userscloud.com Open in urlscan Pro
2606:4700:3034::ac43:cf69 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://userscloud.com/n9nlzod50kdl
Submission: On February 13 via manual (February 13th 2022, 9:55:48 am UTC) from US — Scanned from IT

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 65 HTTP transactions. The main IP is 2606:4700:3034::ac43:cf69, located in United States and belongs to CLOUDFLARENET, US. The main domain is userscloud.com. The Cisco Umbrella rank of the primary domain is 499158.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2021. Valid for: a year.

This is the only time userscloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3034::ac43:cf69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
3	2606:4700:303... 2606:4700:3030::ac43:dadd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	13.32.43.68 13.32.43.68	16509 (AMAZON-02) (AMAZON-02)
5	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::200d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:224... 2600:9000:2240:6800:4:3d6c:3800:21	16509 (AMAZON-02) (AMAZON-02)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.197.190 139.45.197.190	9002 (RETN-AS) (RETN-AS)
65	18

13 2606:4700:3034::ac43:cf69 (United States)

ASN13335 (CLOUDFLARENET, US)

userscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

betotodilea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.43.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-43-68.hel50.r.cloudfront.net

kankingwith.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

ableaborah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2240:6800:4:3d6c:3800:21 (United States)

ASN16509 (AMAZON-02, US)

dmz3nd5oywtsw.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.190 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	google.com docs.google.com — Cisco Umbrella Rank: 106 apis.google.com — Cisco Umbrella Rank: 86 accounts.google.com — Cisco Umbrella Rank: 62	598 KB
13	userscloud.com userscloud.com — Cisco Umbrella Rank: 499158	306 KB
7	kankingwith.com kankingwith.com	8 KB
5	ableaborah.com ableaborah.com	2 KB
3	cloudfront.net dmz3nd5oywtsw.cloudfront.net	2 KB
3	freychang.fun freychang.fun — Cisco Umbrella Rank: 24286	1 KB
3	betotodilea.com betotodilea.com — Cisco Umbrella Rank: 74745	32 KB
3	googleapis.com content.googleapis.com — Cisco Umbrella Rank: 1291	1 KB
3	gstatic.com www.gstatic.com ssl.gstatic.com	455 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	cdnativepush.com static.cdnativepush.com — Cisco Umbrella Rank: 17602	5 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10281	543 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	36 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1184	5 KB
65	15

	Domain	Requested by
13	userscloud.com	userscloud.com static.cloudflareinsights.com
9	docs.google.com	userscloud.com docs.google.com www.gstatic.com
7	kankingwith.com	userscloud.com
5	ableaborah.com	userscloud.com
4	apis.google.com	docs.google.com apis.google.com content.googleapis.com
3	dmz3nd5oywtsw.cloudfront.net	kankingwith.com
3	freychang.fun	userscloud.com
3	betotodilea.com	userscloud.com betotodilea.com
3	content.googleapis.com	apis.google.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	accounts.google.com
2	www.gstatic.com	docs.google.com
1	static.cdnativepush.com
1	my.rtmark.net	betotodilea.com
1	www.facebook.com
1	ssl.gstatic.com	www.gstatic.com
1	www.googletagmanager.com	userscloud.com
1	static.cloudflareinsights.com	userscloud.com
65	18

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
betotodilea.com R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
kankingwith.com Amazon	`2022-01-23` - `2023-02-21`	a year	crt.sh
*.ableaborah.com E1	`2022-01-23` - `2022-04-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-22` - `2022-02-20`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
cdnativepush.com R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://userscloud.com/n9nlzod50kdl
Frame ID: 8DA42082DF6F9142D9772647FCEE21C7
Requests: 36 HTTP requests in this frame

Frame: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true
Frame ID: 74BA59D0624519070CD48260D1EBEB37
Requests: 18 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.it.m-SQ2eqwSwE.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOoNWTgkO34LjHjpvgWIq4kA2C63w%2Fm%3D__features__
Frame ID: 37629155F999BB33158626129D2F3940
Requests: 5 HTTP requests in this frame

Frame: https://kankingwith.com/OXd5YWRYFRoMW1hKG0cRSxtERFZ/UksnAFQNSg8ADBgAFhBKAFcCCFYCHQcWVhkNTwpcA1xTInsTIQ0ydj8eNiJTAxwzE3wmNDAydiUsDQl6MgE1IUAtIScDbzI2NlBJMT0WHmwAPyIweD4cJSUBExggDFwwKwZTYUcvNSx9AxszMWsRNycTWCQ8UB5tNh4AIVQfHSI1cDo0UVR0PytRXHEQSTQ2fR8hIAxOITY3CF0lA1gDfxwRMDcLIiglHE4vNDcHaTUVGQp6NSAjPH4UMDIxby8jM1V1OUgZCno2QQIiCzo0OTFgQBogFHAzLFgMfCFIKTdtWisoJ3scGigICRYxCSVRPywOHm0wIDEyUi0pAiVJPiEzLQAjOzQ+YTAdVjxsEzMuMnwjPCccVzQ7WTV+HUw5MW81NTsySiY7GT0NLy9QLGlFSSMyUiEhODVNNi0nAFA0FVAsaiQjOyxRJjUxJgg8NFEcVDNIOyNtRDcvNmhRExILVwdEDTJoFjwHD0BATDY
Frame ID: 51628A403B381A280F39AF48682BB5E5
Requests: 2 HTTP requests in this frame

Frame: https://kankingwith.com/NXA0c1dUElceaFRNVlUiRxwJVmVzVQY1M1gKBx0zAB9NBCNGBxoQO1oFUBUlWh5AXTlQBBFBEWwVchcGbydfERhxRHAlMEJVBjEZcxhRIBAMF2E1I1AgZz4cdwdcAh9mF1sjBQ0RdgoGBj91Ji9+NQAYGQU9UDI9ewRiJm9gPl5HFGM2AAoHUiphIA9wCHUiI3MpByoFciJXSzVkMW03LnxCcTFnZD1OHxN9MlgCB2QfYDYDRkh2Ni9+NWMlG2ImBR8OcEBRNgNeQHcbY3kTWTkBdwdMCg5ZJm0gH1kXZTU4AxNZOQF9GHFGDVk2eSAvY0FiQjx0KWNeBXgkcQM5eCJhKRFxOVoyFkYkZBoFdCdORj5sQX47BAc2BSVmWSFkNzBnMnYhLmwZbj4EWBMMNxZ8FFceHWM0XENnegdEMg9iJlMxMHA7ezdndCRxHAVUNkw7BH0cXyU7czJRJDNtJHEDOXwHZSMQZiUBIhFGVQYxDlg+ZyFnQRhQGxVgVl4AOFsACT4adDV8OTV4P1smA3RGRxQ
Frame ID: 00685F41974CC497F3C33BCFAAC628B2
Requests: 2 HTTP requests in this frame

Frame: https://kankingwith.com/VExzc1g1LhAeZzVxEVUtJiBOVmoSaUE1PDk2QB08YSMKBCwnO10QNDs5FxUqOyIHXTYxOFZBHjsVJkdsMH0yMBECFSERIAEiKzYoOxk7FBoFCz07EhE/KiMwEjYSGxVxfjU4DCQoMjdgAColIjEwJCZDABE8FCEhHhY0Jzw3LTVDAhl9C1ZqEgQbKmgVfz4+DQcdIToOGgc9IRlhGCE2NBIfKRAQOhUmPy8BLSMLKzoaMQAgBgQLVmoWHR1GCjU7Azs9FhUdJTAZaUE1Hj58FyEPFRw8G2kSFTUxfWYONRg8ZRkUBDwGGzIkEmUWMSkdBnUWHxI9GScqFwV/HzY+FWEUJBEWCRorCRV9MgoOBg1AJQwXDUI2AmR1Sjc0HiUmJAIABAoiFR0kQjUdZB5LMBoneTAaKzAeJDIfH30AEAhkJAEwMzc2MCcgDAsZJR0yBEYjOQF1VkEaEic9GQ8MLyQiHx4JFTI/EQEiEC4HJEZCDSMrPSEfMBwVIm0GBiUEfj4/HB0oaR4XHBAgKQQcKmcgJg
Frame ID: 89112AFB4AA37F04B6DBDEF7364A0225
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Userscloud

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

95 %
HTTPS

76 %
IPv6

15
Domains

18
Subdomains

18
IPs

3
Countries

1473 kB
Transfer

3795 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request n9nlzod50kdl Show response
userscloud.com/ 456 KB
155 KB 329ms
275ms Document
text/html 2606:4700:3034::ac43:cf69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/n9nlzod50kdl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d69a27fc4f9311f05e8160c76f1cad6fa41497b82d0239eeea61518659ee64b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sat, 12 Feb 2022 09:55:44 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25K6%2FvqY1sSkn26sxEfcDqThZDwwP38P00zmbYQWe1rjwvRnh9lqNVi8Ro4WN6Y04rIE%2F8MULYjzUGRHhRszkQ9xuBzpSpfvT3IKuONYY%2FQ%2FhkSqnTbn%2FXw5WXxYIKjkavzg%2By8LO8Wk9%2FYQ7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6dcd2ec93bfcd618-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.min.css
userscloud.com/uc/vendor/ 23 KB
6 KB 41ms
40ms Stylesheet
text/css 2606:4700:3034::ac43:cf69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/n9nlzod50kdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 943920
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:50:50 GMT
server: cloudflare
etag: W/"5ff0965a-5c79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaoX0PvoAMeRzWKMQWTDDDLYo3qTH2M7qg%2B75q56SAimH%2B0AKNgJxWv%2BAg6H8MKFOPwy%2F5HjdChu27pbvfAd1H0x1b2svqgummiU%2B%2BWQNxyddAI0lfF9GV%2BSspMYdDEI8Ds3%2Fu7q%2BrIUPE7Wrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 6dcd2ecb1e96d618-MXP
access-control-allow-headers: X-Requested-With
expires: Fri, 04 Mar 2022 11:43:44 GMT

GET
H2 200 bootstrap.css
userscloud.com/css/vendor/ 110 KB
20 KB 32ms
31ms Stylesheet
text/css 2606:4700:3034::ac43:cf69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/vendor/bootstrap.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/n9nlzod50kdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 802522
cf-polished: origSize=113031
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 May 2017 15:12:22 GMT
server: cloudflare
etag: W/"591db9d6-1b987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWwHIkt%2FnfwZI%2FziBjs2sPFxieevhe3R6QekdnGfPtPDItM22R%2FC7Inkpdhi85WwO4qgCKAt7FyhrxZ2phr9P0%2FpD2pK86mRx0%2FmIsQJYn8gLFwKQld4WaxVa4cO%2B6jlde8%2Bgryf0o7yxOOn2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Sun, 06 Mar 2022 03:00:22 GMT
cache-control: max-age=2592000
cf-ray: 6dcd2ecb1e98d618-MXP
access-control-allow-headers: X-Requested-With
cf-bgj: minify

GET
H2 200 essentials.css
userscloud.com/css/app/ 46 KB
8 KB 42ms
41ms Stylesheet
text/css 2606:4700:3034::ac43:cf69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/essentials.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/n9nlzod50kdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 943920
cf-polished: origSize=47095
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 May 2017 15:13:10 GMT
server: cloudflare
etag: W/"591dba06-b7f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cehnM8teXMN0mM1czWW2%2FXmLcNidt%2FFh1h87w78%2BfaJJiA2vST52lOS3KR9oSuxiDWFZC7KJUBsRnyDDdPYNLRkTOQemlF3gsGTQl%2BWadEEmzaZgj6wThtz8IqAPcjNNKf%2FR9Is93fV09QykQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Fri, 04 Mar 2022 11:43:44 GMT
cache-control: max-age=2592000
cf-ray: 6dcd2ecb1e9cd618-MXP
access-control-allow-headers: X-Requested-With
cf-bgj: minify

GET
H2 200 layout.min.css
userscloud.com/css/app/ 6 KB
2 KB 41ms
41ms Stylesheet
text/css 2606:4700:3034::ac43:cf69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/layout.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/n9nlzod50kdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2373560
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:52:04 GMT
server: cloudflare
etag: W/"5ff096a4-17d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8fn803aXMwL%2FfKpAWcfIVRPcYQFpxGsFUjwQu%2BKqMh4WdtYoFrQoE199ZbT%2FgBwW6j64%2BXwbz3PQrG7D9HrWPkGuLXX6XOmbwROyIVyiOWhU7j%2B1P0rD86Vhs0sBmnasY858uXw8Uswanb2bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 6dcd2ecb1e9fd618-MXP
access-control-allow-headers: X-Requested-With
expires: Tue, 15 Feb 2022 22:36:24 GMT

GET
H2 200 navbar.css
userscloud.com/css/app/ 21 KB
4 KB 34ms
34ms Stylesheet
text/css 2606:4700:3034::ac43:cf69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/navbar.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/n9nlzod50kdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 910239
cf-polished: origSize=21572
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 May 2017 15:14:54 GMT
server: cloudflare
etag: W/"591dba6e-5444"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKZM1bvVDTfj9hg7Sc1WTHpQr7dshY8UGzvwlnf3P0AtlhqfFxTqock%2BxGdkwoyopoNIJlOIfHTSklDF7Mya%2FpOz7I4bZxfdSdzuodvAh0Qhj%2FnuWkaqQUsHmB4bJPyoWsm7cZ7UcoGN9vtzXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Fri, 04 Mar 2022 21:05:05 GMT
cache-control: max-age=2592000
cf-ray: 6dcd2ecb1ea1d618-MXP
access-control-allow-headers: X-Requested-With
cf-bgj: minify

GET
H3 200 logo_s.jpg
userscloud.com/images/ 2 KB
2 KB 59ms
59ms Image
image/jpeg 2606:4700:3034::ac43:cf69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://userscloud.com/images/logo_s.jpg
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/n9nlzod50kdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
access-control-allow-methods: GET,POST,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 944005
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1624
last-modified: Thu, 17 Dec 2020 16:14:49 GMT
server: cloudflare
etag: "5fdb83f9-658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FKjEDCLeoWmjok7aysrDlnAU7thDYnsWa3KdAYZ2avHUv1RcUiC%2BK5qGJJAQnMA%2FUSesMpgNM4fy3F8x1CFCEudQny29L5jnR0oPU0btd9ZB1JU%2FNq5IKC9TnTnYKG9f8tZuh%2FTOLY6HRwnLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6dcd2ecbfd8f59bf-MXP
access-control-allow-headers: X-Requested-With
expires: Fri, 04 Mar 2022 11:42:19 GMT

GET
H3 200 rocket-loader.min.js Show response
userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 56ms
56ms Script
application/javascript 2606:4700:3034::ac43:cf69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/n9nlzod50kdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 11 Feb 2022 20:14:10 GMT
server: cloudflare
etag: W/"6206c392-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBUO%2B5kY9mUav38CVKXINp%2FwNcR0D2JEH1KKtlmCxNVvN3HGUHWsPCi5q8n8ZP4x0Ccq0hLFVoAlGHDvzwWH0UrZMWl7yoDfiV2BdzuTJWismsD3RhYFrIPBK6zHvJDDgt%2FYlZhpvdBEJb90Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dcd2ecbfd9359bf-MXP
vary: Accept-Encoding
expires: Tue, 15 Feb 2022 09:55:44 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 97ms
60ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://userscloud.com/
Origin: https://userscloud.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6dcd2ecc3fe7839a-MXP

GET
H2 200 gview Show response
docs.google.com/ Frame 74BA 9 KB
4 KB 462ms
366ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true

Requested by

Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

119ebfe1db6c41d203f26dc4ff627566acc34feaec13ea8b11de576955c56259

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O1RyKbB755wUoBY88D0tww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 13 Feb 2022 09:55:45 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"coop_gse_4dupqu","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_4dupqu"}]}
content-security-policy: script-src 'report-sample' 'nonce-O1RyKbB755wUoBY88D0tww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_4dupqu"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 fontawesome-webfont.woff2
userscloud.com/uc/fonts/ 55 KB
56 KB 51ms
51ms Font
font/woff2 2606:4700:3034::ac43:cf69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: userscloud.com
URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://userscloud.com/uc/vendor/font-awesome.min.css
Origin: https://userscloud.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
access-control-allow-methods: GET,POST,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 942678
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56780
last-modified: Mon, 14 Dec 2020 20:14:38 GMT
server: cloudflare
etag: "5fd7c7ae-ddcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsVDO9tnnk%2FXTtLGGBkpFYFBha4gpxDu25arl9LUrtzVXQArq%2FOd2WYw9n8IrkHqYtkhsnd5TIVgWPg2cFHNIYFwCrz0B3Cg3tEzmjJH2lylf9nQawKcd34jsGLZVvD7s0NbpvQY9R%2F1DQVXWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6dcd2ecc0da559bf-MXP
access-control-allow-headers: X-Requested-With
expires: Fri, 04 Mar 2022 12:04:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 117ms
46ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-70768172-1

Requested by

Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf27b6787c70d8bffc972f49b110ec0fa311c1c2b20b74560c39a23aa49a0fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36177
x-xss-protection: 0
last-modified: Sun, 13 Feb 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Feb 2022 09:55:44 GMT

GET
H3 200 bootstrap.js Show response
userscloud.com/ 35 KB
10 KB 28ms
28ms Script
application/javascript 2606:4700:3034::ac43:cf69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/bootstrap.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/n9nlzod50kdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4551
cf-polished: origSize=35778
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Dec 2020 13:26:43 GMT
server: cloudflare
etag: W/"8bc2-5b75dfde473c8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHg9mpsj%2FH7L7KTHk8F1agDQpr96E0qWJOKNcpS0ZF6pbcCqCJDSk6Bh0wN6TdzZcl4RMY%2FsoujK7%2FrtLcb1vtMLLIvZJap5QmAbKO%2FPqL8TsIGTMpqJ%2B8h%2BrBKjoGVEAM2kBuKgS1%2Fe0M8kYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=259200
cf-ray: 6dcd2ecc5e7859bf-MXP
access-control-allow-headers: X-Requested-With
cf-bgj: minify

GET
H3 200 de.min.js Show response
userscloud.com/js/ 10 KB
5 KB 29ms
29ms Script
application/javascript 2606:4700:3034::ac43:cf69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/js/de.min.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8569183d1991ecf478ff3e85136203c369fce082ae8b6b627724afbbc199a1dd

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/n9nlzod50kdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1195199
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 30 Jan 2022 13:53:27 GMT
server: cloudflare
etag: W/"61f69857-2996"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8J7mjqTqxVIcrHl2qlS5ISixpNHXVBl7PBhhnQqnvfp8yLbiRIabGIrBBOD%2BG%2FY0Xkg%2F1%2Bu6%2FomwUGF8%2BG%2BidnKeX2f7DbDA9O5WdkiOXTf97VR8jBb2lCjXf7x8XL%2FwLRhA%2FsLuN2mRXnXPAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 6dcd2ecc5e7c59bf-MXP
access-control-allow-headers: X-Requested-With
expires: Tue, 01 Mar 2022 13:55:45 GMT

GET
H3 200 jquery.min.js Show response
userscloud.com/assets/library/jquery/ 91 KB
34 KB 32ms
32ms Script
application/javascript 2606:4700:3034::ac43:cf69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/library/jquery/jquery.min.js?v=v2.0.0-rc8&sv=v0.0.1.2
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/n9nlzod50kdl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 942902
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 May 2014 12:12:31 GMT
server: cloudflare
etag: W/"5381de2f-16b88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch31DGcAjBe%2B5E9sSv90RiHwzVcCFAQDsiKy1rxBDAsMxpopGP2lAhG4VkXnV01HBQPUyHBqWPtHpsIsFFLz2%2FHAphpIH%2B513GArN7LBDLtg6%2Feg%2F9XAIsFCuLNJEcQkhR%2FVeGHc3bAJ%2FCl%2FHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 6dcd2ecc5e7d59bf-MXP
access-control-allow-headers: X-Requested-With
expires: Fri, 04 Mar 2022 12:00:42 GMT

GET
H2 200 rs=AC2dHML2x2ZLd1iEqEiY71qpA67h3JBBbw
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.Emd-zP4XDOo.L.W.O/d=0/ Frame 74BA 171 KB
26 KB 89ms
30ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.Emd-zP4XDOo.L.W.O/d=0/rs=AC2dHML2x2ZLd1iEqEiY71qpA67h3JBBbw

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

684c8c3c969c2c7f77194589187339ede415ee646c14da213a8d15280d3899ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26352
x-xss-protection: 0
last-modified: Fri, 04 Feb 2022 20:07:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 16:58:59 GMT

GET
H3 200 thumb
docs.google.com/viewerng/ Frame 74BA 111 KB
111 KB 149ms
116ms Image
image/png 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.google.com/viewerng/thumb?ds=AON1mFwuJQIdjdvJ1m66VmWLelFHe3txNYjKMXw_rtJ8M4G0CmfLx7o_iAbXHBpX4zS3voBgtoHsy8gnVMxWVduk0TB9QzsBtJWgFURCNZac4P4Fa5wVhV6Ku9YRguDQAEM9ar6141yKb_gMurlxmCzax5G0uP_fJmbzObVUkGLBTvYE-3tjrrIpzxRm2gFGdLvUh3PlGWfDx4JvjpSQrtfWAC4kr_L7ZGWsnC-kkstxRkbMKD_44lPdmLxZgNzwW2twBedH2chwFD5TMTSuoPExE4y-byctYTuHqjsYI7_jXl2rUE0AYUNEE9H1O0DQ3P8T0l5n4hyntHlLLRfFwbVKn7OmcIzAiD3Y29C9FiGAp-PQfFEVSzA%3D&ck=lantern&authuser&w=800&webp=true&p=proj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aade0ab34ba16a468c0078cc8e15a68ddf6fb07fca913c1bccb5bb27ccdab20c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DfWYl4aFTgRs/Vn5vWJzeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:45 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_4dupqu","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_4dupqu"}]}
content-type: image/png
cache-control: private, max-age=300
content-security-policy: script-src 'report-sample' 'nonce-DfWYl4aFTgRs/Vn5vWJzeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_4dupqu"
expires: Sun, 13 Feb 2022 09:55:45 GMT

GET
H2 200 m=main Show response
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.it.GfFWzTi54ow.O/d=1/rs=AC2dHMIS7fPVwP2CymE9CMM3lG7wvVbBcw/ Frame 74BA 1 MB
382 KB 115ms
57ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.it.GfFWzTi54ow.O/d=1/rs=AC2dHMIS7fPVwP2CymE9CMM3lG7wvVbBcw/m=main

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54107a714124e4159cce9d1e4384ab70ceabce7386d276f8c2e06a7d6d77eb47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 21:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 390400
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 18:10:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 21:34:24 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ Frame 74BA 13 KB
5 KB 72ms
58ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c49e8edb2b8f2f69c4e3d98dd32a54e1fdac432fca077f72b8efc68641cb38ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CJO/DGeCZ83cf0veo229Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
etag: "9eb27ea29549c115208c5b58903ac981"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-CJO/DGeCZ83cf0veo229Hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 13 Feb 2022 09:55:45 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.it.m-SQ2eqwSwE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOoNWTgkO34LjHjpvgWIq4kA2C63w/ Frame 74BA 311 KB
105 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.it.m-SQ2eqwSwE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOoNWTgkO34LjHjpvgWIq4kA2C63w/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aae8a5e3cb5bde1567da4b3cd7a7d678bd2ac892ab9e7fe75729e5af729fa238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 07:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107952
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 07:15:18 GMT

GET
H2 200 v-sprite42.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 74BA 106 KB
47 KB 132ms
38ms Image
image/svg+xml 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite42.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.Emd-zP4XDOo.L.W.O/d=0/rs=AC2dHML2x2ZLd1iEqEiY71qpA67h3JBBbw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a8840865325d1dbef15dddcbafbb235e13165d74c5761a000dc909823a97d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 11:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 427046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47261
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 17:48:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Wed, 08 Feb 2023 11:18:19 GMT

GET
H3 200 meta Show response
docs.google.com/viewerng/ Frame 74BA 36 B
84 B 55ms
54ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/meta?id=ACFrOgALbfpHJ_fVT0SKdJwFN8mftlPRwR7rWjO0lAv3QxfoC1olo1fixos1Mqj20ihP9Brun4L83jEBrlJxysvT2uemIXO2Ur5CiA_gw3CDXPefsbcukuAvusAN_k4olbIvsgSHgbUyl8s_3NCs

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.it.GfFWzTi54ow.O/d=1/rs=AC2dHMIS7fPVwP2CymE9CMM3lG7wvVbBcw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9cdb1df81f2a59e5d17fb6d2a85405dffa16bc062c06a6d97f1f544a31767e1e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VCtlAyebbqT3Tgn73TNxcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-VCtlAyebbqT3Tgn73TNxcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
date: Sun, 13 Feb 2022 09:55:45 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_4dupqu","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_4dupqu"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_4dupqu"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame 3762 382 B
1 KB 129ms
44ms Document
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.it.m-SQ2eqwSwE.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOoNWTgkO34LjHjpvgWIq4kA2C63w%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.it.m-SQ2eqwSwE.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOoNWTgkO34LjHjpvgWIq4kA2C63w/cb=gapi.loaded_0?le=oz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76dd31b4e186eeae88fe598df0d656fa340948916cd0875121298f8603aacd0c

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-5Hz3KJ4N4l2-89M7WPHdUA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://docs.google.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-5Hz3KJ4N4l2-89M7WPHdUA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 276
date: Sun, 13 Feb 2022 09:55:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Fri, 17 Jul 2020 22:45:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 74BA 111 KB
111 KB 153ms
153ms XHR
image/png 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/img?id=ACFrOgALbfpHJ_fVT0SKdJwFN8mftlPRwR7rWjO0lAv3QxfoC1olo1fixos1Mqj20ihP9Brun4L83jEBrlJxysvT2uemIXO2Ur5CiA_gw3CDXPefsbcukuAvusAN_k4olbIvsgSHgbUyl8s_3NCs&page=0&w=800&webp=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.it.GfFWzTi54ow.O/d=1/rs=AC2dHMIS7fPVwP2CymE9CMM3lG7wvVbBcw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aade0ab34ba16a468c0078cc8e15a68ddf6fb07fca913c1bccb5bb27ccdab20c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qLe6EuCg8Jo9lamDqNKO0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 09:55:45 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_4dupqu","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_4dupqu"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-qLe6EuCg8Jo9lamDqNKO0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_4dupqu"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 74BA 17 KB
5 KB 61ms
60ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/presspage?id=ACFrOgALbfpHJ_fVT0SKdJwFN8mftlPRwR7rWjO0lAv3QxfoC1olo1fixos1Mqj20ihP9Brun4L83jEBrlJxysvT2uemIXO2Ur5CiA_gw3CDXPefsbcukuAvusAN_k4olbIvsgSHgbUyl8s_3NCs&page=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.it.GfFWzTi54ow.O/d=1/rs=AC2dHMIS7fPVwP2CymE9CMM3lG7wvVbBcw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aed78cd0409dacb02d4869c89d40412692997adb20aa28a798c2c1e92c433a2d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n5/SrXNVZtFGG5/D+Qz9xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_4dupqu","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_4dupqu"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-n5/SrXNVZtFGG5/D+Qz9xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_4dupqu"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 74BA 110 KB
110 KB 109ms
109ms XHR
image/png 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.it.GfFWzTi54ow.O/d=1/rs=AC2dHMIS7fPVwP2CymE9CMM3lG7wvVbBcw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6df1bd40f25e6ffd21291ed1a4d396402c6feb31aded5ec2c37592b27e10d1c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R9XhQJmtrdSZF4SJcH1bYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 09:55:45 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_4dupqu","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_4dupqu"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-R9XhQJmtrdSZF4SJcH1bYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_4dupqu"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 74BA 17 KB
5 KB 111ms
110ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.it.GfFWzTi54ow.O/d=1/rs=AC2dHMIS7fPVwP2CymE9CMM3lG7wvVbBcw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

893d7795ecf4d1f9e2c59205a3f46635cc2615e995d14a3853921725711dc195

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JGHeFqIt15bKfvEL2IeaCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-JGHeFqIt15bKfvEL2IeaCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
date: Sun, 13 Feb 2022 09:55:45 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_4dupqu","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_4dupqu"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_4dupqu"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 74BA 107 KB
107 KB 104ms
104ms XHR
image/png 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.it.GfFWzTi54ow.O/d=1/rs=AC2dHMIS7fPVwP2CymE9CMM3lG7wvVbBcw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be21e429ef639f5aefa5ffb58635001d4bb6ccfe11f80fcb87af04a3008554c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PZJdx7fH5iU6Dd6zl4L0OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 09:55:45 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_4dupqu","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_4dupqu"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-PZJdx7fH5iU6Dd6zl4L0OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_4dupqu"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 74BA 17 KB
5 KB 114ms
114ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.it.GfFWzTi54ow.O/d=1/rs=AC2dHMIS7fPVwP2CymE9CMM3lG7wvVbBcw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf0596b1076233fa6f94df48fa9cb58f625fd8bcc701622665b3781afec6b93f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pMmeERHAxIpTxl3sL8abbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_4dupqu","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_4dupqu"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-pMmeERHAxIpTxl3sL8abbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_4dupqu"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 74BA 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame 3762 13 KB
5 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.it.m-SQ2eqwSwE.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOoNWTgkO34LjHjpvgWIq4kA2C63w%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb73b7ef2dcfa9d21fe47f6541fb4ca337a5e47857dbc8a5d47e3c7c7d0f27aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EIfR5MRqoio4KYMSCH1FJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
etag: "33b2f128d1d89827d2fac54ace98dfaa"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-EIfR5MRqoio4KYMSCH1FJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 13 Feb 2022 09:55:45 GMT

GET
BLOB 200
OK 0bff7126-d8fc-4d0e-b20c-fb41b498ba55
https://docs.google.com/ Frame 74BA 107 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/0bff7126-d8fc-4d0e-b20c-fb41b498ba55
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be21e429ef639f5aefa5ffb58635001d4bb6ccfe11f80fcb87af04a3008554c9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 109358
Content-Type: image/png

GET
BLOB 200
OK 15341bca-beb9-4dc6-866f-3b65e918509b
https://docs.google.com/ Frame 74BA 110 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/15341bca-beb9-4dc6-866f-3b65e918509b
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6df1bd40f25e6ffd21291ed1a4d396402c6feb31aded5ec2c37592b27e10d1c2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 112960
Content-Type: image/png

GET
BLOB 200
OK 0e9e2949-9f07-4a72-afd3-7219f4e9d397
https://docs.google.com/ Frame 74BA 111 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/0e9e2949-9f07-4a72-afd3-7219f4e9d397
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/utfoxt2quyndnj3g6hi45csta3pbbe2ise74jd2hsspj4hiyxwbxjky/n9nlzod50kdl.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aade0ab34ba16a468c0078cc8e15a68ddf6fb07fca913c1bccb5bb27ccdab20c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 114025
Content-Type: image/png

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.it.m-SQ2eqwSwE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOoNWTgkO34LjHjpvgWIq4kA2C63w/ Frame 3762 66 KB
23 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.it.m-SQ2eqwSwE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOoNWTgkO34LjHjpvgWIq4kA2C63w/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1749762c2a37c5b7237b3b5e27681befe976206f62fdbb92cc931718d4ecdc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23444
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 14:27:09 GMT

GET
H2 200 4859604 Show response
betotodilea.com/400/ 79 KB
31 KB 216ms
103ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://betotodilea.com/400/4859604

Requested by

Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0173abfc292ae311623f18f849181f6d5b892ae37141ef96a021960f17fb4a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 64db5e6da54403433063b843337649c9
pragma: no-cache
date: Sun, 13 Feb 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 / Show response
freychang.fun/ 14 B
346 B 180ms
131ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262d90d3dc251037bbbfcda3cbe92bcfc987dc2062d060f78831ab9919cb8d3f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CobP63N4yS9H76QcSGu1PfzdQyOa98vgY5pHsCLhi%2FszW5LViVLAKhjqL%2B7FlJ2E5tac%2FulvHECjcs%2FPzSHH147qawEVphfHNTocwb7stMl6YhyKxJgTrWvomiJze6PjEv8Lqwn64pHKXgzp"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6dcd2ed3385483a8-MXP
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
kankingwith.com/ 0
488 B 417ms
293ms XHR
text/plain 13.32.43.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kankingwith.com/utx?cb=Zo7eovn6kBo4&top=userscloud.com&tid=600304
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.43.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-43-68.hel50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 09:55:46 GMT
via: 1.1 752474607e5162b3278b647bb0ff3818.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: HEL50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: dehy7BF_u4-f2QHmNtX2rcOUCTMi6YLdaecz_pUaatDw2DvDiq-m9A==

GET
H2 200 UksnAFQNSg8ADBgAFhBKAFcCCFYCHQcWVhkNTwpcA1xTInsTIQ0ydj8eNiJTAxwzE3wmNDAydiUsDQl6MgE1IUAtIScDbzI2NlBJMT0WHmwAPyIweD4cJSUBExggDFwwKwZTYUcvNSx9AxszMWsRNycTWCQ8UB5tNh4AIVQfHSI1cDo0UVR0PytRXHEQSTQ2fR8hI... Show response
kankingwith.com/OXd5YWRYFRoMW1hKG0cRSxtERFZ/ Frame 5162 3 KB
2 KB 251ms
180ms Document
text/html 13.32.43.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kankingwith.com/OXd5YWRYFRoMW1hKG0cRSxtERFZ/UksnAFQNSg8ADBgAFhBKAFcCCFYCHQcWVhkNTwpcA1xTInsTIQ0ydj8eNiJTAxwzE3wmNDAydiUsDQl6MgE1IUAtIScDbzI2NlBJMT0WHmwAPyIweD4cJSUBExggDFwwKwZTYUcvNSx9AxszMWsRNycTWCQ8UB5tNh4AIVQfHSI1cDo0UVR0PytRXHEQSTQ2fR8hIAxOITY3CF0lA1gDfxwRMDcLIiglHE4vNDcHaTUVGQp6NSAjPH4UMDIxby8jM1V1OUgZCno2QQIiCzo0OTFgQBogFHAzLFgMfCFIKTdtWisoJ3scGigICRYxCSVRPywOHm0wIDEyUi0pAiVJPiEzLQAjOzQ+YTAdVjxsEzMuMnwjPCccVzQ7WTV+HUw5MW81NTsySiY7GT0NLy9QLGlFSSMyUiEhODVNNi0nAFA0FVAsaiQjOyxRJjUxJgg8NFEcVDNIOyNtRDcvNmhRExILVwdEDTJoFjwHD0BATDY
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.43.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-43-68.hel50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 876b88102ed5f4b5bb7e231929597434956a13cf93b9455d02aca931cf9fa9e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/

Response headers

content-type: text/html
content-length: 1231
date: Sun, 13 Feb 2022 09:55:45 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 752474607e5162b3278b647bb0ff3818.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: p60LfeJIKQcMCm_f2kvPi8JaHy9pVSbJUAU9UouqcGWiaSnYhcXEYg==

GET
H2 200 / Show response
freychang.fun/ 16 B
709 B 121ms
120ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006e3b9250daec645db189fe376d617e4785509b1cbff35e9fd5ce739f24af35

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBVmOt8w%2BL6Ldtv5wpfbdqPd8Xstg2pnHD8TWyOgJv2wIZkfpCO46fW9xOTDAsDaXTv0XaO0uHlMUKHM%2BXt%2FTDduQe3rzQh%2Fyl4sRJhSPUpenWb2QopLMmqq%2FbC4yDABRgny5BPoKluqj6HO"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6dcd2ed3487583a8-MXP
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
kankingwith.com/ 0
489 B 250ms
183ms XHR
text/plain 13.32.43.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kankingwith.com/utx?cb=tWVuS07bhYBp&top=userscloud.com&tid=708052
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.43.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-43-68.hel50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 09:55:45 GMT
via: 1.1 752474607e5162b3278b647bb0ff3818.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: HEL50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: gppVFrW60nD8zz8X3PeIf8qo0QrQBHPjSolRlc3e4SJDo6lS0m4SBw==

GET
H2 200 NXA0c1dUElceaFRNVlUiRxwJVmVzVQY1M1gKBx0zAB9NBCNGBxoQO1oFUBUlWh5AXTlQBBFBEWwVchcGbydfERhxRHAlMEJVBjEZcxhRIBAMF2E1I1AgZz4cdwdcAh9mF1sjBQ0RdgoGBj91Ji9+NQAYGQU9UDI9ewRiJm9gPl5HFGM2AAoHUiphIA9wCHUiI3MpB... Show response
kankingwith.com/ Frame 0068 3 KB
2 KB 228ms
181ms Document
text/html 13.32.43.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kankingwith.com/NXA0c1dUElceaFRNVlUiRxwJVmVzVQY1M1gKBx0zAB9NBCNGBxoQO1oFUBUlWh5AXTlQBBFBEWwVchcGbydfERhxRHAlMEJVBjEZcxhRIBAMF2E1I1AgZz4cdwdcAh9mF1sjBQ0RdgoGBj91Ji9+NQAYGQU9UDI9ewRiJm9gPl5HFGM2AAoHUiphIA9wCHUiI3MpByoFciJXSzVkMW03LnxCcTFnZD1OHxN9MlgCB2QfYDYDRkh2Ni9+NWMlG2ImBR8OcEBRNgNeQHcbY3kTWTkBdwdMCg5ZJm0gH1kXZTU4AxNZOQF9GHFGDVk2eSAvY0FiQjx0KWNeBXgkcQM5eCJhKRFxOVoyFkYkZBoFdCdORj5sQX47BAc2BSVmWSFkNzBnMnYhLmwZbj4EWBMMNxZ8FFceHWM0XENnegdEMg9iJlMxMHA7ezdndCRxHAVUNkw7BH0cXyU7czJRJDNtJHEDOXwHZSMQZiUBIhFGVQYxDlg+ZyFnQRhQGxVgVl4AOFsACT4adDV8OTV4P1smA3RGRxQ
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.43.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-43-68.hel50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 67aed99df3ba63b6fb2c844ff724c92edc36f6e71abea3950dd5a2432f02a022

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/

Response headers

content-type: text/html
content-length: 1239
date: Sun, 13 Feb 2022 09:55:45 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 752474607e5162b3278b647bb0ff3818.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: JHk8z491MGQoAR79J29ChvCTEqC76PSfRLBUX6a4lWwGofqKaHIx9A==

GET
H2 200 / Show response
freychang.fun/ 16 B
374 B 218ms
217ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0734831e288e5ecbca1609f6977526b1783b18b1e781839cff8c6e8f1eb3c5f9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZxpFs6KBtXDrsNIvw61Df54HB5w8RPWW4TrQ%2FAk1YAvHuF9ubYocVDGwXEyOdWFtIGT%2B25u0zpFUsHDx3qQv5SxMpl40QJZ1eNV10teJ8yufSjSQjIX5JqOKCU%2F1v9BzSxrF6XJwYnjeKH4"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6dcd2ed368d983a8-MXP
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
kankingwith.com/ 0
488 B 334ms
288ms XHR
text/plain 13.32.43.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kankingwith.com/utx?cb=zDCtpFqmABXi&top=userscloud.com&tid=816973
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.43.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-43-68.hel50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 09:55:46 GMT
via: 1.1 752474607e5162b3278b647bb0ff3818.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: HEL50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: lVKhL68Ekh1OI_YhEWpA8iK0bDzmVfWCnotciKgFrtDzYdF7mA3p6w==

GET
H2 200 HB0oaR4XHBAgKQQcKmcgJg Show response
kankingwith.com/VExzc1g1LhAeZzVxEVUtJiBOVmoSaUE1PDk2QB08YSMKBCwnO10QNDs5FxUqOyIHXTYxOFZBHjsVJkdsMH0yMBECFSERIAEiKzYoOxk7FBoFCz07EhE/KiMwEjYSGxVxfjU4DCQoMjdgAColIjEwJCZDABE8FCEhHhY0Jzw3LTVDAhl9C1ZqE... Frame 8911 3 KB
2 KB 221ms
181ms Document
text/html 13.32.43.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kankingwith.com/VExzc1g1LhAeZzVxEVUtJiBOVmoSaUE1PDk2QB08YSMKBCwnO10QNDs5FxUqOyIHXTYxOFZBHjsVJkdsMH0yMBECFSERIAEiKzYoOxk7FBoFCz07EhE/KiMwEjYSGxVxfjU4DCQoMjdgAColIjEwJCZDABE8FCEhHhY0Jzw3LTVDAhl9C1ZqEgQbKmgVfz4+DQcdIToOGgc9IRlhGCE2NBIfKRAQOhUmPy8BLSMLKzoaMQAgBgQLVmoWHR1GCjU7Azs9FhUdJTAZaUE1Hj58FyEPFRw8G2kSFTUxfWYONRg8ZRkUBDwGGzIkEmUWMSkdBnUWHxI9GScqFwV/HzY+FWEUJBEWCRorCRV9MgoOBg1AJQwXDUI2AmR1Sjc0HiUmJAIABAoiFR0kQjUdZB5LMBoneTAaKzAeJDIfH30AEAhkJAEwMzc2MCcgDAsZJR0yBEYjOQF1VkEaEic9GQ8MLyQiHx4JFTI/EQEiEC4HJEZCDSMrPSEfMBwVIm0GBiUEfj4/HB0oaR4XHBAgKQQcKmcgJg
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.43.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-43-68.hel50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: ec6029c9ccf1761ea81e347cf98e2836bf2c47beb92406a14f96a6e899cdf452

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/

Response headers

content-type: text/html
content-length: 1230
date: Sun, 13 Feb 2022 09:55:45 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 752474607e5162b3278b647bb0ff3818.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: 60vKt9As-Y5aPjgKq3yoJcoK7GYSL_Pa7vfBKJHXro327vhSuj-cOQ==

GET
H2 204 RTUxYnNqClIRThEGQSkSDXMEMUB8UWMqRgZQZ1s6IHBFVSQQeBcWGiEIB1JDdgUFRAMsUQxTVTZBUBYGNggARBorU15fVTMIAExAcRsDVl13E0RfQmNBQQMUeAQXEgcxWQxTRXEBBlZFdAEEVUd2
ableaborah.com/ 0
497 B 173ms
123ms Image
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ableaborah.com/RTUxYnNqClIRThEGQSkSDXMEMUB8UWMqRgZQZ1s6IHBFVSQQeBcWGiEIB1JDdgUFRAMsUQxTVTZBUBYGNggARBorU15fVTMIAExAcRsDVl13E0RfQmNBQQMUeAQXEgcxWQxTRXEBBlZFdAEEVUd2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJ4AA57iA0D8GPSX%2FlWGmJ%2BIVTsL2PBCT77iA3mVmQcII0RMs4ffyfQCcMoFbOWWwliU8JUFPulvvWcifX6JOrWdac2kj3SOCayPAHPEzhmzIG7KEh9dMGXyxl107Yb9KyVyp5R%2BzlJGrJOlVg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6dcd2ed3caa05a1f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 147ms
89ms Image
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 145ms
72ms Image
text/html 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 190ms
118ms Image
text/html 2a00:1450:4001:827::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 RDd0cmNrCBcBXhNjOjo3ElscM1AeAy0lJgJTGgIWJnY6V1EGUSMVRTBeEE9UdA9ER1FiRx0WXnYOUgEXJUMBAV51ER0cBSsKUgRedRlEXFZxGUZUFnkGUgYTJVBJQ0U0QwAeXnUBQEZUcAFFRlZzDkM
ableaborah.com/ 0
282 B 188ms
138ms Image
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ableaborah.com/RDd0cmNrCBcBXhNjOjo3ElscM1AeAy0lJgJTGgIWJnY6V1EGUSMVRTBeEE9UdA9ER1FiRx0WXnYOUgEXJUMBAV51ER0cBSsKUgRedRlEXFZxGUZUFnkGUgYTJVBJQ0U0QwAeXnUBQEZUcAFFRlZzDkM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iP2Yk2wuK1T0kTsU4FM%2B4JUoSeyXbZ61PCy1KJIgnX5P6Lgvh7wL3EN0UuS3iozpAVW9BTqXDLmZokM%2BaZno007VKRCeiAe6FHHO5asrg0ZEYRLsEogIy8U4b4YgDG77LiURyGAqHdhDN8bT4A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6dcd2ed3caa15a1f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 QTVpNDhuCgpHBRRiDgd1GWcZY195djhjYiRxHnp9IGNZe3kEbE9AUSUIUQUOeAJaEkgoUVQGAWdGHVVMNEZUBR4oWw9bBWdDVAUWcRtcARZzExwJCWdBGVVffARPREw1WVQFDnUBXgAOcAFcDAl3
ableaborah.com/ 0
262 B 174ms
125ms Image
text/plain 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ableaborah.com/QTVpNDhuCgpHBRRiDgd1GWcZY195djhjYiRxHnp9IGNZe3kEbE9AUSUIUQUOeAJaEkgoUVQGAWdGHVVMNEZUBR4oWw9bBWdDVAUWcRtcARZzExwJCWdBGVVffARPREw1WVQFDnUBXgAOcAFcDAl3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZdPllqNeJ2kSKtWD1l98%2BcU3tpXgxwxxpRIMBdTJjDYvaq3T5RmODRsmxZBf6AlXWz1MjQIbAm6dg5hkSc1hzrDpLGigCBMtp%2FvDrnBuxpQSRDode8wTCHaLjezDcvwmtWGN9RizZjPPzIQsg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 6dcd2ed3caa25a1f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rum Show response
userscloud.com/cdn-cgi/ 0
165 B 39ms
39ms XHR
text/plain 2606:4700:3034::ac43:cf69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://userscloud.com/n9nlzod50kdl
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Sun, 13 Feb 2022 09:55:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://userscloud.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6dcd2ed38a2d59bf-MXP
vary: Origin

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 3762 0
15 B 180ms
148ms XHR
text/plain 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
Requested by: Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.it.m-SQ2eqwSwE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOoNWTgkO34LjHjpvgWIq4kA2C63w/cb=gapi.loaded_0?le=oz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: GSE /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.it.m-SQ2eqwSwE.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOoNWTgkO34LjHjpvgWIq4kA2C63w%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 09:55:45 GMT
server: GSE
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 3762 0
15 B 284ms
252ms XHR
text/plain 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
Requested by: Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.it.m-SQ2eqwSwE.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOoNWTgkO34LjHjpvgWIq4kA2C63w/cb=gapi.loaded_0?le=oz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: GSE /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.it.m-SQ2eqwSwE.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOoNWTgkO34LjHjpvgWIq4kA2C63w%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 09:55:46 GMT
server: GSE
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 106ms
35ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70768172-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6653
date: Sun, 13 Feb 2022 08:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 13 Feb 2022 10:04:52 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 68ms
35ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=122936170&t=pageview&_s=1&dl=https%3A%2F%2Fuserscloud.com%2Fn9nlzod50kdl&ul=en-us&de=UTF-8&dt=Userscloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=826524099&gjid=548841773&cid=1777129438.1644746146&tid=UA-70768172-1&_gid=1536009608.1644746146&_r=1&gtm=2ou290&z=1247964364

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://userscloud.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 09:55:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userscloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 BdXlVOHgWFjteRwEQMQVORUlmCExTEyZXFgVEOW4pFDwzUwFCTAIeDA8daAheGRg7X0VTHDtbRURfNFwaSE1zTAgaEmhdCQIMM00MHR08Hg0URDhXAhwVOVldRz9gFkhQS2UQDxwXMVcPBlxnCBYBXGcISUVXZR1LN1xnCA8cF2MMXUY7cApIDU9hEV1HST-RICBk... Show response
dmz3nd5oywtsw.cloudfront.net/ Frame 5162 1 KB
1 KB 238ms
173ms Script
text/plain 2600:9000:2240:6800:4:3d6c:3800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmz3nd5oywtsw.cloudfront.net/BdXlVOHgWFjteRwEQMQVORUlmCExTEyZXFgVEOW4pFDwzUwFCTAIeDA8daAheGRg7X0VTHDtbRURfNFwaSE1zTAgaEmhdCQIMM00MHR08Hg0URDhXAhwVOVldRz9gFkhQS2UQDxwXMVcPBlxnCBYBXGcISUVXZR1LN1xnCA8cF2MMXUY7cApIDU9hEV1HST-RICBkcIl0aHhAhHUozTGYPVkZPcApIXRI9TBUZXGd7XUdJOVETEFxnCB8QGj5XUVBLZVsQBxY4XV1HP20BVkVXYQtATFdiCl1HSSZZHhQLPB1KM0xmD1ZGT3NNRQ
Requested by: Host: kankingwith.com
URL: https://kankingwith.com/OXd5YWRYFRoMW1hKG0cRSxtERFZ/UksnAFQNSg8ADBgAFhBKAFcCCFYCHQcWVhkNTwpcA1xTInsTIQ0ydj8eNiJTAxwzE3wmNDAydiUsDQl6MgE1IUAtIScDbzI2NlBJMT0WHmwAPyIweD4cJSUBExggDFwwKwZTYUcvNSx9AxszMWsRNycTWCQ8UB5tNh4AIVQfHSI1cDo0UVR0PytRXHEQSTQ2fR8hIAxOITY3CF0lA1gDfxwRMDcLIiglHE4vNDcHaTUVGQp6NSAjPH4UMDIxby8jM1V1OUgZCno2QQIiCzo0OTFgQBogFHAzLFgMfCFIKTdtWisoJ3scGigICRYxCSVRPywOHm0wIDEyUi0pAiVJPiEzLQAjOzQ+YTAdVjxsEzMuMnwjPCccVzQ7WTV+HUw5MW81NTsySiY7GT0NLy9QLGlFSSMyUiEhODVNNi0nAFA0FVAsaiQjOyxRJjUxJgg8NFEcVDNIOyNtRDcvNmhRExILVwdEDTJoFjwHD0BATDY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6800:4:3d6c:3800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 18881a20504358de902e86b797a112769a0c044e85968d514ee66c6ed8fe5ae2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://kankingwith.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:46 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 754
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
x-amz-cf-id: G7a5rwXpPCK7GUfksLNJsZh5EvrfHRfEy_scZkzeDiAIkNsjfbkJvA==

GET
H2 200 YeFdQZWkbOD4DVgw+NFheSG9gUFtePSMKBwhqHSgoPR8aByQ3OAUxKE4kN0MdAjNtVU8UNj4CVF4yPgZUSXExAQtFY3YRGRc8bQAYDyI2EB0QMzlDHBlqPQoTETs8BExKEWVLWV1lYE0eETk0Ch4LcmJVBwxyYlVYSHlgQFo6cmJVHhE5ZlFMSxV1V1kAYW-RMTEp... Show response
dmz3nd5oywtsw.cloudfront.net/ Frame 0068 576 B
727 B 232ms
180ms Script
text/plain 2600:9000:2240:6800:4:3d6c:3800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmz3nd5oywtsw.cloudfront.net/YeFdQZWkbOD4DVgw+NFheSG9gUFtePSMKBwhqHSgoPR8aByQ3OAUxKE4kN0MdAjNtVU8UNj4CVF4yPgZUSXExAQtFY3YRGRc8bQAYDyI2EB0QMzlDHBlqPQoTETs8BExKEWVLWV1lYE0eETk0Ch4LcmJVBwxyYlVYSHlgQFo6cmJVHhE5ZlFMSxV1V1kAYW-RMTEpnMRUZFDInAAsTPiRAWz5iY1JHS2F1V1lQPDgRBBRyYiZMSmc8DAIdcmJVDh00OwpAXWVgBgEKOD0ATEoRaFxHSHlkVlFBeWdXTEpnIwQPGSU5QFs+YmNSR0thdhBU
Requested by: Host: kankingwith.com
URL: https://kankingwith.com/NXA0c1dUElceaFRNVlUiRxwJVmVzVQY1M1gKBx0zAB9NBCNGBxoQO1oFUBUlWh5AXTlQBBFBEWwVchcGbydfERhxRHAlMEJVBjEZcxhRIBAMF2E1I1AgZz4cdwdcAh9mF1sjBQ0RdgoGBj91Ji9+NQAYGQU9UDI9ewRiJm9gPl5HFGM2AAoHUiphIA9wCHUiI3MpByoFciJXSzVkMW03LnxCcTFnZD1OHxN9MlgCB2QfYDYDRkh2Ni9+NWMlG2ImBR8OcEBRNgNeQHcbY3kTWTkBdwdMCg5ZJm0gH1kXZTU4AxNZOQF9GHFGDVk2eSAvY0FiQjx0KWNeBXgkcQM5eCJhKRFxOVoyFkYkZBoFdCdORj5sQX47BAc2BSVmWSFkNzBnMnYhLmwZbj4EWBMMNxZ8FFceHWM0XENnegdEMg9iJlMxMHA7ezdndCRxHAVUNkw7BH0cXyU7czJRJDNtJHEDOXwHZSMQZiUBIhFGVQYxDlg+ZyFnQRhQGxVgVl4AOFsACT4adDV8OTV4P1smA3RGRxQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6800:4:3d6c:3800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bca6259a31983660dbc06d4da11b73513dd5a754383b83a083e322078d00df87

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://kankingwith.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:46 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 450
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
x-amz-cf-id: 0JuzE-axa5sNXlirdMGjTyldhyoAZiWV1k5eJDkTe8q0ZOIyHGIk8Q==

GET
H2 200 Fj0dRWAPOh1FYFB+Fkd1UgwdRWAWJ1ZBZER9elJiUTYOQ3lEfA-gWIBEiXQA1AyVRA3VTCA1EZ099DlJiUWZTHyQMIh1FE0R8CBs5CisdRWAGK1scP0hrCkczCTxXGjVEfH5PaU9+FkNjWXcWQGJEfAgEMQcvSh51UwgNRGdPfQ5RJVw Show response
dmz3nd5oywtsw.cloudfront.net/oYU44d1ACIVYRbxUnXEpoUHgBQGNHJEsYPhFzahM/KTpdAD8TfVQidhU0XEpgRyJZGTdcaF0ZM1x/HhY0A3MMUSQRIVNKNRA5TRElFSZcHnYULwUaPxsnVBsxRHx+Qn5RawpHeBYnVhM/ Frame 8911 556 B
712 B 220ms
169ms Script
text/plain 2600:9000:2240:6800:4:3d6c:3800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmz3nd5oywtsw.cloudfront.net/oYU44d1ACIVYRbxUnXEpoUHgBQGNHJEsYPhFzahM/KTpdAD8TfVQidhU0XEpgRyJZGTdcaF0ZM1x/HhY0A3MMUSQRIVNKNRA5TRElFSZcHnYULwUaPxsnVBsxRHx+Qn5RawpHeBYnVhM/Fj0dRWAPOh1FYFB+Fkd1UgwdRWAWJ1ZBZER9elJiUTYOQ3lEfA-gWIBEiXQA1AyVRA3VTCA1EZ099DlJiUWZTHyQMIh1FE0R8CBs5CisdRWAGK1scP0hrCkczCTxXGjVEfH5PaU9+FkNjWXcWQGJEfAgEMQcvSh51UwgNRGdPfQ5RJVw
Requested by: Host: kankingwith.com
URL: https://kankingwith.com/VExzc1g1LhAeZzVxEVUtJiBOVmoSaUE1PDk2QB08YSMKBCwnO10QNDs5FxUqOyIHXTYxOFZBHjsVJkdsMH0yMBECFSERIAEiKzYoOxk7FBoFCz07EhE/KiMwEjYSGxVxfjU4DCQoMjdgAColIjEwJCZDABE8FCEhHhY0Jzw3LTVDAhl9C1ZqEgQbKmgVfz4+DQcdIToOGgc9IRlhGCE2NBIfKRAQOhUmPy8BLSMLKzoaMQAgBgQLVmoWHR1GCjU7Azs9FhUdJTAZaUE1Hj58FyEPFRw8G2kSFTUxfWYONRg8ZRkUBDwGGzIkEmUWMSkdBnUWHxI9GScqFwV/HzY+FWEUJBEWCRorCRV9MgoOBg1AJQwXDUI2AmR1Sjc0HiUmJAIABAoiFR0kQjUdZB5LMBoneTAaKzAeJDIfH30AEAhkJAEwMzc2MCcgDAsZJR0yBEYjOQF1VkEaEic9GQ8MLyQiHx4JFTI/EQEiEC4HJEZCDSMrPSEfMBwVIm0GBiUEfj4/HB0oaR4XHBAgKQQcKmcgJg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6800:4:3d6c:3800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e95b95567a626ffd9ca0477351d4e027410114c783933ef4e142c0ea7d2ade6e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://kankingwith.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:46 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 435
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
x-amz-cf-id: oGIqzQnVAOdhQ5hc5COmvT5MhqajySGAM7GV9onxcrI3A1VTiAjqGA==

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 119ms
36ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: betotodilea.com
URL: https://betotodilea.com/400/4859604

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2e160046b9afc997d5951e811f7f784ab7dc547dc17bd7aa242580b135cbf47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:46 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://userscloud.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 popunder.gif
ableaborah.com/ 35 B
635 B 45ms
25ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ableaborah.com/popunder.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Feb 2022 09:55:46 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 21:03:42 GMT
server: cloudflare
age: 132724
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tSKIyIc1%2FLjjcAt07jr6Y7Ixd%2B6Q5XkzZ8DRZW9x900XdZyzhfGMlI1NKneI9jMVJcbSeqV2XDkIvcuW58MjbpG%2BMRRC62%2FqpySHfim9376rqAzN1Mhi%2B2i%2FW7vALbFljlfyBDKR1dFxMBF5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dcd2ed5da7283a9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 multi Show response
kankingwith.com/ 3 KB
2 KB 282ms
282ms XHR
text/plain 13.32.43.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kankingwith.com/multi?cs=eEJwbXpAckFYQkB0QVpNTXJJXUs&abt=0&red=1&sm=76&k=userscloud%20free%20cloud%20storage%20unlimited&v=1.0.55.2&sts=0&prn=0&emb=0&tid=708052&u=1762857056019708&fs=1&ref=https%3A%2F%2Fuserscloud.com%2Fn9nlzod50kdl&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&tzd=0&uloc=&if=0&_hRdz=1644746146232&crc=1
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.43.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-43-68.hel50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: f6676b3a6cc595eab3dc7b511d0af1c572c16e9c643a7a2069a50b9036a40e9d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 09:55:46 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: HEL50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1365
via: 1.1 752474607e5162b3278b647bb0ff3818.cloudfront.net (CloudFront)
x-amz-cf-id: 4VHpaswvVFEubNpPmbh2OoNnebQ254YG1_dM-n1uDA_Za9Wg8SHu5Q==

GET
H3 200 popunder.gif
ableaborah.com/ 35 B
593 B 25ms
25ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ableaborah.com/popunder.gif
Requested by: Host: userscloud.com
URL: https://userscloud.com/n9nlzod50kdl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Feb 2022 09:55:46 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 21:03:42 GMT
server: cloudflare
age: 132724
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67rcGg%2BXTwnObg0WjbzeLrR9X8kvzvb1P4hCT5yBk0firtcDXTd7O452zGZfdnSxdY0Uwb2H%2BfdJ8T85lwBBGUawzDibObg3YNScH1UNN6OTwkBcJOSEz5LmfcjTZqo8Ri8GUTIkAOx5Dwt0IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dcd2ed60af283a9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 4859604 Show response
betotodilea.com/500/ 1 KB
2 KB 55ms
55ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://betotodilea.com/500/4859604?excludes=&oaid=52258d22a4d04baeae193e7740f54eff&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fuserscloud.com%2Fn9nlzod50kdl&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: betotodilea.com
URL: https://betotodilea.com/400/4859604

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

63bea6c5f5a5c562cb641a7278f479fa6c0d0990c0300bc10586efca6bd8f5a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://userscloud.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: d6cf2f5b602b9c4a433e708320592986
pragma: no-cache
date: Sun, 13 Feb 2022 09:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://userscloud.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 4859604
betotodilea.com/500/ Frame 0
0 130ms
43ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://userscloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 13 Feb 2022 09:55:46 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: https://userscloud.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 0756537106881.jpeg
static.cdnativepush.com/contents/s/2d/ca/26/0caa80f1129199aa3520d62348/ 4 KB
5 KB 142ms
45ms Image
image/jpeg 139.45.197.190
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/2d/ca/26/0caa80f1129199aa3520d62348/0756537106881.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.190 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 82c5c5baa464ea0fa2161e01f290653e5881b91dc492fa959e5498c9da3cf812

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 09:55:46 GMT
last-modified: Thu, 27 May 2021 14:59:43 GMT
server: nginx
etag: "60afb3df-105c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 4188

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 05:15:57	Name: NID Value: 511=AVMQ6dEgKtTxeu39jolrpdQIpR3Y_ePO_B3BeOT5XsQr7k6tszTmo0mTxj91S1_E6mJt8L_MAE5mdY1Sz-QwIQy2y3MZV8Hz3bNEJ3stLW6yYKN5bEct10fcK1BDDXtNQo7G5lUtHLb1RX-7oPRpd0KftW87LKcxok0obwuVDaQ
.userscloud.com/	1970-01-20 18:23:38	Name: _ga Value: GA1.2.1777129438.1644746146
.userscloud.com/	1970-01-20 00:53:52	Name: _gid Value: GA1.2.1536009608.1644746146
.userscloud.com/	1970-01-20 00:52:26	Name: _gat_gtag_UA_70768172_1 Value: 1
freychang.fun/	1970-01-20 09:30:50	Name: csu Value: 1762857056019708@1
my.rtmark.net/	1970-01-20 09:38:02	Name: ID Value: 52258d22a4d04baeae193e7740f54eff
betotodilea.com/	1970-01-20 09:38:02	Name: OAID Value: 52258d22a4d04baeae193e7740f54eff

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ableaborah.com
accounts.google.com
apis.google.com
betotodilea.com
content.googleapis.com
dmz3nd5oywtsw.cloudfront.net
docs.google.com
freychang.fun
kankingwith.com
my.rtmark.net
ssl.gstatic.com
static.cdnativepush.com
static.cloudflareinsights.com
userscloud.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
13.32.43.68
139.45.195.8
139.45.197.190
139.45.197.237
2600:9000:2240:6800:4:3d6c:3800:21
2606:4700:3030::ac43:dadd
2606:4700:3034::ac43:cf69
2606:4700::6810:5f41
2a00:1450:4001:808::200e
2a00:1450:4001:809::200a
2a00:1450:4001:827::2003
2a00:1450:4001:827::200d
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2008
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3121::7
006e3b9250daec645db189fe376d617e4785509b1cbff35e9fd5ce739f24af35
0173abfc292ae311623f18f849181f6d5b892ae37141ef96a021960f17fb4a77
0734831e288e5ecbca1609f6977526b1783b18b1e781839cff8c6e8f1eb3c5f9
0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc
119ebfe1db6c41d203f26dc4ff627566acc34feaec13ea8b11de576955c56259
18881a20504358de902e86b797a112769a0c044e85968d514ee66c6ed8fe5ae2
262d90d3dc251037bbbfcda3cbe92bcfc987dc2062d060f78831ab9919cb8d3f
2e160046b9afc997d5951e811f7f784ab7dc547dc17bd7aa242580b135cbf47b
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf
54107a714124e4159cce9d1e4384ab70ceabce7386d276f8c2e06a7d6d77eb47
63bea6c5f5a5c562cb641a7278f479fa6c0d0990c0300bc10586efca6bd8f5a6
67aed99df3ba63b6fb2c844ff724c92edc36f6e71abea3950dd5a2432f02a022
684c8c3c969c2c7f77194589187339ede415ee646c14da213a8d15280d3899ee
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df1bd40f25e6ffd21291ed1a4d396402c6feb31aded5ec2c37592b27e10d1c2
76dd31b4e186eeae88fe598df0d656fa340948916cd0875121298f8603aacd0c
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977
82c5c5baa464ea0fa2161e01f290653e5881b91dc492fa959e5498c9da3cf812
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8569183d1991ecf478ff3e85136203c369fce082ae8b6b627724afbbc199a1dd
85a8840865325d1dbef15dddcbafbb235e13165d74c5761a000dc909823a97d3
876b88102ed5f4b5bb7e231929597434956a13cf93b9455d02aca931cf9fa9e8
893d7795ecf4d1f9e2c59205a3f46635cc2615e995d14a3853921725711dc195
9cdb1df81f2a59e5d17fb6d2a85405dffa16bc062c06a6d97f1f544a31767e1e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aade0ab34ba16a468c0078cc8e15a68ddf6fb07fca913c1bccb5bb27ccdab20c
aae8a5e3cb5bde1567da4b3cd7a7d678bd2ac892ab9e7fe75729e5af729fa238
aed78cd0409dacb02d4869c89d40412692997adb20aa28a798c2c1e92c433a2d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb73b7ef2dcfa9d21fe47f6541fb4ca337a5e47857dbc8a5d47e3c7c7d0f27aa
bca6259a31983660dbc06d4da11b73513dd5a754383b83a083e322078d00df87
be21e429ef639f5aefa5ffb58635001d4bb6ccfe11f80fcb87af04a3008554c9
bf27b6787c70d8bffc972f49b110ec0fa311c1c2b20b74560c39a23aa49a0fb4
c1749762c2a37c5b7237b3b5e27681befe976206f62fdbb92cc931718d4ecdc6
c49e8edb2b8f2f69c4e3d98dd32a54e1fdac432fca077f72b8efc68641cb38ab
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf0596b1076233fa6f94df48fa9cb58f625fd8bcc701622665b3781afec6b93f
d69a27fc4f9311f05e8160c76f1cad6fa41497b82d0239eeea61518659ee64b5
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95b95567a626ffd9ca0477351d4e027410114c783933ef4e142c0ea7d2ade6e
ec6029c9ccf1761ea81e347cf98e2836bf2c47beb92406a14f96a6e899cdf452
f6676b3a6cc595eab3dc7b511d0af1c572c16e9c643a7a2069a50b9036a40e9d
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

userscloud.com Open in urlscan Pro 2606:4700:3034::ac43:cf69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

65 Requests

95 %HTTPS

76 %IPv6

15 Domains

18 Subdomains

18 IPs

3 Countries

1473 kBTransfer

3795 kBSize

7 Cookies

0 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

userscloud.com Open in urlscan Pro
2606:4700:3034::ac43:cf69 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

95 %
HTTPS

76 %
IPv6

15
Domains

18
Subdomains

18
IPs

3
Countries

1473 kB
Transfer

3795 kB
Size

7
Cookies

65 HTTP transactions
1 data transactions