Host: wfi55exikstjy1dmgkjnqw-on.drv.tw
URL: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b30e2b638a4b3dd7ca4d22f625ab22a61823d88b633c93f77ac2769459760730

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:07:00 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
status: 200
x-guploader-uploadid: ABg5-UwCY1nSVADR6f1D_d0ABOvfHswF8eEP9BvXgNhvnAF1PrL-WqLONtkfDM8EhCCa6LlfJgYI--lhrdeQapcQhv_POopUiQ
x-goog-hash: crc32c=ptmW1w==
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="facebook@2x.png";filename*=UTF-8''facebook%402x.png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 612
expires: Mon, 07 Sep 2020 11:07:00 GMT

Redirect headers

date: Mon, 07 Sep 2020 11:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 302
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/7hbrupgs0chglnekp0hv87b4db34t9b6/1599476775000/00727204398708469894/*/1Lt3u-HtYnMe3pmpYHnuNyeDVkFKg1AR3?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-XDlJ19b5PhHJvy08zLk9Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1R8tAoHRSclDC4VqZkWxWRiXV4MWkivra
doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/aln27bbr5j842bhodkdc5hvbpdv2aelr/1599476775000/00727204398708469894/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1R8tAoHRSclDC4VqZkWxWRiXV4MWkivra
https://doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/aln27bbr5j842bhodkdc5hvbpdv2aelr/1599476775000/00727204398708469894/*/1R8tAoHRSclDC4VqZkWxWRiXV4MWkivra?e...

793 B
3 KB

226ms
206ms

Image
image/png

2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/aln27bbr5j842bhodkdc5hvbpdv2aelr/1599476775000/00727204398708469894/*/1R8tAoHRSclDC4VqZkWxWRiXV4MWkivra?e=view
Requested by: Host: wfi55exikstjy1dmgkjnqw-on.drv.tw
URL: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a5df37424c087be28bc59ffe14f2c195f3358e8d9047c5b5f8c55259db98e671

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:07:00 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
status: 200
x-guploader-uploadid: ABg5-UwL1L1NMQmfzuTHoVYSzb7G5ulquC1aY-JJqLtVIWBU5bwtvI0Vk3W1JgRdgkxUCV0fMDp4dmkH5CEk2Nj0njH0JqMoQw
x-goog-hash: crc32c=y4bm8w==
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="twitter@2x.png";filename*=UTF-8''twitter%402x.png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 793
expires: Mon, 07 Sep 2020 11:07:00 GMT

Redirect headers

date: Mon, 07 Sep 2020 11:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 302
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/aln27bbr5j842bhodkdc5hvbpdv2aelr/1599476775000/00727204398708469894/*/1R8tAoHRSclDC4VqZkWxWRiXV4MWkivra?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-fWwECSiFHERTyGxG9dz6Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1boFEvenTtNQFekl-BHHC_nFQfBOMgQ9H
doc-0g-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5tn16f8clrb7smt5oi3mgrib178l23fb/1599476775000/00727204398708469894/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1boFEvenTtNQFekl-BHHC_nFQfBOMgQ9H
https://doc-0g-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5tn16f8clrb7smt5oi3mgrib178l23fb/1599476775000/00727204398708469894/*/1boFEvenTtNQFekl-BHHC_nFQfBOMgQ9H?e...

15 KB
18 KB

200ms
180ms

Image
image/png

2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0g-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5tn16f8clrb7smt5oi3mgrib178l23fb/1599476775000/00727204398708469894/*/1boFEvenTtNQFekl-BHHC_nFQfBOMgQ9H?e=view
Requested by: Host: wfi55exikstjy1dmgkjnqw-on.drv.tw
URL: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6db4c14e67c73c16c8ad5636874d31d4f2a01866fff9506ee71f0e31a105f6f4

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:07:00 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
status: 200
x-guploader-uploadid: ABg5-UynGaSlH5L7sY7_iXsxz54HW5903uUqx6-lmQAfPw99964cTD0ZwUoRqhdepx5T2OQ3cNjHSXjkbW6Z4PYX0K8
x-goog-hash: crc32c=oVP+iA==
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="youtube.png";filename*=UTF-8''youtube.png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15808
expires: Mon, 07 Sep 2020 11:07:00 GMT

Redirect headers

date: Mon, 07 Sep 2020 11:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 302
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://doc-0g-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/5tn16f8clrb7smt5oi3mgrib178l23fb/1599476775000/00727204398708469894/*/1boFEvenTtNQFekl-BHHC_nFQfBOMgQ9H?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-fi7pF0toQZC/ZuPV/6KILg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1fSlsXV4WnetYoXDMvvbqefMG9ddRbo09
doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/nndeholj7c3ohpbnc4jnhdr1hfosggj0/1599476775000/00727204398708469894/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1fSlsXV4WnetYoXDMvvbqefMG9ddRbo09
https://doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/nndeholj7c3ohpbnc4jnhdr1hfosggj0/1599476775000/00727204398708469894/*/1fSlsXV4WnetYoXDMvvbqefMG9ddRbo09?e...

1 KB
2 KB

201ms
201ms

Image
image/png

2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/nndeholj7c3ohpbnc4jnhdr1hfosggj0/1599476775000/00727204398708469894/*/1fSlsXV4WnetYoXDMvvbqefMG9ddRbo09?e=view
Requested by: Host: wfi55exikstjy1dmgkjnqw-on.drv.tw
URL: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8ff7bf8ff21d1859f459b3a7436ef73d2236cf444dea0a6b87081e8e73bda124

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:07:00 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
status: 200
x-guploader-uploadid: ABg5-UybS-QJYs00KHF0DO76oZIA8JNluddCRRu3laydHusnUcNEsw7b8LnGFx0gJIEP07MPxvqkGdg-0AhU9HULtwBAsLegNA
x-goog-hash: crc32c=AnZOgA==
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="offer.png";filename*=UTF-8''offer.png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1459
expires: Mon, 07 Sep 2020 11:07:00 GMT

Redirect headers

date: Mon, 07 Sep 2020 11:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 302
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://doc-0c-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/nndeholj7c3ohpbnc4jnhdr1hfosggj0/1599476775000/00727204398708469894/*/1fSlsXV4WnetYoXDMvvbqefMG9ddRbo09?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-J6n93rCG4vVtoYO9yvmZLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1bNY1PxZyGyEt_btYDsres2Z3DNl6sKa3
doc-0o-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/77tgmcjbpi8gn2kptj037v0ooecdhr5l/1599476775000/00727204398708469894/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1bNY1PxZyGyEt_btYDsres2Z3DNl6sKa3
https://doc-0o-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/77tgmcjbpi8gn2kptj037v0ooecdhr5l/1599476775000/00727204398708469894/*/1bNY1PxZyGyEt_btYDsres2Z3DNl6sKa3?e...

87 KB
87 KB

190ms
189ms

Image
image/gif

2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0o-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/77tgmcjbpi8gn2kptj037v0ooecdhr5l/1599476775000/00727204398708469894/*/1bNY1PxZyGyEt_btYDsres2Z3DNl6sKa3?e=view
Requested by: Host: wfi55exikstjy1dmgkjnqw-on.drv.tw
URL: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 82d7d3e2278a81a225c0517dc221edd6b55e82dbe369e5c91ca8066e25daf6ee

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:07:00 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
status: 200
x-guploader-uploadid: ABg5-UwpmmjW4Cqmw9gE4BlXsOEms4chqmnfy08NPI7tfVpUOpGOWZPR-NGnTy0D8RwA35t_4BoYJEujaPw_DLOMOtw
x-goog-hash: crc32c=ielKig==
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="time.gif";filename*=UTF-8''time.gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89035
expires: Mon, 07 Sep 2020 11:07:00 GMT

Redirect headers

date: Mon, 07 Sep 2020 11:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 302
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://doc-0o-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/77tgmcjbpi8gn2kptj037v0ooecdhr5l/1599476775000/00727204398708469894/*/1bNY1PxZyGyEt_btYDsres2Z3DNl6sKa3?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-I4G4hgprcUwCg4Qy7QXVJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1P5IBRk0mMIcTF0rwfz76pA3JDw0PxVhr
doc-0g-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/uv9e9lpdp39tpuq02kd09pvnepacqkti/1599476775000/00727204398708469894/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1P5IBRk0mMIcTF0rwfz76pA3JDw0PxVhr
https://doc-0g-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/uv9e9lpdp39tpuq02kd09pvnepacqkti/1599476775000/00727204398708469894/*/1P5IBRk0mMIcTF0rwfz76pA3JDw0PxVhr?e...

979 B
1 KB

178ms
178ms

Image
image/png

2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0g-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/uv9e9lpdp39tpuq02kd09pvnepacqkti/1599476775000/00727204398708469894/*/1P5IBRk0mMIcTF0rwfz76pA3JDw0PxVhr?e=view
Requested by: Host: wfi55exikstjy1dmgkjnqw-on.drv.tw
URL: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 520022dae004cbe09afb110a0d68f39cbd0415699c1be61868cf118ee2d404b1

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:07:00 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
status: 200
x-guploader-uploadid: ABg5-UzF_tzBry7vWyLEshMa9A8GKivKI8wudfknfoyoHBMTfRzVekG6cEASB8m66cdte5bAinjWnBWYJD42cUTH87c
x-goog-hash: crc32c=D7qcIQ==
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="limited.png";filename*=UTF-8''limited.png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 979
expires: Mon, 07 Sep 2020 11:07:00 GMT

Redirect headers

date: Mon, 07 Sep 2020 11:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 302
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://doc-0g-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/uv9e9lpdp39tpuq02kd09pvnepacqkti/1599476775000/00727204398708469894/*/1P5IBRk0mMIcTF0rwfz76pA3JDw0PxVhr?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-O7VoWj9xfkMq+qTxFnnRrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1WnH6hRZ-Jp0hpnjpDim0ORUzUOkAQA3n
doc-0s-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/cie94upst92j74ebn26g6da2hpf4v3s1/1599476775000/00727204398708469894/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1WnH6hRZ-Jp0hpnjpDim0ORUzUOkAQA3n
https://doc-0s-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/cie94upst92j74ebn26g6da2hpf4v3s1/1599476775000/00727204398708469894/*/1WnH6hRZ-Jp0hpnjpDim0ORUzUOkAQA3n?e...

2 KB
2 KB

181ms
179ms

Image
image/png

2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0s-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/cie94upst92j74ebn26g6da2hpf4v3s1/1599476775000/00727204398708469894/*/1WnH6hRZ-Jp0hpnjpDim0ORUzUOkAQA3n?e=view
Requested by: Host: wfi55exikstjy1dmgkjnqw-on.drv.tw
URL: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 83ccd4d650ead31fad0d1824e0872b9d1ca5613309d4ebf3ec2818ab60520718

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:07:00 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
status: 200
x-guploader-uploadid: ABg5-UzDXovoFOZ7HLPSgeoyfs48WonjaumDVGYrWxFLyYcc_IIC9GhbjFUe0FY11hfdbCmDWY2rmGQ-jIIxVXtgQaE
x-goog-hash: crc32c=ea2F4A==
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="arrow.png";filename*=UTF-8''arrow.png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2139
expires: Mon, 07 Sep 2020 11:07:00 GMT

Redirect headers

date: Mon, 07 Sep 2020 11:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 302
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://doc-0s-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/cie94upst92j74ebn26g6da2hpf4v3s1/1599476775000/00727204398708469894/*/1WnH6hRZ-Jp0hpnjpDim0ORUzUOkAQA3n?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-utqq6Jb0suqvv2AUzAF7GQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1Vg7clOqHcEgIFdj93iHHT-Hp0sYHHq1x
doc-0s-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/pskui9cevc38c1m4ampumfnrg19pki02/1599476775000/00727204398708469894/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1Vg7clOqHcEgIFdj93iHHT-Hp0sYHHq1x
https://doc-0s-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/pskui9cevc38c1m4ampumfnrg19pki02/1599476775000/00727204398708469894/*/1Vg7clOqHcEgIFdj93iHHT-Hp0sYHHq1x?e...

9 KB
9 KB

175ms
175ms

Image
image/png

2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0s-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/pskui9cevc38c1m4ampumfnrg19pki02/1599476775000/00727204398708469894/*/1Vg7clOqHcEgIFdj93iHHT-Hp0sYHHq1x?e=view
Requested by: Host: wfi55exikstjy1dmgkjnqw-on.drv.tw
URL: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c3f5acd5cf0ed5881f0a2fe7e089ca48039e7bbb577720619c4dd4372eb03552

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:07:00 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
status: 200
x-guploader-uploadid: ABg5-UxQjDHu3uPL8Ntuu8QIfQjYmQNCe7-MVi2slmJVZQq9h_i8wnlmMXBNhKOIrtF8pVe3hA7i9HKZr6xn_1ArdEQ
x-goog-hash: crc32c=4ESIFQ==
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="url4.png";filename*=UTF-8''url4.png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8795
expires: Mon, 07 Sep 2020 11:07:00 GMT

Redirect headers

date: Mon, 07 Sep 2020 11:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 302
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://doc-0s-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/pskui9cevc38c1m4ampumfnrg19pki02/1599476775000/00727204398708469894/*/1Vg7clOqHcEgIFdj93iHHT-Hp0sYHHq1x?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-OhxDRxFtTuIFS/CCrKcpyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wd.js Show response
drv.tw/inc/ 365 B
592 B 169ms
159ms Script
application/javascript 47.89.250.243
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://drv.tw/inc/wd.js
Requested by: Host: wfi55exikstjy1dmgkjnqw-on.drv.tw
URL: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.89.250.243 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 621f59e87c01610c253ac2f9c3f8f7df5f6492c1d2f804088948278849124b33

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:06:59 GMT
last-modified: Thu, 30 Jan 2020 14:10:48 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e32e3e8-16d"
x-cache: BYPASS
content-type: application/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 365
expires: Tue, 08 Sep 2020 11:06:59 GMT

GET
H2

200

1nuV4ijk5_b-SHVBFtzb2DP5syyH-dh9c
doc-0k-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/62t9q0lkf0mvtbf3vc3o8dk6dmf4s24i/1599476775000/00727204398708469894/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1nuV4ijk5_b-SHVBFtzb2DP5syyH-dh9c
https://doc-0k-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/62t9q0lkf0mvtbf3vc3o8dk6dmf4s24i/1599476775000/00727204398708469894/*/1nuV4ijk5_b-SHVBFtzb2DP5syyH-dh9c?e...

23 KB
23 KB

202ms
200ms

Image
image/png

2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0k-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/62t9q0lkf0mvtbf3vc3o8dk6dmf4s24i/1599476775000/00727204398708469894/*/1nuV4ijk5_b-SHVBFtzb2DP5syyH-dh9c?e=view
Requested by: Host: wfi55exikstjy1dmgkjnqw-on.drv.tw
URL: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1b40a10466f3c987aa8dcc0d211ec260b7b7ee3952cd1e0e3dd600cc3e16327a

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:07:00 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
status: 200
x-guploader-uploadid: ABg5-Uwt2AIh683LTdNHQjz7N-quamGqnidLm0-Ya6VgYfC1dHvP4PwRq0YQDb-CE553wYuEs02U13rgjJyV88i1DbwpkKPXTA
x-goog-hash: crc32c=WyBDEA==
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="background.png";filename*=UTF-8''background.png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23827
expires: Mon, 07 Sep 2020 11:07:00 GMT

Redirect headers

date: Mon, 07 Sep 2020 11:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 302
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 315
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://doc-0k-1c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/62t9q0lkf0mvtbf3vc3o8dk6dmf4s24i/1599476775000/00727204398708469894/*/1nuV4ijk5_b-SHVBFtzb2DP5syyH-dh9c?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-v+cOEosTUu9SP81DquuqwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-85417367-1

Requested by

Host: drv.tw
URL: https://drv.tw/inc/wd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea3a046dd16f335c32f9b9c456f83415b4207e522862a32b210402fe2c40bbdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:07:00 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35604
x-xss-protection: 0
last-modified: Mon, 07 Sep 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Sep 2020 11:07:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85417367-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 6680
date: Mon, 07 Sep 2020 09:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Mon, 07 Sep 2020 11:15:40 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
79 B 13ms
12ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1895206603&t=pageview&_s=1&dl=https%3A%2F%2Fwfi55exikstjy1dmgkjnqw-on.drv.tw%2Fwww.mail%2F&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1369677736&gjid=397538670&cid=1610675696.1599476820&tid=UA-85417367-1&_gid=1964381460.1599476820&_r=1&gtm=2ou8q1&z=273288216

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Sep 2020 11:07:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://wfi55exikstjy1dmgkjnqw-on.drv.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
100 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-85417367-1&cid=1610675696.1599476820&jid=1369677736&gjid=397538670&_gid=1964381460.1599476820&_u=IEBAAUAAAAAAAC~&z=1413727524

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Sep 2020 11:07:00 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://wfi55exikstjy1dmgkjnqw-on.drv.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
76 B 6ms
5ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=1895206603&t=timing&_s=2&dl=https%3A%2F%2Fwfi55exikstjy1dmgkjnqw-on.drv.tw%2Fwww.mail%2F&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2831&pdt=0&dns=88&rrt=0&srt=1700&tcp=320&dit=2116&clt=2116&_gst=2334&_gbt=2346&_cst=2289&_cbt=2330&_u=IEBAAUABAAAAAC~&jid=&gjid=&cid=1610675696.1599476820&tid=UA-85417367-1&_gid=1964381460.1599476820&z=345977108

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wfi55exikstjy1dmgkjnqw-on.drv.tw/www.mail/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 03:29:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2273850
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.drv.tw/	1970-01-19 12:17:56	Name: _gat_gtag_UA_85417367_1 Value: 1
.drv.tw/	1970-01-20 05:49:08	Name: _ga Value: GA1.2.1610675696.1599476820
.drv.tw/	1970-01-19 12:19:23	Name: _gid Value: GA1.2.1964381460.1599476820
.drv.tw/	1969-12-31 23:59:59	Name: uid Value: rBEO6V9WFFN8ED1e32NQAg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

doc-0c-1c-docs.googleusercontent.com
doc-0g-1c-docs.googleusercontent.com
doc-0k-1c-docs.googleusercontent.com
doc-0o-1c-docs.googleusercontent.com
doc-0s-1c-docs.googleusercontent.com
drive.google.com
drv.tw
stats.g.doubleclick.net
wfi55exikstjy1dmgkjnqw-on.drv.tw
www.google-analytics.com
www.googletagmanager.com
2a00:1450:4001:801::200e
2a00:1450:4001:802::2001
2a00:1450:4001:818::2001
2a00:1450:4001:81f::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c0c::9d
47.89.250.243
1b40a10466f3c987aa8dcc0d211ec260b7b7ee3952cd1e0e3dd600cc3e16327a
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
520022dae004cbe09afb110a0d68f39cbd0415699c1be61868cf118ee2d404b1
621f59e87c01610c253ac2f9c3f8f7df5f6492c1d2f804088948278849124b33
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db4c14e67c73c16c8ad5636874d31d4f2a01866fff9506ee71f0e31a105f6f4
82d7d3e2278a81a225c0517dc221edd6b55e82dbe369e5c91ca8066e25daf6ee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ccd4d650ead31fad0d1824e0872b9d1ca5613309d4ebf3ec2818ab60520718
8ff7bf8ff21d1859f459b3a7436ef73d2236cf444dea0a6b87081e8e73bda124
a5df37424c087be28bc59ffe14f2c195f3358e8d9047c5b5f8c55259db98e671
b2441c2b18f72c4da951befb118cab0d9f5b1889c44711100d726a0a99a38833
b30e2b638a4b3dd7ca4d22f625ab22a61823d88b633c93f77ac2769459760730
c3f5acd5cf0ed5881f0a2fe7e089ca48039e7bbb577720619c4dd4372eb03552
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ea3a046dd16f335c32f9b9c456f83415b4207e522862a32b210402fe2c40bbdf

wfi55exikstjy1dmgkjnqw-on.drv.tw Open in urlscan Pro 47.89.250.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

86 %IPv6

6 Domains

11 Subdomains

6 IPs

3 Countries

203 kBTransfer

283 kBSize

4 Cookies

5 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

4 Cookies

Indicators

wfi55exikstjy1dmgkjnqw-on.drv.tw Open in urlscan Pro
47.89.250.243 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

11
Subdomains

6
IPs

3
Countries

203 kB
Transfer

283 kB
Size

4
Cookies

16 HTTP transactions
0 data transactions