userscloud.com Open in urlscan Pro
2606:4700:3032::6815:4566 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://userscloud.com/9cserfo00pts
Submission: On March 14 via manual (March 14th 2023, 5:40:50 am UTC) from HN — Scanned from SG

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3032::6815:4566, located in United States and belongs to CLOUDFLARENET, US. The main domain is userscloud.com. The Cisco Umbrella rank of the primary domain is 796099.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.

This is the only time userscloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3032::6815:4566	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2404:6800:400... 2404:6800:4003:c11::71	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c04::61	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c05::5e	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c04::8a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c00::5f	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c02::8d	15169 (GOOGLE) (GOOGLE)
6	172.64.173.27 172.64.173.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	54.192.150.90 54.192.150.90	16509 (AMAZON-02) (AMAZON-02)
6	104.21.15.189 104.21.15.189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f10... 2a03:2880:f10c:381:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2404:6800:400... 2404:6800:4003:c00::54	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c00::66	15169 (GOOGLE) (GOOGLE)
3	2600:9000:217... 2600:9000:2179:ca00:14:df85:4c40:21	16509 (AMAZON-02) (AMAZON-02)
66	17

12 2606:4700:3032::6815:4566 (United States)

ASN13335 (CLOUDFLARENET, US)

userscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4003:c11::71 (Singapore)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c05::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c04::8a (Singapore)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c00::5f (Singapore)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c02::8d (Singapore)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.173.27 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.192.150.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-90.sin2.r.cloudfront.net

mentxviewsinte.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.21.15.189 (None, )

ASN13335 (CLOUDFLARENET, US)

esorandhewa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c00::54 (Singapore) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c00::66 (Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2179:ca00:14:df85:4c40:21 (United States)

ASN16509 (AMAZON-02, US)

d29mxewlidfjg1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	google.com 4 redirects docs.google.com — Cisco Umbrella Rank: 124 apis.google.com — Cisco Umbrella Rank: 107 accounts.google.com — Cisco Umbrella Rank: 73	445 KB
12	userscloud.com userscloud.com — Cisco Umbrella Rank: 796099	249 KB
7	mentxviewsinte.info mentxviewsinte.info	8 KB
6	esorandhewa.com esorandhewa.com	2 KB
6	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 27761	303 KB
3	cloudfront.net d29mxewlidfjg1.cloudfront.net	2 KB
3	googleapis.com content.googleapis.com — Cisco Umbrella Rank: 1544	1 KB
3	gstatic.com www.gstatic.com ssl.gstatic.com	526 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 495
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	44 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 886	6 KB
66	13

	Domain	Requested by
12	userscloud.com	userscloud.com static.cloudflareinsights.com
11	docs.google.com	userscloud.com docs.google.com www.gstatic.com
7	mentxviewsinte.info	userscloud.com
6	accounts.google.com	4 redirects
6	esorandhewa.com	userscloud.com
6	pogothere.xyz	userscloud.com
4	apis.google.com	docs.google.com apis.google.com content.googleapis.com
3	d29mxewlidfjg1.cloudfront.net	mentxviewsinte.info
3	content.googleapis.com	apis.google.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	docs.google.com
1	www.facebook.com
1	csp.withgoogle.com	userscloud.com
1	ssl.gstatic.com	www.gstatic.com
1	www.googletagmanager.com	userscloud.com
1	static.cloudflareinsights.com	userscloud.com
66	16

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
mentxviewsinte.info Amazon RSA 2048 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-21`	2 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://userscloud.com/9cserfo00pts
Frame ID: F358BDC9177FB666EF5DF4CD8936695A
Requests: 35 HTTP requests in this frame

Frame: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true
Frame ID: 92F50D6019E4CD3FC76174F82B25C934
Requests: 20 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__
Frame ID: 9A6D249F7F4360E7D63697B4C9ADB5E2
Requests: 6 HTTP requests in this frame

Frame: https://mentxviewsinte.info/REs0dzQlKVcaCyV2VlFBNicJUgYCbgYxUHZyWQ9RMyddE1IuLAVZVygkQRNSNiRaAxoqLkBSBgIbV0UMdxFOEGUFDV81djMocyIFKwRlRgwBHUMPYgYeZT5iIwVnL3cKeno2ARUCBj4FAB1iJGMoHlYjZQkNZUdYJglYLmERI3E0YiwJZzVfAhFyAAQPHkxDfAx6Uzp2FixSL0MWKnwmZhUJXwNiAyduFmIWPGIvUzAecRxbAgJlRlAcM34hdwI4bS9TKCh8NVwBGlMHcAUeejR3LwVRNQQvAmIbTHUaUwdwAw0APXAvL381dxEvZSENFB5lD1UXLBkhbBMaeRFjMwFkMVN1KHAcTBMTbDFnB3tmNXYCDlAmYnwtcDF1DApYA3cHIXY8dhIvYTBTFhhlEEQACHI+cREzTDBxKB59MnUgDXcxYRMYUyJcBQ5ENXZ0IHkmcicEZyYNBhhTIWwXM309YiwdZiFYdTNhEEABGmUlZgwsbiR2I21eBFsqOwkccAkMVRBwHg1WFQEm
Frame ID: 557E0FCFC368C557EB4C017E59731FD9
Requests: 2 HTTP requests in this frame

Frame: https://mentxviewsinte.info/WFQ4NEM5NltZfDlpWhI2KjgFEXEecQpyJ2ptVUwmLzhRUCUyMwkaIDQ7TVAlKjtWQG02MUwRcR4Rb196MwBUfXYRFVdbIQtgVXULFjhZWicNMQp2exIGW1wTGyRBeBI/NX5TKwoWT1sIOQZ5BA01MB0GBQk9cU4NGzxiVQc7ZHRyL31mflAHKyZ6Wg01MnxHFhEAVFoJGgVVeRc/PHxNKCIfb18RFGYABwoaYFZkKQEhaWw0DTYKchY5ZnpFGSAZVmQHbDN9TnJrNXAMCBc6XFslaQIdBgE+E0hFFS8sC1ULYAByTjsrMQhyeh0cAQ0VHA5TVi4CFl5zCm8EQBkSMRpBBDIaPW0DDzUkb3cEPCRdcTNhDnANeg4TYQEOMidyfS08O3xxBWANUm0uHC1MByIQbHx/OR0scXFyKg1/WzAcEE8NDSEkelIBCj1cXzN9ZnpSBG1sYHwnYDZgBQE+E3FEDz8dTn0HFiVuUys2NWBcCD4DagwMNDgdBgV+PktbLShpcXILFBMNfRsI
Frame ID: 36F2200F3DD3231129F3B41E9B395423
Requests: 2 HTTP requests in this frame

Frame: https://mentxviewsinte.info/WE1rb0c5LwgCeDlwCUkyKiFWSnUeaFkpI2p0BhciLyECCyEyKlpBJDQiHgshKiIFG2k2KB9KdR4dOgIjER4tIi8bDjIaJRwUJCMPDj8IXgEgK1ktLBwZGAEXDAcKJyBgJCk8fyEGASYBGQpfVwwLFwoKAGxoWSkOLyYdCx8NIyg8M2kUBj4AFA4bGiMzCFMgAy89PAYKbAISKgESJCZfDiAfHj8TEmhZKQQxLhIgLmwBIDh2MA8tJSo9BTEYEWoMTl0BFyQcKw0idQw1dg55IQYjNhszB3IBfxM3JQA+OTV2Dnk7FSgrGDMXMwEMKSwiNioZCwEWJQk4ASEPAUIgbB0SDBYUHgRbDCADHwovDn49J341FCM9BD0jA1gMCXVTJRNhIz0+MywUMyYLER4mXR1pG18jPQElLywjMCkFLR8TNCoHCwkiHw0QHQgzXAE1FFkXEz1+KR4lHg9dDRAeNC0sLC0AAS4IOhUEOSNpH05dAQIgKV8WDHxaNiB+JxgAKShwPSg2HwURDSYfKg
Frame ID: 7F7F10038B24B2770BE58EBD7D448A22
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Userscloud

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

92 %
HTTPS

81 %
IPv6

13
Domains

16
Subdomains

17
IPs

3
Countries

1604 kB
Transfer

4101 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHf2GgfSYvAwugt8DlV_vQLv7lr9ew7cijfbFIhqolW0ug_C6SRjgNk4ALWvBe6YIgSKxHZtnw HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-620255003%3A1678772447674214&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeFuD8vCbom97CxnWSmAUQiXWG55c80qO5PUJuzUYlr_7mOJ_ykLx3pgxdm3eNMe20SaSQpbQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 48

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHcrWOImP1sUh93xaFHx-DL_8x_ODdcuUDGGO-om5lnE7ffwxVA8HLz2AXpC1s6AuaSf295m-w HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S1090959642%3A1678772447668656&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHc4EsadyzQNUpYVbUS6ZlrshgI_BGUi1JBRyS9vkvDDcWwnVx5SpSbbcVt3BFK9_3RjT7FO7g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 9cserfo00pts Show response
userscloud.com/ 467 KB
103 KB 747ms
719ms Document
text/html 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/9cserfo00pts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85348343b81e882d1d28cf95b8a36eae57f9a5a0123e281b5bcf344019f06baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7a2f049fd8401a-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 14 Mar 2023 05:40:45 GMT
expires: Mon, 13 Mar 2023 05:40:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3q6EVh7QvcYHf33D6hppZnB7vJblo8RiiqcoSBdNTN5QRoi7HXlbomAB%2BPyG3VLQU8P%2F1uQ40zB%2BzwTfcZwk3v6zOBqsq6e021uh9zEtu4YTtxSWEUT2P80H8suQ5Qw4%2FNoYL7KDFPvITbnbow%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 font-awesome.min.css
userscloud.com/uc/vendor/ 23 KB
6 KB 18ms
17ms Stylesheet
text/css 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/9cserfo00pts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1068754
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:50:50 GMT
server: cloudflare
etag: W/"5ff0965a-5c79"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BavhA0aDb%2FdDAufVH0QDbvnIsnDEL7q8QRifkCSH%2FeiYBzRnXhSyvl%2BxK36YqxClYjA2oNE4DTHJxFVUkvfslGfRjyn65Csu7mr8MVweKV%2FUhABQ%2BCTYKAZbHUrSspAnZPt30NbSBv964yQ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7a7a2f092c55401a-SIN
access-control-allow-headers: X-Requested-With
expires: Fri, 31 Mar 2023 20:48:12 GMT

GET
H2 200 bootstrap.css
userscloud.com/css/vendor/ 110 KB
20 KB 18ms
17ms Stylesheet
text/css 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/vendor/bootstrap.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/9cserfo00pts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1068674
cf-polished: origSize=113031
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:12:22 GMT
server: cloudflare
etag: W/"591db9d6-1b987"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SVaEJHkE7oyBUClCbLW4XbbyXQvmJDAZ56%2B%2BH6zQdGp7EA6qcbEAxhYMCw8RlrMNmRPMzeEEc3caqekJEejkeLdPBcVnctHetBcJYp%2F2Kz1jpzurWas1cBBywJOCrgCCmRaJlHbb1Rvl8fZHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7a7a2f092c57401a-SIN
access-control-allow-headers: X-Requested-With
expires: Fri, 31 Mar 2023 20:49:32 GMT

GET
H2 200 essentials.css
userscloud.com/css/app/ 46 KB
8 KB 17ms
16ms Stylesheet
text/css 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/essentials.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/9cserfo00pts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1068674
cf-polished: origSize=47095
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:13:10 GMT
server: cloudflare
etag: W/"591dba06-b7f7"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCLz1rDy5%2FnhrFRUo%2F%2F7VGX7ceGt3ziGHYuPyeGzf98en1o7jUq3fK6v7nsY59J1B0Tzm%2FCG7igbhczIUN2nu8g5zP26B2%2F8fkXP7dRIGC3%2FE2WvjKpbKZyY9kC5HBJOI5ezf3lL42Q5otykhg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7a7a2f092c58401a-SIN
access-control-allow-headers: X-Requested-With
expires: Fri, 31 Mar 2023 20:49:32 GMT

GET
H2 200 layout.min.css
userscloud.com/css/app/ 6 KB
2 KB 16ms
15ms Stylesheet
text/css 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/layout.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/9cserfo00pts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1068755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:52:04 GMT
server: cloudflare
etag: W/"5ff096a4-17d9"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyR2KtqGvunkb19neKfCNZ3ZVkpqshluPsJQzyPzBLtTrpv7kNKwDcmYt%2BKsuNkLKgelY1aaszdcoaDmN4w0GSu9%2Fg7pFos9u%2FDsQjsCZD9OGvLq2xrODRazlSGAH6txlsbnFHxIOCzMu65tiw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7a7a2f092c59401a-SIN
access-control-allow-headers: X-Requested-With
expires: Fri, 31 Mar 2023 20:48:11 GMT

GET
H2 200 navbar.css
userscloud.com/css/app/ 21 KB
4 KB 19ms
19ms Stylesheet
text/css 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/navbar.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/9cserfo00pts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1068674
cf-polished: origSize=21572
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:14:54 GMT
server: cloudflare
etag: W/"591dba6e-5444"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32wcGKwohv%2BL9MYTkWdrJpjFeTBPhnnEQgL0AttmwH1YG2O4KAUXcC3cec7Hu13B7N1DNapk5TK6bXax49ambkAVrGbNljcUxE6O9Qn5XGx2Z%2FCO4XS%2FMUaLajhNOgs9WofH3fBXFEf%2F8n5nIw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7a7a2f092c5a401a-SIN
access-control-allow-headers: X-Requested-With
expires: Fri, 31 Mar 2023 20:49:32 GMT

GET
H2 200 gview Show response
docs.google.com/ Frame 92F5 9 KB
4 KB 818ms
785ms Document
text/html 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true

Requested by

Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9cecbc6fb1d1c36a55feeac5b3b49467b6d880dbf8d79767f80179b6e494757a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N1BBs_0NW1lZYTU3wBZemw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-N1BBs_0NW1lZYTU3wBZemw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
date: Tue, 14 Mar 2023 05:40:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 logo_s.jpg
userscloud.com/images/ 2 KB
2 KB 13ms
12ms Image
image/jpeg 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://userscloud.com/images/logo_s.jpg
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/9cserfo00pts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 901965
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1624
last-modified: Thu, 17 Dec 2020 16:14:49 GMT
server: cloudflare
etag: "5fdb83f9-658"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqx9fb%2Bct76MLjJLc6vHqdGqYWQxDs9WCuZpAhiAJpM9DXoUxS5%2FygThrOhwd6nxh2c17Ch%2B0pjAUFaBDXcMsof%2B81MCeUE15e1JWnWoKUpWHJv4RViVjUaAcixcpynmoE%2Brlvn%2BhkNVRms13Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a7a2f0c39663e53-SIN
access-control-allow-headers: X-Requested-With
priority: u=3,i
expires: Sun, 02 Apr 2023 19:08:01 GMT

GET
H3 200 rocket-loader.min.js Show response
userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 7ms
6ms Script
application/javascript 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/9cserfo00pts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 22:56:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6407c11e-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzxtU%2BgqTV5fUde7X13SLCC5XAiX%2FhgYwGRVcONWgl0ziVwPZRv1aZBIMhsslVeKyP0Umg3fh%2BSMtJNmnpRUgsgZhmosDO9mfwxPvo2rQtTCRATNugAB6fK1oLyXLEKXF%2B%2FB%2BmJyzP4ay1FT2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7a7a2f0c39673e53-SIN
expires: Thu, 16 Mar 2023 05:40:46 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 60ms
49ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://userscloud.com/
Origin: https://userscloud.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:46 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7a7a2f0c48b86bc7-SIN

GET
H3 200 fontawesome-webfont.woff2
userscloud.com/uc/fonts/ 55 KB
56 KB 12ms
12ms Font
font/woff2 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: userscloud.com
URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://userscloud.com/uc/vendor/font-awesome.min.css
Origin: https://userscloud.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 901963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56780
last-modified: Mon, 14 Dec 2020 20:14:38 GMT
server: cloudflare
etag: "5fd7c7ae-ddcc"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXbXyHK7uq8WaMBzJGk4fYO86n4dNv4kEsWHIJPzfTDLOYhnsDhe3BmHsNFv7vW8Verhkc44%2FId6NBXtFRxCECD%2Bi6Js9%2FmoIFQmjN6Vm7gfpkKsdBuiXtHZprA5aqpsFnqgwh3OopqLab5BAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a7a2f0c396c3e53-SIN
access-control-allow-headers: X-Requested-With
priority: u=0,i=?0
expires: Sun, 02 Apr 2023 19:08:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 27ms
14ms Script
application/javascript 2404:6800:4003:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-70768172-1

Requested by

Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ddc8347da53d2047316650a6a5e878b91ffdbf27dc655c7a5a5bd23252ebf972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44755
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Mar 2023 05:40:46 GMT

GET
H3 200 bootstrap.js Show response
userscloud.com/ 35 KB
10 KB 11ms
11ms Script
application/javascript 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/bootstrap.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/9cserfo00pts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6454
cf-polished: origSize=35778
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 26 Dec 2020 13:26:43 GMT
server: cloudflare
etag: W/"8bc2-5b75dfde473c8-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xm4WDhhRS0ji8jr%2FUtfA6K4oWQyXRtEVhFHiZcC58s3JrNLtXK5bUSoaCkz%2FoSQ3Nu1YXitAzq%2BRktYeeBc%2F3zc5OBAT09Vevm3vHjxmgWjTAaWX8xrsogrOrkE1D5Jw7vxN%2BuEWaO7%2Bv%2BPflQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=259200
cf-ray: 7a7a2f0c69a23e53-SIN
access-control-allow-headers: X-Requested-With
priority: u=1,i=?0

GET
H3 200 jquery.min.js Show response
userscloud.com/assets/library/jquery/ 91 KB
34 KB 28ms
28ms Script
application/javascript 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/library/jquery/jquery.min.js?v=v2.0.0-rc8&sv=v0.0.1.2
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/9cserfo00pts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 901967
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 May 2014 12:12:31 GMT
server: cloudflare
etag: W/"5381de2f-16b88"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJCululfjUq%2FuCNuA7oD%2F%2Fy760SJGOXfhjwIe6gPOc%2FngNRzspimkUOudXYmzp9ny5%2Fmnowne9qQD7HODGWYLLuSvav9k2OwvgkwP0P56yvxAaDFJaQ7V6%2FfO9%2F%2FNNpc55luyvK%2Fzmgj6yk8VA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7a7a2f0c69a53e53-SIN
access-control-allow-headers: X-Requested-With
priority: u=1,i=?0
expires: Sun, 02 Apr 2023 19:08:00 GMT

GET
H2 200 rs=AC2dHMLeEShvqFulC8Ckcp5BZSaOUy3E1A
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.cw2pc5xJ8DQ.L.W.O/d=0/ Frame 92F5 334 KB
42 KB 17ms
6ms Stylesheet
text/css 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.cw2pc5xJ8DQ.L.W.O/d=0/rs=AC2dHMLeEShvqFulC8Ckcp5BZSaOUy3E1A

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14d7bbe90573d7b3f0baa84288dfc1b4719cc37c8d33ec00f5909ba21a8bebc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 10:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42558
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 02:05:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 10:37:11 GMT

GET
H2 200 thumb
docs.google.com/viewerng/ Frame 92F5 70 KB
70 KB 265ms
265ms Image
image/png 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.google.com/viewerng/thumb?ds=AON1mFzaFYYvY_Qd2P_GqWy_yhjHsHq2JyMjCja2Vq6QqmXKXQRwdqzj4958QQee5zs36y4Vdss3Sd3BXZF6Wdlsf23fdyPyqL2aGc666qeVIySa9aCRLPJk05XtOpgMEB2S06N7g3mO-pBYIyfh8IPXaX0Lb4Hf_waZIBoh3tlnrU07w6X8A_IMEj-0vR0SexJfEPQCgu_-qc_3IaSToqBg67-udegbRo1LyddfimIdI5jANk72AOxDLdrBNLRmYf-qB5b_2z-BwoA7nowcoSd1qAqBr1hDfdZbb_MW-m2Ip8ncOFLcBp3iyFUalf4-mur--BUTO65wUYvFElaxb3IZMYSIfEFHDSViKpIS4Mjcd2KQEhE3llE%3D&ck=lantern&authuser&w=800&webp=true&p=proj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2f4ac35fe84b266b1fc2633b9c152e3b86d4afd003303bd305a0af9a8c3dadf9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aYmsqh3B5mzWpH1zNgrAGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:47 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-aYmsqh3B5mzWpH1zNgrAGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Tue, 14 Mar 2023 05:40:47 GMT

GET
H2 200 m=main Show response
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/ Frame 92F5 1 MB
436 KB 20ms
10ms Script
text/javascript 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/m=main

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271faa66d427e1be15e1e655763bd1c279ca6d749aa96dbc0e713d86bb60da56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 00:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 445795
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 02:03:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Mar 2024 00:21:33 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ Frame 92F5 17 KB
7 KB 23ms
6ms Script
text/javascript 2404:6800:4003:c04::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed05ba9ca2ac4e8ed909410a8686b8e4f06da34644ef77a267f851c517a24617

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Mar 2023 05:40:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "f8b323e21c2bb48a"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 05:40:46 GMT

POST
H2 404 cspreport
docs.google.com/ Frame 92F5 141 B
558 B 241ms
240ms Other
text/html 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/cspreport

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IBSJC7JiOoo3sCkG_0o7Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: script-src 'report-sample' 'nonce-IBSJC7JiOoo3sCkG_0o7Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Mar 2023 05:40:47 GMT
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Tue, 14 Mar 2023 05:40:47 GMT

POST
H2 404 cspreport
docs.google.com/ Frame 92F5 141 B
345 B 241ms
241ms Other
text/html 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/cspreport

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rwvj3QaLUeg5kltPQaMwaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: script-src 'report-sample' 'nonce-Rwvj3QaLUeg5kltPQaMwaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Mar 2023 05:40:47 GMT
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Tue, 14 Mar 2023 05:40:47 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/ Frame 92F5 315 KB
108 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c04::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cebdb5bf570a8a687478359f01b1d07f6ee56c7fd55c28d8090743d5583b49e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 22:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109898
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 22:00:12 GMT

GET
H2 200 v-sprite49.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 92F5 111 KB
48 KB 22ms
5ms Image
image/svg+xml 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite49.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.cw2pc5xJ8DQ.L.W.O/d=0/rs=AC2dHMLeEShvqFulC8Ckcp5BZSaOUy3E1A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6f297b877fae9ac87f177ad1fdcb9d0ea41624dc87f7a81a7ab80ab7efd8975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 12:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 407429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48304
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Fri, 08 Mar 2024 12:30:18 GMT

GET
H3 200 meta Show response
docs.google.com/viewerng/ Frame 92F5 36 B
85 B 231ms
231ms XHR
application/json 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/meta?id=ACFrOgBKjkx8kN2TpgXr5eUcwyXbZ0vwN6dIx3ihsUsDt_eplQSAN7FSjhwa48ONBj9caVJBRFrzScvDGA93OjOkftVFH-p7xb5SOSOxRmPmMf2om0iB1pIKTfUxmCnisnsSkAQ_U2Vupg2s9tnX

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0f8f1450692b2d86b59dfaa4daa59eb589f12d0075b355d019de82ce5cce0011

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LP3lQGm78xmQShmnod0-6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-LP3lQGm78xmQShmnod0-6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame 9A6D 382 B
1 KB 26ms
5ms Document
text/html 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e42b326cde2ef1e1988fed5c5a02912554e70b80ac0223e54b3b1612c7850aa1

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-gm3Qm2d9jNQMU3gL3Qs_nw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 273
content-security-policy: script-src 'nonce-gm3Qm2d9jNQMU3gL3Qs_nw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Mar 2023 05:40:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 17 Jul 2020 22:45:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 apiserving
csp.withgoogle.com/csp/ Frame 9A6D 0
0 23ms
12ms Other
text/html 2404:6800:4003:c02::8d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/apiserving
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c02::8d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://content.googleapis.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame 9A6D 17 KB
7 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c04::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8abad0c95d453a9cb7a8d94199db57035bac3bef9da7e772092f31fe3ec083b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Mar 2023 05:40:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "2dec8214aa3ffcf8"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 05:40:47 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/ Frame 9A6D 70 KB
25 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c04::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0cd8a36a51dfa01d044cf17b7597eedde6e8a74d563be3f3fd1cb97efab482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 03:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25326
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Mar 2024 03:53:59 GMT

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 9A6D 0
181 B 235ms
235ms XHR
text/html 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:47 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 92F5 70 KB
70 KB 300ms
300ms XHR
image/png 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/img?id=ACFrOgBKjkx8kN2TpgXr5eUcwyXbZ0vwN6dIx3ihsUsDt_eplQSAN7FSjhwa48ONBj9caVJBRFrzScvDGA93OjOkftVFH-p7xb5SOSOxRmPmMf2om0iB1pIKTfUxmCnisnsSkAQ_U2Vupg2s9tnX&page=0&w=800&webp=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2f4ac35fe84b266b1fc2633b9c152e3b86d4afd003303bd305a0af9a8c3dadf9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Fmrco9fod9LJqoW7kbF9-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:47 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-Fmrco9fod9LJqoW7kbF9-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 92F5 9 KB
3 KB 273ms
273ms XHR
application/json 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/presspage?id=ACFrOgBKjkx8kN2TpgXr5eUcwyXbZ0vwN6dIx3ihsUsDt_eplQSAN7FSjhwa48ONBj9caVJBRFrzScvDGA93OjOkftVFH-p7xb5SOSOxRmPmMf2om0iB1pIKTfUxmCnisnsSkAQ_U2Vupg2s9tnX&page=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9492463bbdab0dedd92119de7ae00a09ffe7a68bf52c2589c2c181de3d3e827a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z1OaJOEehsGTt4S6BcxBmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-z1OaJOEehsGTt4S6BcxBmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 92F5 72 KB
72 KB 262ms
262ms XHR
image/png 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1f3438a81c45c16690a8d1bedddcd31459cfb8c9d8a375a72f9b0d76c767f5e1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xU2YKxFFV687sPceYLJruw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:47 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-xU2YKxFFV687sPceYLJruw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 92F5 10 KB
3 KB 268ms
268ms XHR
application/json 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

772bd856da656a1ee63ce9a4fad1de4c3a603988bc82cc60c7cfa42f2aa9eb9f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2CZO-nyCTAlQ80P57tYlvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-2CZO-nyCTAlQ80P57tYlvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 92F5 70 KB
70 KB 263ms
263ms XHR
image/png 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

57472329f177e0dd496809c7fa4cbe620003dc96d7ecff7c4945d15b3e1641c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-17hRA63V219Tfj68tHsSsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:47 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-17hRA63V219Tfj68tHsSsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 92F5 10 KB
3 KB 266ms
266ms XHR
application/json 2404:6800:4003:c11::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e0f70d7157b009dbf05b4fb88595fb5d711416efeb4138b9282248e548afe815

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cZFBQtaxqlijuJLyB-tA8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-cZFBQtaxqlijuJLyB-tA8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 28ms
9ms Fetch
binary/octet-stream 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 14 Mar 2023 03:51:09 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zaq0q1cXTKolt%2FyH6RG6QUMLg5wbl2jIrcj7IqftTPbdXomwLt8qQmXx%2Bu8BGK8VG9MsMwXwmnW0snt2UlVIlWqeaFiUC9jwYUTI9IoffMHtqpAkjZiC%2BuzQ0sHXpZyv"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7a7a2f14df0a4a83-SIN
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
366 B 284ms
265ms Fetch
text/plain 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b02f81f462a72d98328153952f7a149af8b9b15afed5c2a6023c41bba6699d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVZb5EXxD81t02FQPfT%2FJav8WvjziaLM5plUSsTMhZg2Q6fmvSYLLbZ85sgUtebLMnvynqDrUUscEhbJD%2F0juVyw29ASVJ56oie%2BoGwRmXf9UIqArLGJcX7NT2b5nLtw"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7a7a2f14df0b4a83-SIN
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
mentxviewsinte.info/ 0
489 B 241ms
223ms XHR
text/plain 54.192.150.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsinte.info/utx?cb=GOypNxPVvbjL&top=userscloud.com&tid=600304
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-90.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:47 GMT
via: 1.1 4642e61e7cbb0e6314e66efe50b70646.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: q4NPbalR9SHhOmrz57lA8IiJW5_-HHOtyXJD8PHo2K-u3HtkwRP13A==

GET
H2 200 REs0dzQlKVcaCyV2VlFBNicJUgYCbgYxUHZyWQ9RMyddE1IuLAVZVygkQRNSNiRaAxoqLkBSBgIbV0UMdxFOEGUFDV81djMocyIFKwRlRgwBHUMPYgYeZT5iIwVnL3cKeno2ARUCBj4FAB1iJGMoHlYjZQkNZUdYJglYLmERI3E0YiwJZzVfAhFyAAQPHkxDfAx6U... Show response
mentxviewsinte.info/ Frame 557E 3 KB
2 KB 213ms
213ms Document
text/html 54.192.150.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsinte.info/REs0dzQlKVcaCyV2VlFBNicJUgYCbgYxUHZyWQ9RMyddE1IuLAVZVygkQRNSNiRaAxoqLkBSBgIbV0UMdxFOEGUFDV81djMocyIFKwRlRgwBHUMPYgYeZT5iIwVnL3cKeno2ARUCBj4FAB1iJGMoHlYjZQkNZUdYJglYLmERI3E0YiwJZzVfAhFyAAQPHkxDfAx6Uzp2FixSL0MWKnwmZhUJXwNiAyduFmIWPGIvUzAecRxbAgJlRlAcM34hdwI4bS9TKCh8NVwBGlMHcAUeejR3LwVRNQQvAmIbTHUaUwdwAw0APXAvL381dxEvZSENFB5lD1UXLBkhbBMaeRFjMwFkMVN1KHAcTBMTbDFnB3tmNXYCDlAmYnwtcDF1DApYA3cHIXY8dhIvYTBTFhhlEEQACHI+cREzTDBxKB59MnUgDXcxYRMYUyJcBQ5ENXZ0IHkmcicEZyYNBhhTIWwXM309YiwdZiFYdTNhEEABGmUlZgwsbiR2I21eBFsqOwkccAkMVRBwHg1WFQEm
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-90.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e19efe4b2bfd54d07b79c32ceb73978408570557d10e126d6bb33e9a23f5902a

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1233
content-type: text/html
date: Tue, 14 Mar 2023 05:40:47 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 4642e61e7cbb0e6314e66efe50b70646.cloudfront.net (CloudFront)
x-amz-cf-id: JYfJ_qfwoNYWXHnAuEdFev5rhEAnPdDH6G1gSKBHNHVApANcLEdIsw==
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 10ms
9ms Fetch
binary/octet-stream 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 14 Mar 2023 03:51:09 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sygDrnIdAJUbyInYF18Jgjto%2BAd0Zybunm7ZD9eaMOV4nwTQdxga%2FNwrPRMSgm1Hj7b2x1WN8ddO6n2Jv%2FM66mv%2BGi8YbdEylZj4Jxq7PaFl2V%2Fu8fn%2Bc1AnwnX1OUxv"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7a7a2f14ff1a4a83-SIN
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
350 B 268ms
267ms Fetch
text/plain 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba7317e9e2b4216a5392feb1d9b0952e0120b8e31ec2e77df1cb185c9bf26901

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2NPkeJFNMXKb1BwtBdSP%2BQA9m5VZWW6MuTiQ7euwWyPBwREEu3Rr98O5YyRDTNI%2FFjcbSRNGvxL31sN0BUqy5sfSHLiHSyemsWnG3pdYTpewFchulE0qAlQNWRjGJAh"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7a7a2f14ff1c4a83-SIN
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
mentxviewsinte.info/ 0
488 B 216ms
216ms XHR
text/plain 54.192.150.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsinte.info/utx?cb=rSAt7QT3Ubke&top=userscloud.com&tid=708052
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-90.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:47 GMT
via: 1.1 4642e61e7cbb0e6314e66efe50b70646.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: dCrO3DgUzrAsECCl-kLdjI0I6Ne_xiRK3FAbCALjz9s_mvkUB3Hq-g==

GET
H2 200 WzAcEE8NDSEkelIBCj1cXzN9ZnpSBG1sYHwnYDZgBQE+E3FEDz8dTn0HFiVuUys2NWBcCD4DagwMNDgdBgV+PktbLShpcXILFBMNfRsI Show response
mentxviewsinte.info/WFQ4NEM5NltZfDlpWhI2KjgFEXEecQpyJ2ptVUwmLzhRUCUyMwkaIDQ7TVAlKjtWQG02MUwRcR4Rb196MwBUfXYRFVdbIQtgVXULFjhZWicNMQp2exIGW1wTGyRBeBI/NX5TKwoWT1sIOQZ5BA01MB0GBQk9cU4NGzxiVQc7ZHRyL31mf... Frame 36F2 3 KB
2 KB 219ms
218ms Document
text/html 54.192.150.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsinte.info/WFQ4NEM5NltZfDlpWhI2KjgFEXEecQpyJ2ptVUwmLzhRUCUyMwkaIDQ7TVAlKjtWQG02MUwRcR4Rb196MwBUfXYRFVdbIQtgVXULFjhZWicNMQp2exIGW1wTGyRBeBI/NX5TKwoWT1sIOQZ5BA01MB0GBQk9cU4NGzxiVQc7ZHRyL31mflAHKyZ6Wg01MnxHFhEAVFoJGgVVeRc/PHxNKCIfb18RFGYABwoaYFZkKQEhaWw0DTYKchY5ZnpFGSAZVmQHbDN9TnJrNXAMCBc6XFslaQIdBgE+E0hFFS8sC1ULYAByTjsrMQhyeh0cAQ0VHA5TVi4CFl5zCm8EQBkSMRpBBDIaPW0DDzUkb3cEPCRdcTNhDnANeg4TYQEOMidyfS08O3xxBWANUm0uHC1MByIQbHx/OR0scXFyKg1/WzAcEE8NDSEkelIBCj1cXzN9ZnpSBG1sYHwnYDZgBQE+E3FEDz8dTn0HFiVuUys2NWBcCD4DagwMNDgdBgV+PktbLShpcXILFBMNfRsI
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-90.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 785c773544e5c8dd943044f3bac5d890386506e95d3e6d67bb176e36b8895bce

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1229
content-type: text/html
date: Tue, 14 Mar 2023 05:40:47 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 4642e61e7cbb0e6314e66efe50b70646.cloudfront.net (CloudFront)
x-amz-cf-id: WRmvoRJDzfWY3sEBX-PT4GCMb7Dl_DgB9OERo1fKUVBf9mWngod0gw==
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront

GET
H3 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 10ms
10ms Fetch
binary/octet-stream 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 14 Mar 2023 05:18:41 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bca9VABjbRF0%2BB0lWdGjWEPW8voaoX5rlLdkHZ%2FsqWGYziMlS%2FGGc7DwdxJEL6casUFe3euAAc1NnNZOfXaUcuB1N1ks7iIagL4NlNkle5jYXcix20OHdPM%2Fc5taIQo%2F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7a7a2f151a9b8950-SIN
access-control-allow-headers: X-Requested-With, content-type

GET
H3 200 / Show response
pogothere.xyz/ 27 B
538 B 270ms
270ms Fetch
text/plain 172.64.173.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a1f0f345d51af97e6095df97000829fb40442443167435f33de5bd09d175d52

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ba2viH9t97ghGMlWipOJXpRx7iO9fZYcvGPPBpxd96IxI6ivfS%2FKAxS%2FQ4mhfl7PRocEu3uRoIrvChiAfQyTGA34EZC5ZgEjq%2FCA9e1T94t0E%2FnArUMFf412DFethUHy"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7a7a2f151a9c8950-SIN
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
mentxviewsinte.info/ 0
488 B 221ms
221ms XHR
text/plain 54.192.150.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsinte.info/utx?cb=yVUCS8iRqxwq&top=userscloud.com&tid=816973
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-90.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:47 GMT
via: 1.1 4642e61e7cbb0e6314e66efe50b70646.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: rSMoTIwygKwdUiCWnT1zD83sKmbg94ra9VcHvqZmvnxznqOnRjT5hQ==

GET
H2 200 WE1rb0c5LwgCeDlwCUkyKiFWSnUeaFkpI2p0BhciLyECCyEyKlpBJDQiHgshKiIFG2k2KB9KdR4dOgIjER4tIi8bDjIaJRwUJCMPDj8IXgEgK1ktLBwZGAEXDAcKJyBgJCk8fyEGASYBGQpfVwwLFwoKAGxoWSkOLyYdCx8NIyg8M2kUBj4AFA4bGiMzCFMgAy89P... Show response
mentxviewsinte.info/ Frame 7F7F 3 KB
2 KB 445ms
445ms Document
text/html 54.192.150.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsinte.info/WE1rb0c5LwgCeDlwCUkyKiFWSnUeaFkpI2p0BhciLyECCyEyKlpBJDQiHgshKiIFG2k2KB9KdR4dOgIjER4tIi8bDjIaJRwUJCMPDj8IXgEgK1ktLBwZGAEXDAcKJyBgJCk8fyEGASYBGQpfVwwLFwoKAGxoWSkOLyYdCx8NIyg8M2kUBj4AFA4bGiMzCFMgAy89PAYKbAISKgESJCZfDiAfHj8TEmhZKQQxLhIgLmwBIDh2MA8tJSo9BTEYEWoMTl0BFyQcKw0idQw1dg55IQYjNhszB3IBfxM3JQA+OTV2Dnk7FSgrGDMXMwEMKSwiNioZCwEWJQk4ASEPAUIgbB0SDBYUHgRbDCADHwovDn49J341FCM9BD0jA1gMCXVTJRNhIz0+MywUMyYLER4mXR1pG18jPQElLywjMCkFLR8TNCoHCwkiHw0QHQgzXAE1FFkXEz1+KR4lHg9dDRAeNC0sLC0AAS4IOhUEOSNpH05dAQIgKV8WDHxaNiB+JxgAKShwPSg2HwURDSYfKg
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-90.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: fe2c60ad1a1cd65b1868c1b6e0b7a0c12dc7d7bb265de44dd397236bd193f9b7

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1231
content-type: text/html
date: Tue, 14 Mar 2023 05:40:47 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 4642e61e7cbb0e6314e66efe50b70646.cloudfront.net (CloudFront)
x-amz-cf-id: jERQ6YzhkgWHi07NJqi3VMtbCKaR3FOFB5cbfrgjLHMTFsRFLa7hFw==
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront

GET
H2 204 dThRczJaBzIADydvAwNhLWorJWQ3HWMxYBtuBSZ6TH41NXwTXQQEFAFRNU4ERQhiQwZTSDgXD0QeIgdTAU0iTgNTUT8VXUgeJ04DWwtlXQFHFmBVR0gJdwdCFF9sQhQFTCUfD0QOZksFQgplRwVBAGM
esorandhewa.com/ 0
244 B 552ms
526ms Image
text/plain 104.21.15.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esorandhewa.com/dThRczJaBzIADydvAwNhLWorJWQ3HWMxYBtuBSZ6TH41NXwTXQQEFAFRNU4ERQhiQwZTSDgXD0QeIgdTAU0iTgNTUT8VXUgeJ04DWwtlXQFHFmBVR0gJdwdCFF9sQhQFTCUfD0QOZksFQgplRwVBAGM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29%2FwaG7oM7DDqsLynkS45H3gZmO5d532f9ZwMXNGdddBcVZoTT74ShMTdle3SpwvpSdEFLzg1gUBw7XHWpFvVV0Cr7a8xney%2FfYLdAd3f8btE9WcDYTaLgtwKjpG5mIUN9U%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7a7a2f155a8801bc-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 287ms
271ms Image
text/html 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHf2GgfSYvAwugt8DlV_vQLv7lr9ew7cijfbFIhqolW0ug_C6SRjgNk4ALW...
https://accounts.google.com/v3/signin/identifier?dsh=S-620255003%3A1678772447674214&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeFuD8vCbom97CxnWSmAUQiXWG55c80qO5PUJuzUYlr_7...

0
0

21ms
21ms

Image
text/html

2404:6800:4003:c00::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-620255003%3A1678772447674214&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeFuD8vCbom97CxnWSmAUQiXWG55c80qO5PUJuzUYlr_7mOJ_ykLx3pgxdm3eNMe20SaSQpbQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Protocol: H3
Server: 2404:6800:4003:c00::54 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 14 Mar 2023 05:40:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-qTBvN-GYy9c7Fm0RCUgUgA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 396
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-620255003%3A1678772447674214&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeFuD8vCbom97CxnWSmAUQiXWG55c80qO5PUJuzUYlr_7mOJ_ykLx3pgxdm3eNMe20SaSQpbQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHcrWOImP1sUh93xaFHx-DL_8x_ODdcuUDGGO-om5lnE7ffwxVA8HLz...
https://accounts.google.com/v3/signin/identifier?dsh=S1090959642%3A1678772447668656&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHc4EsadyzQNUpYVbUS6ZlrshgI_BGUi1JBRyS9vkvDDc...

0
0

20ms
19ms

Image
text/html

2404:6800:4003:c00::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S1090959642%3A1678772447668656&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHc4EsadyzQNUpYVbUS6ZlrshgI_BGUi1JBRyS9vkvDDcWwnVx5SpSbbcVt3BFK9_3RjT7FO7g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Protocol: H3
Server: 2404:6800:4003:c00::54 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 14 Mar 2023 05:40:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PJsA02x4R--DM3NCz1QsdA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 399
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S1090959642%3A1678772447668656&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHc4EsadyzQNUpYVbUS6ZlrshgI_BGUi1JBRyS9vkvDDcWwnVx5SpSbbcVt3BFK9_3RjT7FO7g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 bSR2OChaBR4eI1BfD1pyBFcKTDpdBgVYcxIRTAs+QREFW2xdDF4FdxIUBVtkBEwOWmQGRE1XexIWSAstCVMeGj5ADgVbfANaD114AFYPX3sB
esorandhewa.com/NGI4akobXVsZd2EPfgIdXyRVP3t+CF09AGw0Clt/ 0
412 B 283ms
258ms Image
text/plain 104.21.15.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esorandhewa.com/NGI4akobXVsZd2EPfgIdXyRVP3t+CF09AGw0Clt/bSR2OChaBR4eI1BfD1pyBFcKTDpdBgVYcxIRTAs+QREFW2xdDF4FdxIUBVtkBEwOWmQGRE1XexIWSAstCVMeGj5ADgVbfANaD114AFYPX3sB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbwOp5I6iu89pJv%2BMGQu4rBLM9Vp%2FZ2DoYN7ZG0CEvbX2tRuDqVgGjqAj9OZ6GFcBRx3Ww1BL8gtu9V2CoYs%2F7Y522BGqIoLmwFirEcAEJTPl%2Fgw9W8%2BI1VITFdZx%2BlJ5k8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7a7a2f155a8a01bc-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 ByQbSQpWLwIlPkgUPDIaDxQ+EBtuDzI6Bn0zPRdgX2EcHTQFf1lCaQ90TgQ5XHpaTXZLMwkAJUt6WVI5ViEHSXZOellaYBZxWFpiHjJVRXZMNwkTbQlhGAAkVHpZQmcAcF9GZAxwXUdg
esorandhewa.com/UDhHaHR/ 0
270 B 531ms
507ms Image
text/plain 104.21.15.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esorandhewa.com/UDhHaHR/ByQbSQpWLwIlPkgUPDIaDxQ+EBtuDzI6Bn0zPRdgX2EcHTQFf1lCaQ90TgQ5XHpaTXZLMwkAJUt6WVI5ViEHSXZOellaYBZxWFpiHjJVRXZMNwkTbQlhGAAkVHpZQmcAcF9GZAxwXUdg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFa%2FUduXhAFF1N8AzK6HIJxKoWwSpeAOPNIuKbWXpUYIPykg3bqcEdZSi%2FLAaLJVT9JOOtLDcHX%2FkyA4UuNMF7BG9zGWW%2FnWX0cHS6A9riW2lKc9osdwMvuab8f0A5FDlfE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7a7a2f155a8b01bc-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 rum Show response
userscloud.com/cdn-cgi/ 0
140 B 7ms
7ms XHR
text/plain 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://userscloud.com/9cserfo00pts
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Tue, 14 Mar 2023 05:40:47 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://userscloud.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7a7a2f1549963e53-SIN

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 23ms
5ms Script
text/javascript 2404:6800:4003:c00::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70768172-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Mar 2023 05:02:31 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2296
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 14 Mar 2023 07:02:31 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 6ms
5ms XHR
text/plain 2404:6800:4003:c00::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1889557570&t=pageview&_s=1&dl=https%3A%2F%2Fuserscloud.com%2F9cserfo00pts&ul=en-us&de=UTF-8&dt=Userscloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=135985274&gjid=1710049338&cid=428589063.1678772448&tid=UA-70768172-1&_gid=1212617890.1678772448&_r=1&gtm=457e3360&z=100753971

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://userscloud.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userscloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pc283ZzgQAFkBBwcGU1oOQ18EVwxVBUQIVgNSXCN1NA5QI2I1DVVSWlUbTQMFQ0lbBlYUUhECVhBSBkFZFw0KUx4HH1gMBRgfXwRaHQRQBktVGlZaVRwVXgtUEkoFIQ1dXxJVCFsYXglcHBhEQgpDAUNCCkNeB0kIVlx1QgpDGF4JDkdKBCUdQV9PUQxaSg-VXWQM... Show response
d29mxewlidfjg1.cloudfront.net/ Frame 557E 1 KB
1 KB 212ms
177ms Script
text/plain 2600:9000:2179:ca00:14:df85:4c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29mxewlidfjg1.cloudfront.net/Pc283ZzgQAFkBBwcGU1oOQ18EVwxVBUQIVgNSXCN1NA5QI2I1DVVSWlUbTQMFQ0lbBlYUUhECVhBSBkFZFw0KUx4HH1gMBRgfXwRaHQRQBktVGlZaVRwVXgtUEkoFIQ1dXxJVCFsYXglcHBhEQgpDAUNCCkNeB0kIVlx1QgpDGF4JDkdKBCUdQV9PUQxaSg-VXWQMfWwJPFg1cDkxWXXFSC0RBBFEdQV8fDFAHAltCCjBKBVdUGgRSQgpDCFIEUxxGElUIEAdFCFUWSgUhAEpBB0kMQFcOSQ9BSgVXSxIJVhVRVl1xUgtEQQRRHgZSBg
Requested by: Host: mentxviewsinte.info
URL: https://mentxviewsinte.info/REs0dzQlKVcaCyV2VlFBNicJUgYCbgYxUHZyWQ9RMyddE1IuLAVZVygkQRNSNiRaAxoqLkBSBgIbV0UMdxFOEGUFDV81djMocyIFKwRlRgwBHUMPYgYeZT5iIwVnL3cKeno2ARUCBj4FAB1iJGMoHlYjZQkNZUdYJglYLmERI3E0YiwJZzVfAhFyAAQPHkxDfAx6Uzp2FixSL0MWKnwmZhUJXwNiAyduFmIWPGIvUzAecRxbAgJlRlAcM34hdwI4bS9TKCh8NVwBGlMHcAUeejR3LwVRNQQvAmIbTHUaUwdwAw0APXAvL381dxEvZSENFB5lD1UXLBkhbBMaeRFjMwFkMVN1KHAcTBMTbDFnB3tmNXYCDlAmYnwtcDF1DApYA3cHIXY8dhIvYTBTFhhlEEQACHI+cREzTDBxKB59MnUgDXcxYRMYUyJcBQ5ENXZ0IHkmcicEZyYNBhhTIWwXM309YiwdZiFYdTNhEEABGmUlZgwsbiR2I21eBFsqOwkccAkMVRBwHg1WFQEm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2179:ca00:14:df85:4c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0e802976003cc50fba0f0f54923b938b68afd3470bd65ba9bc8eed96e96a3eb9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mentxviewsinte.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:47 GMT
content-encoding: gzip
via: 1.1 76f1c067670f8b4d1651944d6254925a.cloudfront.net (CloudFront)
x-amz-cf-pop: KUL50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 768
x-amz-cf-id: XagAPs3a2mSfzme1VnI3qWF6UhYWU9UFnLRwpCfETy9fb9smgOBugA==

GET
H2 200 / Show response
d29mxewlidfjg1.cloudfront.net/EWk9kTlI5IAoobS4mAHNlandUe2B8JRchPCpyLQgaFghRBwoKaRA0Nmd/QiIzNChZaDc0LFl/dDsrBnNmfDsUITlnJBQmMTghDykzKWkRL283IB4nPjYuQXwUb2FUa2BqZxMnPD4gEz13aH8KOndof1V+fGpqVwx3aH8TJz... Frame 36F2 589 B
724 B 214ms
199ms Script
text/plain 2600:9000:2179:ca00:14:df85:4c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29mxewlidfjg1.cloudfront.net/EWk9kTlI5IAoobS4mAHNlandUe2B8JRchPCpyLQgaFghRBwoKaRA0Nmd/QiIzNChZaDc0LFl/dDsrBnNmfDsUITlnJBQmMTghDykzKWkRL283IB4nPjYuQXwUb2FUa2BqZxMnPD4gEz13aH8KOndof1V+fGpqVwx3aH8TJzxse0F9EH99VDZkbmZBfGI7Px-QiNy0qBiU7LmpWCGdpeEp9ZH99VGY5MjsJIndoDEF8YjYmDyt3aH8DKzExIE1rYGosDDw9NypBfBRidkp+fG58XHd8bX1BfGIpLgIvIDNqVghnaXhKfWR8Oll/
Requested by: Host: mentxviewsinte.info
URL: https://mentxviewsinte.info/WFQ4NEM5NltZfDlpWhI2KjgFEXEecQpyJ2ptVUwmLzhRUCUyMwkaIDQ7TVAlKjtWQG02MUwRcR4Rb196MwBUfXYRFVdbIQtgVXULFjhZWicNMQp2exIGW1wTGyRBeBI/NX5TKwoWT1sIOQZ5BA01MB0GBQk9cU4NGzxiVQc7ZHRyL31mflAHKyZ6Wg01MnxHFhEAVFoJGgVVeRc/PHxNKCIfb18RFGYABwoaYFZkKQEhaWw0DTYKchY5ZnpFGSAZVmQHbDN9TnJrNXAMCBc6XFslaQIdBgE+E0hFFS8sC1ULYAByTjsrMQhyeh0cAQ0VHA5TVi4CFl5zCm8EQBkSMRpBBDIaPW0DDzUkb3cEPCRdcTNhDnANeg4TYQEOMidyfS08O3xxBWANUm0uHC1MByIQbHx/OR0scXFyKg1/WzAcEE8NDSEkelIBCj1cXzN9ZnpSBG1sYHwnYDZgBQE+E3FEDz8dTn0HFiVuUys2NWBcCD4DagwMNDgdBgV+PktbLShpcXILFBMNfRsI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2179:ca00:14:df85:4c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bd4e956a4d1f264ade0c340599946041b9c46d2bb5394cf48bb9359ee13505b1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mentxviewsinte.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:47 GMT
content-encoding: gzip
via: 1.1 76f1c067670f8b4d1651944d6254925a.cloudfront.net (CloudFront)
x-amz-cf-pop: KUL50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 446
x-amz-cf-id: ENVFokMqVWHEeUZ2gQxeg4lF32t7BLjGlRGTziQckSe-J4KowZkSAQ==

GET
BLOB 200
OK 9ee243ac-fd71-4c3a-8b07-1178d0d6991a
https://docs.google.com/ Frame 92F5 70 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/9ee243ac-fd71-4c3a-8b07-1178d0d6991a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f4ac35fe84b266b1fc2633b9c152e3b86d4afd003303bd305a0af9a8c3dadf9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 71702
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 92F5 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 9A6D 0
19 B 237ms
237ms XHR
text/html 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:48 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 popunder.gif
esorandhewa.com/ 35 B
398 B 12ms
11ms Image
image/gif 104.21.15.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esorandhewa.com/popunder.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Mar 2023 05:40:47 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Mar 2023 18:16:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 213867
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgrdjF55U%2FzPoOAQfym2WRP9WZE3TlmM6U5WiR%2BkF8iwqNQHfrZCebP02xCceTKJVQ14nCd5%2FjoUWHAxKlMUOQlPGDOFlSlTBXr6iHzmzft%2BvzSSF1WDyBv9yo3EfqhWllU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7a7a2f177ba501bc-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
BLOB 200
OK ff70e7b4-e013-40d7-a790-2ac94085418f
https://docs.google.com/ Frame 92F5 72 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/ff70e7b4-e013-40d7-a790-2ac94085418f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f3438a81c45c16690a8d1bedddcd31459cfb8c9d8a375a72f9b0d76c767f5e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 73331
Content-Type: image/png

GET
BLOB 200
OK 01c61905-5d90-427e-8767-6c87953cad69
https://docs.google.com/ Frame 92F5 70 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/01c61905-5d90-427e-8767-6c87953cad69
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57472329f177e0dd496809c7fa4cbe620003dc96d7ecff7c4945d15b3e1641c7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 71233
Content-Type: image/png

GET
H3 200 popunder.gif
esorandhewa.com/ 35 B
549 B 11ms
10ms Image
image/gif 104.21.15.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esorandhewa.com/popunder.gif
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Mar 2023 05:40:47 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Mar 2023 18:16:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 213870
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hN2Tv1Zwvu9WTHQSeWwd0BnwcZEr2EribzR3lnfqla2Ml9xcdSeV26%2BSEqdlYzS5a21LEXuQw8esV9G9t3tNgxS0BP4STBZw4ruUlCFyHLcH93AUcCWjI%2BNIERQFzj%2FOQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7a7a2f17b8bb4d39-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 multi Show response
mentxviewsinte.info/ 3 KB
2 KB 434ms
434ms XHR
text/plain 54.192.150.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsinte.info/multi?cs=WHd6OEFsRUkBeWhBTA95akVKDHg&abt=0&red=1&sm=76&k=userscloud%20free%20cloud%20storage%20unlimited&v=1.0.60.2&sts=0&prn=0&emb=0&tid=708052&rxy=1600_1200&u=1658792658872055&agec=1678772447&fs=1&mbkb=2083.3333333333335&ref=https%3A%2F%2Fuserscloud.com%2F9cserfo00pts&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&tzd=0&uloc=&if=0&_IDP8=1678772447965&crc=1
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-90.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 87717ba08c926365abb57d44e4da9c058b1f2d759478b1852057a8d17ddd1504

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Mar 2023 05:40:48 GMT
content-encoding: gzip
via: 1.1 4642e61e7cbb0e6314e66efe50b70646.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
content-type: text/plain
access-control-allow-origin: https://userscloud.com
p3p: CP="NID DSP ALL COR"
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-length: 1524
x-amz-cf-id: osOmBOkhyHPMtW3RRH5o28tHeSovfC9kohfHdKPCNfc-XYgSE5rgNA==

GET
H3 200 popunder.gif
esorandhewa.com/ 35 B
520 B 12ms
12ms Image
image/gif 104.21.15.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esorandhewa.com/popunder.gif
Requested by: Host: userscloud.com
URL: https://userscloud.com/9cserfo00pts
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Mar 2023 05:40:47 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Mar 2023 18:16:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 213870
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brVsdsGjmalY8COyxP%2Fm59O%2FDpWfJKgt5qZ6vOkBwF2KiVRXijFpkVFknyAEfKvhIXO11%2BWPHLtTIpyfu4JXAWSrV2pZY8%2B986s6vKSuWP7oYln9IKt%2BYSQ1dBTU%2BW4F%2Fak%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7a7a2f17d8cc4d39-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ZmB0QT11Yg Show response
d29mxewlidfjg1.cloudfront.net/PQmdISFMhCCYubDYOLHVrc1Fxf2BkDTsnPTJaHg8iBS8yKjIFAG48KSZaeG4/IwkvdXUnCSt1YmQGLCpudkE8ODwpWiM4OyEFJiM0IxRuPTJ/CicyOi4LKW1hBFJmeHZwV2A/OiwDJz8gZ1V4JidnVXh5Y2xXbXsRZ1V4Pz... Frame 7F7F 574 B
720 B 213ms
213ms Script
text/plain 2600:9000:2179:ca00:14:df85:4c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29mxewlidfjg1.cloudfront.net/PQmdISFMhCCYubDYOLHVrc1Fxf2BkDTsnPTJaHg8iBS8yKjIFAG48KSZaeG4/IwkvdXUnCSt1YmQGLCpudkE8ODwpWiM4OyEFJiM0IxRuPTJ/CicyOi4LKW1hBFJmeHZwV2A/OiwDJz8gZ1V4JidnVXh5Y2xXbXsRZ1V4PzosUXxtYABCengrdFNhbWFyBj-g4PycQLSo4KxNtehV3VH9mYHRCenh7KQ88JT9nVQttYXILISM2Z1V4LzYhDCdhdnBXKyAhLQotbWEEX3FmY2xTe3BqbFB6bWFyFCkuMjAObXoVd1R/ZmB0QT11Yg
Requested by: Host: mentxviewsinte.info
URL: https://mentxviewsinte.info/WE1rb0c5LwgCeDlwCUkyKiFWSnUeaFkpI2p0BhciLyECCyEyKlpBJDQiHgshKiIFG2k2KB9KdR4dOgIjER4tIi8bDjIaJRwUJCMPDj8IXgEgK1ktLBwZGAEXDAcKJyBgJCk8fyEGASYBGQpfVwwLFwoKAGxoWSkOLyYdCx8NIyg8M2kUBj4AFA4bGiMzCFMgAy89PAYKbAISKgESJCZfDiAfHj8TEmhZKQQxLhIgLmwBIDh2MA8tJSo9BTEYEWoMTl0BFyQcKw0idQw1dg55IQYjNhszB3IBfxM3JQA+OTV2Dnk7FSgrGDMXMwEMKSwiNioZCwEWJQk4ASEPAUIgbB0SDBYUHgRbDCADHwovDn49J341FCM9BD0jA1gMCXVTJRNhIz0+MywUMyYLER4mXR1pG18jPQElLywjMCkFLR8TNCoHCwkiHw0QHQgzXAE1FFkXEz1+KR4lHg9dDRAeNC0sLC0AAS4IOhUEOSNpH05dAQIgKV8WDHxaNiB+JxgAKShwPSg2HwURDSYfKg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2179:ca00:14:df85:4c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 61aa4c8e296b68db8e17e0e3ca59925748cdd495d197006b5ff02996dfdb1cd1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mentxviewsinte.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 05:40:48 GMT
content-encoding: gzip
via: 1.1 76f1c067670f8b4d1651944d6254925a.cloudfront.net (CloudFront)
x-amz-cf-pop: KUL50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 444
x-amz-cf-id: 5nypm1qQiQ00ho63LA_bfRE-5eakXV0dEnATwqBjIjapd0oIs_qXUw==

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 14:43:03	Name: NID Value: 511=ee_R1Bvzi21xqxq6L8URa16QEBCosbwdUEwDNWn_g1EbUlht_GwZygpCp5D367Mm9YXs_4cV_bAKiE-nNoSV63NzaTvlEKdInAeIwcze7rSt6peMN_i4RLQV2cX9pthbPkfk__EFkouj-llVaGOfdk_1B4EnzDiGDF7ibsynFl8
.userscloud.com/	1970-01-20 19:55:32	Name: _ga Value: GA1.2.428589063.1678772448
.userscloud.com/	1970-01-20 10:20:58	Name: _gid Value: GA1.2.1212617890.1678772448
.userscloud.com/	1970-01-20 10:19:32	Name: _gat_gtag_UA_70768172_1 Value: 1
pogothere.xyz/	1970-01-20 18:57:56	Name: csu Value: 1658792658872055@1@1678772447

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-N1BBs_0NW1lZYTU3wBZemw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://docs.google.com/gview?url=https://upload-184.userscloud.com/cgi-bin/dl.cgi/se4dbtyh7qdt7l3p7lkm5ekddfvoq3hu7fw6xaeokq3x47g7lfssjoi/9cserfo00pts.pdf&embedded=true(Line 8) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-N1BBs_0NW1lZYTU3wBZemw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
network	error	URL: https://docs.google.com/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://docs.google.com/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S1090959642%3A1678772447668656&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHc4EsadyzQNUpYVbUS6ZlrshgI_BGUi1JBRyS9vkvDDcWwnVx5SpSbbcVt3BFK9_3RjT7FO7g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-620255003%3A1678772447674214&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeFuD8vCbom97CxnWSmAUQiXWG55c80qO5PUJuzUYlr_7mOJ_ykLx3pgxdm3eNMe20SaSQpbQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
content.googleapis.com
csp.withgoogle.com
d29mxewlidfjg1.cloudfront.net
docs.google.com
esorandhewa.com
mentxviewsinte.info
pogothere.xyz
ssl.gstatic.com
static.cloudflareinsights.com
userscloud.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.21.15.189
172.64.173.27
2404:6800:4003:c00::54
2404:6800:4003:c00::5f
2404:6800:4003:c00::66
2404:6800:4003:c02::8d
2404:6800:4003:c04::5e
2404:6800:4003:c04::61
2404:6800:4003:c04::8a
2404:6800:4003:c05::5e
2404:6800:4003:c11::71
2600:9000:2179:ca00:14:df85:4c40:21
2606:4700:3032::6815:4566
2606:4700::6810:3965
2a03:2880:f10c:381:face:b00c:0:25de
54.192.150.90
0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc
0e802976003cc50fba0f0f54923b938b68afd3470bd65ba9bc8eed96e96a3eb9
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0f8f1450692b2d86b59dfaa4daa59eb589f12d0075b355d019de82ce5cce0011
14d7bbe90573d7b3f0baa84288dfc1b4719cc37c8d33ec00f5909ba21a8bebc5
1f3438a81c45c16690a8d1bedddcd31459cfb8c9d8a375a72f9b0d76c767f5e1
271faa66d427e1be15e1e655763bd1c279ca6d749aa96dbc0e713d86bb60da56
2f4ac35fe84b266b1fc2633b9c152e3b86d4afd003303bd305a0af9a8c3dadf9
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4
3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf
57472329f177e0dd496809c7fa4cbe620003dc96d7ecff7c4945d15b3e1641c7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b02f81f462a72d98328153952f7a149af8b9b15afed5c2a6023c41bba6699d2
61aa4c8e296b68db8e17e0e3ca59925748cdd495d197006b5ff02996dfdb1cd1
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816
6a1f0f345d51af97e6095df97000829fb40442443167435f33de5bd09d175d52
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
772bd856da656a1ee63ce9a4fad1de4c3a603988bc82cc60c7cfa42f2aa9eb9f
785c773544e5c8dd943044f3bac5d890386506e95d3e6d67bb176e36b8895bce
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85348343b81e882d1d28cf95b8a36eae57f9a5a0123e281b5bcf344019f06baa
87717ba08c926365abb57d44e4da9c058b1f2d759478b1852057a8d17ddd1504
8d0cd8a36a51dfa01d044cf17b7597eedde6e8a74d563be3f3fd1cb97efab482
9492463bbdab0dedd92119de7ae00a09ffe7a68bf52c2589c2c181de3d3e827a
9cecbc6fb1d1c36a55feeac5b3b49467b6d880dbf8d79767f80179b6e494757a
a8abad0c95d453a9cb7a8d94199db57035bac3bef9da7e772092f31fe3ec083b
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f297b877fae9ac87f177ad1fdcb9d0ea41624dc87f7a81a7ab80ab7efd8975
ba7317e9e2b4216a5392feb1d9b0952e0120b8e31ec2e77df1cb185c9bf26901
bd4e956a4d1f264ade0c340599946041b9c46d2bb5394cf48bb9359ee13505b1
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cebdb5bf570a8a687478359f01b1d07f6ee56c7fd55c28d8090743d5583b49e2
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc
ddc8347da53d2047316650a6a5e878b91ffdbf27dc655c7a5a5bd23252ebf972
e0f70d7157b009dbf05b4fb88595fb5d711416efeb4138b9282248e548afe815
e19efe4b2bfd54d07b79c32ceb73978408570557d10e126d6bb33e9a23f5902a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42b326cde2ef1e1988fed5c5a02912554e70b80ac0223e54b3b1612c7850aa1
ed05ba9ca2ac4e8ed909410a8686b8e4f06da34644ef77a267f851c517a24617
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fe2c60ad1a1cd65b1868c1b6e0b7a0c12dc7d7bb265de44dd397236bd193f9b7

userscloud.com Open in urlscan Pro 2606:4700:3032::6815:4566 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

66 Requests

92 %HTTPS

81 %IPv6

13 Domains

16 Subdomains

17 IPs

3 Countries

1604 kBTransfer

4101 kBSize

5 Cookies

0 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

userscloud.com Open in urlscan Pro
2606:4700:3032::6815:4566 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

92 %
HTTPS

81 %
IPv6

13
Domains

16
Subdomains

17
IPs

3
Countries

1604 kB
Transfer

4101 kB
Size

5
Cookies

66 HTTP transactions
1 data transactions