daltondude.carrd.co Open in urlscan Pro
172.64.147.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://daltondude.carrd.co/
Effective URL:
https://daltondude.carrd.co/
Submission: On November 30 via api (November 30th 2023, 5:50:01 am UTC) from US — Scanned from DE

Summary HTTP 33 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 5 domains to perform 33 HTTP transactions. The main IP is 172.64.147.222, located in United States and belongs to CLOUDFLARENET, US. The main domain is daltondude.carrd.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2023. Valid for: a year.

This is the only time daltondude.carrd.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.40.34 104.18.40.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.147.222 172.64.147.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2011	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:811::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
33	13

1 104.18.40.34 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

daltondude.carrd.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.147.222 (United States)

ASN13335 (CLOUDFLARENET, US)

daltondude.carrd.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200d (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	google.com 3 redirects drive.google.com — Cisco Umbrella Rank: 294 apis.google.com — Cisco Umbrella Rank: 116 play.google.com — Cisco Umbrella Rank: 32 accounts.google.com — Cisco Umbrella Rank: 23 www.google.com — Cisco Umbrella Rank: 2	175 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com ssl.gstatic.com	2 MB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 content.googleapis.com — Cisco Umbrella Rank: 1801	4 KB
4	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 415
3	carrd.co 1 redirects daltondude.carrd.co	50 KB
33	5

	Domain	Requested by
6	www.gstatic.com	drive.google.com www.gstatic.com
4	apis.google.com	www.gstatic.com content.googleapis.com apis.google.com
4	csp.withgoogle.com	daltondude.carrd.co
4	drive.google.com	1 redirects daltondude.carrd.co www.gstatic.com
3	content.googleapis.com	apis.google.com
3	accounts.google.com	2 redirects www.gstatic.com
3	play.google.com	www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com
3	daltondude.carrd.co	1 redirects daltondude.carrd.co
2	fonts.googleapis.com	daltondude.carrd.co drive.google.com
1	www.google.com	accounts.google.com
1	ssl.gstatic.com	www.gstatic.com
33	12

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
carrd.co

Subject Issuer	Validity	Valid
carrd.co Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://daltondude.carrd.co/
Frame ID: D0B2D0FB84B049BBB465F1255D703FDF
Requests: 8 HTTP requests in this frame

Frame: https://drive.google.com/file/d/1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4/preview
Frame ID: EA25CC43F4D7B6D74F0B5018B5206FE9
Requests: 18 HTTP requests in this frame

Frame: https://drive.google.com/auth_warmup?origin=https%3A%2F%2Fdrive.google.com
Frame ID: 014B5B9054906EF03B461357D9BEC3B8
Requests: 1 HTTP requests in this frame

Frame: https://csp.withgoogle.com/csp/docs-tt
Frame ID: EDAE857744C98AFB8BABCA5B4FE2432C
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp0j4_v7cmkREBhWPePMBxc0POWrr1aAMSfLOzPN1JnnM7-HlMfOsA7o_3aqE-lhpJMkPJddoQ&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2096159552%3A1701323397301179&theme=glif
Frame ID: BC10B3AB9FE9043809E06C231D08F556
Requests: 2 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.q86ihocu0HA.O%2Fd%3D1%2Frs%3DAHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ%2Fm%3D__features__
Frame ID: 51FA891C421804C21364CF0C1381C8B7
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DaltonCarrd

Page URL History Show full URLs

http://daltondude.carrd.co/ HTTP 301
https://daltondude.carrd.co/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

33
Requests

100 %
HTTPS

85 %
IPv6

5
Domains

12
Subdomains

13
IPs

3
Countries

2157 kB
Transfer

4680 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCXLycROksFk8uWTcjQ2bM6g
Title: YouTube

Search URL Search Domain Scan URL

URL: https://carrd.co/build?ref=auto
Title: Made with Carrd

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://daltondude.carrd.co/ HTTP 301
https://daltondude.carrd.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://drive.google.com/drivesharing/clientmodel?id=1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4&foreignService=texmex&authuser=0&origin=https%3A%2F%2Fdrive.google.com HTTP 302
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://drive.google.com/drivesharing/clientmodel?id%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://drive.google.com/drivesharing/clientmodel?id%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&passive=1209600&ifkv=ASKXGp0Y1v11zukCWY_PIzWyKApl_Ji99Il_ye6PoFo00PrxSWZul3hFpsVujid--oEgpdFQIj3W7A HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp0j4_v7cmkREBhWPePMBxc0POWrr1aAMSfLOzPN1JnnM7-HlMfOsA7o_3aqE-lhpJMkPJddoQ&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2096159552%3A1701323397301179&theme=glif

33 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
daltondude.carrd.co/
Redirect Chain

http://daltondude.carrd.co/
https://daltondude.carrd.co/

90 KB
17 KB

351ms
332ms

Document
text/html

172.64.147.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://daltondude.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cded50fa8f64dc200d20d808cbabc668d00cf266800fd2c3cd7cc9ab733d621f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 82e0cf58e9a42bfa-FRA
content-encoding: gzip
content-type: text/html
date: Thu, 30 Nov 2023 05:49:56 GMT
expires: Thu, 30 Nov 2023 05:49:56 GMT
last-modified: Fri, 06 Oct 2023 23:57:35 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 82e0cf572a833815-FRA
Cache-Control: max-age=0
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 30 Nov 2023 05:49:55 GMT
Expires: Thu, 30 Nov 2023 05:49:55 GMT
Location: https://daltondude.carrd.co/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=Inter:ital,wght@0,400;0,700;1,400;1,700

Requested by

Host: daltondude.carrd.co
URL: https://daltondude.carrd.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49270c4ac27c54a0b1f1d9572e794ddc51e5a48190f8e395ecd7625e0045a8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daltondude.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 05:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 04:15:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 05:49:56 GMT

GET
H2 200 preview Show response
drive.google.com/file/d/1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4/ Frame EA25 70 KB
21 KB 472ms
437ms Document
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/file/d/1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4/preview

Requested by

Host: daltondude.carrd.co
URL: https://daltondude.carrd.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e24a9325afc281c8ef9ec0077ef9e83ccc68a9f093a5df222ebfbe3f4cea411

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt script-src 'report-sample' 'nonce-Lkfw3S_Apxx7P-41A1AyoQ' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://daltondude.carrd.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt script-src 'report-sample' 'nonce-Lkfw3S_Apxx7P-41A1AyoQ' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/
content-type: text/html; charset=utf-8
date: Thu, 30 Nov 2023 05:49:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: GSE
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, nosnippet
x-xss-protection: 1; mode=block

GET
H2 200 image01.png
daltondude.carrd.co/assets/images/ 32 KB
32 KB 430ms
430ms Image
image/png 172.64.147.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://daltondude.carrd.co/assets/images/image01.png?v=95fcef10
Requested by: Host: daltondude.carrd.co
URL: https://daltondude.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dba81b6708449af1bfbc045706db1044a16dc31a5e20594d02a1767134cb068c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://daltondude.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:49:56 GMT
cf-cache-status: MISS
last-modified: Fri, 06 Oct 2023 23:57:35 GMT
server: cloudflare
etag: "80a2-607150127f358"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 82e0cf5b4c4e2bfa-FRA
content-length: 32930
expires: Thu, 07 Dec 2023 05:49:56 GMT

GET
DATA 200
OK truncated
/ 187 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75e313216824247af9f780c08574caf19bd0a51f26c7c156f77ce863d7825e05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 27 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5357ada465c306dc6a6e8091e0c0c4cbfbde3bc9165c8e3cc32617a3e68504e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 398 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c08b7633ff1e2788efe0eedc4f4b84ffc657385e849e14cb44898098f17b2656

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 397 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Inter:ital,wght@0,400;0,700;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://daltondude.carrd.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 20:04:26 GMT
x-content-type-options: nosniff
age: 207930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Nov 2024 20:04:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EA25 21 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4/preview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 30 Nov 2023 05:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 04:36:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Nov 2023 05:49:56 GMT

GET
H2 200 rs=AO0039vxmpB_l5P_mTg14l7ocD5NRYTJ0Q
www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.QaLwlEC3Pik.L.W.O/am=IAw/d=0/ Frame EA25 2 MB
247 KB 31ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.QaLwlEC3Pik.L.W.O/am=IAw/d=0/rs=AO0039vxmpB_l5P_mTg14l7ocD5NRYTJ0Q

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4/preview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

327eec72bdc52b51eb7312c7b25d990ae41cd1a56d67e31693dcc95dca6b6fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:24:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252401
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 02:23:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 17:24:07 GMT

POST
H2 204 docs-tt
csp.withgoogle.com/csp/ Frame EA25 0
0 48ms
20ms Other
text/html 2a00:1450:4001:812::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/docs-tt
Requested by: Host: daltondude.carrd.co
URL: https://daltondude.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drive.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 m=v,wb Show response
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/ Frame EA25 1 MB
1 MB 37ms
29ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4/preview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c22304c0429ca08d4147b588fc987380c6035611b5c369ffd6ed7bd67faa59f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:27:27 GMT
x-content-type-options: nosniff
age: 541349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1483982
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 21:14:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 23:27:27 GMT

GET
H2 200 rs=AA2YrTvJokvtG8N6jN8YSW2ganpY-9G4eQ Show response
www.gstatic.com/og/_/js/k=og.qtm.en_US.ypE8V67UKTU.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ Frame EA25 111 KB
40 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/js/k=og.qtm.en_US.ypE8V67UKTU.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvJokvtG8N6jN8YSW2ganpY-9G4eQ

Requested by

Host: drive.google.com
URL: https://drive.google.com/file/d/1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4/preview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a66807d5aa36e17e63c97b581be23982242d9da022fe6588f6b2abb8144b4da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 11:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40954
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 02:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 11:00:46 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/ Frame EA25 119 KB
41 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.ypE8V67UKTU.2019.O/rt=j/m=qabr,q_dnp,qapid,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvJokvtG8N6jN8YSW2ganpY-9G4eQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e14a8c1b9a0bb7b7b36cd163d168074b385572518dbe6cbc66115880c701996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 14:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40994
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 21:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 14:07:31 GMT

GET
H3 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ Frame EA25 106 KB
36 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

470ede597522a9674eb6f2e17f888aaf2c9532312dd3f2bf713b01c899a7651a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36885
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:43:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 05:52:42 GMT

GET
H3 200 m=MpJwZc,UUJqVe,sy1v,sy3,sy1w,s39S4,syk,sy1x,pw70Gc Show response
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=0/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/ Frame EA25 11 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=0/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=MpJwZc,UUJqVe,sy1v,sy3,sy1w,s39S4,syk,sy1x,pw70Gc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aec90b0ba239134aaa648aa2316097954bf994f31ecfc8a10a51c355d824691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:43:14 GMT
x-content-type-options: nosniff
age: 47203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11240
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 21:14:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 16:43:14 GMT

GET
H2 200 auth_warmup Show response
drive.google.com/ Frame 014B 0
844 B 126ms
125ms Document
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/auth_warmup?origin=https%3A%2F%2Fdrive.google.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZVJIwMR2MNDMC_A_3_amwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: script-src 'report-sample' 'nonce-ZVJIwMR2MNDMC_A_3_amwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 30 Nov 2023 05:49:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/ Frame EA25 202 KB
69 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60fd18fb14b4861e0baedb5a288a5524763c965608360bef29b4cc0b39da4da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 04:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70861
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 21:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 04:30:05 GMT

POST
H2 200 log Show response
play.google.com/ Frame EA25 131 B
582 B 73ms
44ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Nov 2023 05:49:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drive.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 30 Nov 2023 05:49:57 GMT

POST
H2 204 docs-tt
csp.withgoogle.com/csp/ Frame EDAE 0
0 23ms
23ms Other
text/html 2a00:1450:4001:812::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/docs-tt
Requested by: Host: daltondude.carrd.co
URL: https://daltondude.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3

403

identifier Show response
accounts.google.com/v3/signin/ Frame BC10
Redirect Chain

https://drive.google.com/drivesharing/clientmodel?id=1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4&foreignService=texmex&authuser=0&origin=https%3A%2F%2Fdrive.google.com
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://drive.google.com/drivesharing/clientmodel?id%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%2...
https://accounts.google.com/InteractiveLogin?continue=https://drive.google.com/drivesharing/clientmodel?id%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dht...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3...

2 KB
850 B

28ms
28ms

Document
text/html

2a00:1450:4001:811::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp0j4_v7cmkREBhWPePMBxc0POWrr1aAMSfLOzPN1JnnM7-HlMfOsA7o_3aqE-lhpJMkPJddoQ&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2096159552%3A1701323397301179&theme=glif

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0283054396b8ba69e5e1409b16faefb1a074b0de56430e51bf27e17bad65825

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qLK-cIrqA0-6kBoJnnMK_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qLK-cIrqA0-6kBoJnnMK_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
date: Thu, 30 Nov 2023 05:49:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 475
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport script-src 'report-sample' 'nonce-B-fUn72BgAVDVvGTsxqV0g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=UTF-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
date: Thu, 30 Nov 2023 05:49:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp0j4_v7cmkREBhWPePMBxc0POWrr1aAMSfLOzPN1JnnM7-HlMfOsA7o_3aqE-lhpJMkPJddoQ&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2096159552%3A1701323397301179&theme=glif
pragma: no-cache
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
server: GSE
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 v-sprite54.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame EA25 113 KB
48 KB 41ms
8ms Image
image/svg+xml 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite54.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.QaLwlEC3Pik.L.W.O/am=IAw/d=0/rs=AO0039vxmpB_l5P_mTg14l7ocD5NRYTJ0Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64db3530653f3c614e2ef2daa616a5ab601c0cd3201b01f8b7842a0e666cbde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 14:55:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 485652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49026
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Sat, 23 Nov 2024 14:55:45 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame EA25 33 KB
33 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drive.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 160839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2024 09:09:18 GMT

GET
H3 200 m=CmOog,sy2f,SB123c Show response
www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=0/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/ Frame EA25 12 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=0/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=CmOog,sy2f,SB123c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

827e8ba6d803c31a4bb102d7e88774e586e63b8f19549dcd1f3232b5dce7e772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drive.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:09:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4107
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 21:14:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 08:09:47 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame 51FA 382 B
1 KB 47ms
17ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.q86ihocu0HA.O%2Fd%3D1%2Frs%3DAHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c7e4f592a4adcef765fe765fc586a99eea6b2b0d73da4f333f18084d82205f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-iqEX0yV8r4yAjzL7rCNRyw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 274
content-security-policy: script-src 'nonce-iqEX0yV8r4yAjzL7rCNRyw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 05:49:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 docs-tt
csp.withgoogle.com/csp/ Frame 51FA 0
0 19ms
18ms Other
text/html 2a00:1450:4001:812::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/docs-tt
Requested by: Host: daltondude.carrd.co
URL: https://daltondude.carrd.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

POST
H2 200 log Show response
play.google.com/ Frame EA25 131 B
275 B 40ms
39ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Nov 2023 05:49:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drive.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 30 Nov 2023 05:49:57 GMT

POST
H3 200 uc Show response
drive.google.com/ Frame EA25 390 B
370 B 732ms
731ms XHR
application/json 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/uc?id=1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4&authuser=0&export=download

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61c54e5d20868c3285b9d0dd8e271b9221b8aa7105ffd95ba3a21000e5ee1e26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xNJd4J2HcdNBxWX5ig81dQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
X-Drive-First-Party: DriveViewer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Nov 2023 05:49:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-xNJd4J2HcdNBxWX5ig81dQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://drive.google.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 apiserving
csp.withgoogle.com/csp/ Frame 51FA 0
0 20ms
20ms Other
text/html 2a00:1450:4001:812::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/apiserving
Requested by: Host: daltondude.carrd.co
URL: https://daltondude.carrd.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://content.googleapis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame 51FA 18 KB
7 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.q86ihocu0HA.O%2Fd%3D1%2Frs%3DAHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccc3985e6323c3b984dda3b4fca6f1eb3c0dda9821d72f7bf3de4267c72b54b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 30 Nov 2023 05:49:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7118
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "9fa817d2951cd6fe"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 05:49:57 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/ Frame 51FA 78 KB
27 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df9a73036272bc6608881ae0f033ea819c228da01b8c3035cc1f46fc4c54b0b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 18:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 560267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27949
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 21:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 18:12:10 GMT

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 51FA 0
173 B 137ms
136ms XHR
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.q86ihocu0HA.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://drive.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.q86ihocu0HA.O%2Fd%3D1%2Frs%3DAHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://drive.google.com

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 05:49:57 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame BC10 3 KB
4 KB 44ms
16ms Image
image/png 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp0j4_v7cmkREBhWPePMBxc0POWrr1aAMSfLOzPN1JnnM7-HlMfOsA7o_3aqE-lhpJMkPJddoQ&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2096159552%3A1701323397301179&theme=glif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 05:49:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3170
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 30 Nov 2023 05:49:57 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EA25 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
Origin: https://drive.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 442314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 02:58:03 GMT

POST
H3 200 log Show response
play.google.com/ Frame EA25 131 B
155 B 43ms
43ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-fileview/_/js/k=apps-fileview.v.de.gbAXnoRRhbQ.O/am=IAw/d=1/rs=AO0039tF6J60L6v8d76bN08b9FLktz928A/m=v,wb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://drive.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Nov 2023 05:49:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://drive.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 30 Nov 2023 05:49:57 GMT

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 51FA 0
19 B 129ms
129ms XHR
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k&alt=json

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://drive.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.q86ihocu0HA.O%2Fd%3D1%2Frs%3DAHpOoo9gC2cqySYcBh8kT9LMyuiwdwIYGQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://drive.google.com

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 05:49:58 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| _scrollToTop

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 20:58:54	Name: NID Value: 511=Qyhddw3Yftj9Sxv1qm3r7JEp5QgYQuW9nORVEgLeEVnunH-OgMPPi7Zp-2lo40NSXH8J4gdAlJ48Ozt0dOW5BY13n-K9h4mB9G8D9s_o_tt_IL76JjEv4FYDBwsbuCq8evQhHcwwhpEvtyaibwBcoVKi9V8BXc8wYxP7GxVB39M

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1O5YZLw89V9y77ip1VzU3EkL7OZ3gAGS4%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=ASKXGp0j4_v7cmkREBhWPePMBxc0POWrr1aAMSfLOzPN1JnnM7-HlMfOsA7o_3aqE-lhpJMkPJddoQ&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2096159552%3A1701323397301179&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
content.googleapis.com
csp.withgoogle.com
daltondude.carrd.co
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
play.google.com
ssl.gstatic.com
www.google.com
www.gstatic.com
104.18.40.34
172.64.147.222
2a00:1450:4001:801::200a
2a00:1450:4001:808::200e
2a00:1450:4001:811::200d
2a00:1450:4001:812::2011
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2003
19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011
1e24a9325afc281c8ef9ec0077ef9e83ccc68a9f093a5df222ebfbe3f4cea411
327eec72bdc52b51eb7312c7b25d990ae41cd1a56d67e31693dcc95dca6b6fa2
3e14a8c1b9a0bb7b7b36cd163d168074b385572518dbe6cbc66115880c701996
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
470ede597522a9674eb6f2e17f888aaf2c9532312dd3f2bf713b01c899a7651a
49270c4ac27c54a0b1f1d9572e794ddc51e5a48190f8e395ecd7625e0045a8fe
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5357ada465c306dc6a6e8091e0c0c4cbfbde3bc9165c8e3cc32617a3e68504e4
5aec90b0ba239134aaa648aa2316097954bf994f31ecfc8a10a51c355d824691
5c7e4f592a4adcef765fe765fc586a99eea6b2b0d73da4f333f18084d82205f3
60fd18fb14b4861e0baedb5a288a5524763c965608360bef29b4cc0b39da4da2
61c54e5d20868c3285b9d0dd8e271b9221b8aa7105ffd95ba3a21000e5ee1e26
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
75e313216824247af9f780c08574caf19bd0a51f26c7c156f77ce863d7825e05
827e8ba6d803c31a4bb102d7e88774e586e63b8f19549dcd1f3232b5dce7e772
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
a66807d5aa36e17e63c97b581be23982242d9da022fe6588f6b2abb8144b4da7
c08b7633ff1e2788efe0eedc4f4b84ffc657385e849e14cb44898098f17b2656
c22304c0429ca08d4147b588fc987380c6035611b5c369ffd6ed7bd67faa59f3
cded50fa8f64dc200d20d808cbabc668d00cf266800fd2c3cd7cc9ab733d621f
d64db3530653f3c614e2ef2daa616a5ab601c0cd3201b01f8b7842a0e666cbde
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
dba81b6708449af1bfbc045706db1044a16dc31a5e20594d02a1767134cb068c
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
df9a73036272bc6608881ae0f033ea819c228da01b8c3035cc1f46fc4c54b0b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eccc3985e6323c3b984dda3b4fca6f1eb3c0dda9821d72f7bf3de4267c72b54b
f0283054396b8ba69e5e1409b16faefb1a074b0de56430e51bf27e17bad65825

daltondude.carrd.co Open in urlscan Pro 172.64.147.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

85 %IPv6

5 Domains

12 Subdomains

13 IPs

3 Countries

2157 kBTransfer

4680 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

daltondude.carrd.co Open in urlscan Pro
172.64.147.222 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

85 %
IPv6

5
Domains

12
Subdomains

13
IPs

3
Countries

2157 kB
Transfer

4680 kB
Size

1
Cookies

33 HTTP transactions
4 data transactions