userscloud.com Open in urlscan Pro
2606:4700:3032::6815:4566 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://userscloud.com/1nqp8t6j9azo
Submission: On March 17 via manual (March 17th 2023, 5:05:08 am UTC) from BE — Scanned from SG

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3032::6815:4566, located in United States and belongs to CLOUDFLARENET, US. The main domain is userscloud.com. The Cisco Umbrella rank of the primary domain is 796099.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.

This is the only time userscloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3032::6815:4566	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2404:6800:400... 2404:6800:4003:c04::64	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c04::61	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c05::5f	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c02::8d	15169 (GOOGLE) (GOOGLE)
6	172.64.172.27 172.64.172.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	54.192.150.5 54.192.150.5	16509 (AMAZON-02) (AMAZON-02)
5	104.21.15.189 104.21.15.189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f10... 2a03:2880:f10c:381:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2404:6800:400... 2404:6800:4003:c01::54	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c01::8a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:200... 2600:9000:200a:aa00:14:df85:4c40:21	16509 (AMAZON-02) (AMAZON-02)
1	13.33.88.79 13.33.88.79	16509 (AMAZON-02) (AMAZON-02)
62	17

12 2606:4700:3032::6815:4566 (United States)

ASN13335 (CLOUDFLARENET, US)

userscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4003:c04::64 (Singapore)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c00::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c05::5f (Singapore)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c02::8d (Singapore)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.172.27 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.192.150.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-5.sin2.r.cloudfront.net

mentxviewsinte.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.21.15.189 (None, )

ASN13335 (CLOUDFLARENET, US)

esorandhewa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c01::54 (Singapore) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::8a (Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:200a:aa00:14:df85:4c40:21 (United States)

ASN16509 (AMAZON-02, US)

d29mxewlidfjg1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-79.sin2.r.cloudfront.net

anifefashionism.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	google.com 4 redirects docs.google.com — Cisco Umbrella Rank: 124 apis.google.com — Cisco Umbrella Rank: 107 accounts.google.com — Cisco Umbrella Rank: 73	353 KB
12	userscloud.com userscloud.com — Cisco Umbrella Rank: 796099	249 KB
6	mentxviewsinte.info mentxviewsinte.info	7 KB
6	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 27761	303 KB
5	esorandhewa.com esorandhewa.com	2 KB
3	cloudfront.net d29mxewlidfjg1.cloudfront.net	2 KB
3	googleapis.com content.googleapis.com — Cisco Umbrella Rank: 1544	1 KB
3	gstatic.com www.gstatic.com ssl.gstatic.com	520 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
1	anifefashionism.com anifefashionism.com	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 495
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	44 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 886	6 KB
62	14

	Domain	Requested by
12	userscloud.com	userscloud.com static.cloudflareinsights.com
9	docs.google.com	userscloud.com docs.google.com www.gstatic.com
6	accounts.google.com	4 redirects
6	mentxviewsinte.info	userscloud.com
6	pogothere.xyz	userscloud.com
5	esorandhewa.com
4	apis.google.com	docs.google.com apis.google.com content.googleapis.com
3	d29mxewlidfjg1.cloudfront.net	mentxviewsinte.info
3	content.googleapis.com	apis.google.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	docs.google.com
1	anifefashionism.com	userscloud.com
1	www.facebook.com
1	csp.withgoogle.com	userscloud.com
1	ssl.gstatic.com	www.gstatic.com
1	www.googletagmanager.com	userscloud.com
1	static.cloudflareinsights.com	userscloud.com
62	17

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
mentxviewsinte.info Amazon RSA 2048 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-24`	2 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
anifefashionism.com Amazon RSA 2048 M02	`2023-03-09` - `2024-04-06`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://userscloud.com/1nqp8t6j9azo
Frame ID: 39CF5E30254D4B855C4C28140E673369
Requests: 34 HTTP requests in this frame

Frame: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true
Frame ID: 48D5AC4F59177EBA16BC64B09B221558
Requests: 17 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__
Frame ID: E29DA67670EE217C85AABF612CE5D35E
Requests: 6 HTTP requests in this frame

Frame: https://mentxviewsinte.info/VnRybFE3FhEBbjdJEEokJBhPSWMQUUAqNWRNHxQ0IRgbCDc8E0NCMjobBwg3JBscGH84EQZJYxA+JAE9Yy0nH2AUHBEkNRU9MyQHLk0oAD0dISpVJhcDHSMbBS4nLz0TFj4GHGQ1Cy06Hw1CBRQ+TSIoAyUCE109MDAhA2USHyAkHTwTOT4XFAA8G2E0LDpVJh4lGSMYEQcxLwA9GzwtMgU2GwM9AgMFLTU8BzUtJjEaPQs5NSEFXTsERB4pNAEuMCg2MRg/CwgZMR9ZOgEmETozOyYoPxcQGCgHKR09QFk6ASVGJRsBNhY0Fx8+EV0lHDMqXTgHMl8UBTMOETYSB0QHJQAhFjEFGD8gNx8/MBkkCQdnPksPYCI+IT8Qc0YwJAMHOhABACcsNCJmGRMzPxMRQRk7A2IxOShhESE3PmQMEx0+FC8lRSgXLiA2O2QHIkMqPQ8YAi4GESIaO2AuIBcVBB88BS1kBkQKIBtlQR40PTInFDQQNSY0LXc8Bx0CIWsHQjwpDDsQByMcIDE1GA
Frame ID: 37E470AC676F4A249B6E7832642DC473
Requests: 2 HTTP requests in this frame

Frame: https://mentxviewsinte.info/VUNhcjA0IQIfDzR+A1RFJy9cVwITZlM0VGd6DApVIi8IFlY/JFBcUzksFBZWJywPBh47JhVXAhNzOxhYEQw3K3YDOlAUUQcJMzhHBys3FXIvByYgcQApIyV/FxonN1ciEC0fXGMHJUZzNhQ3PHwUCicRSG11I0NpPgEpM3QDKiA3amUBOzgBITE0GgRmEDUZfhcQCThgMhUAPmYcOyNCRDkXJRZSAxAZNmAiMzQ7WC0oKDMBIQA5PGUWBBU9YCIrAj51YS8wBUAvFRg4dBYtLDtqPiQoKFc6FjAFQC8XC0p5ES0CEWoGEgURYT42NDNIJAsmIGcCF0w8ehokLyJ6OTBYNgAtLiIKcgEAUiNoDxUgFlMEL0RAchEVIEFmETMlMVcUIDs0agAIDTtKBDQRCGg/DicnSSISAkNhHAonN1sWFTQfeBISBjN4Ohs7GVcYICA0RgYCWAp4EhE2IUkfJS8KYgcZBgFhADQVQnZnFTA6WgwGOwUWPzAOHEBoElQ2eAR6VBpUHA
Frame ID: 659249D3E8263262CFEC14CBD9378D04
Requests: 2 HTTP requests in this frame

Frame: https://mentxviewsinte.info/MjNjOWZTUQBUWVMOAR8TQF9eHFR0FlF/AgAKDkEDRV8KXQBYVFIXBV5cFl0AQFwNTUhcVhccVHRgB28WXVImSjF8Yjp2AnN2GX0gZEkxfh5ga1BRMn9xEHEsY2UNdh5BVjF6EXR/GU4zfWZXWitgdQ1uIwZdJX03YmU0CTd8chdvA15+VH0nQgEyYRFRdCBoA2hELmAvSmpXewF/QCV6Cn17MEkvfEQAai9aWFF6MwMGLgtfdWQkDC5TWCJfL1pARgskcEtbDTN1Wzp7DAtiAn8OaFZSTRdmZRBzM3VbOnEfe1EBfx58ViddQwB1NFUBSGJRDCRmaw9/KUoeBGAsSnIXfTddVCt6U3xkBAgnU2VafgN3fUYLIGVfC1MuWHoAezVWYgJ6EnxWNmxUc2IuTDN1Wzp9HwZkLmgCcFEIXRdxRCIMIVhQLW0+WUk6VSB1VlJNE2UCIUAxAAICbT5edShoDX14BFocZmUMdzd1XwVrCFp3BXtXZFYEHwxBXA1JW2FANggQX3QUWAU
Frame ID: 8CFDBBC0A0FED31DE4A0899D4E172415
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Userscloud

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

94 %
HTTPS

75 %
IPv6

14
Domains

17
Subdomains

17
IPs

3
Countries

1507 kB
Transfer

3873 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHcaf5AdycLYUCRISXzqVvb_MkEtTl9fN-w4oUldCnJcGoL_80DV4O6D0Hs0WvefUZ9pJALptg HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-905093783%3A1679029505489977&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHdW-Uq54dRoD2g399u7XQLgSzePparbixi1taFc-WK7cr6pr9GYNuH1i3wzK1XJ_9Xuxzjayg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 41

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHcA4RRlnd1s6Ey1QTOVLDAxD_2nklwg52xJVnH8nhNxkBxnGq_6bPDzD_ODWim8zU6FP5DkuA HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S285579541%3A1679029505514699&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHciS_qknxb6T6Svkk_TYVcaMpwQrKA-eKhaEKFWGDXwi3f99qiNVpiUNSlJkl22ZbUAQH1bFw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1nqp8t6j9azo Show response
userscloud.com/ 467 KB
104 KB 266ms
240ms Document
text/html 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/1nqp8t6j9azo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a7b886d263b693fe670bb45ff1be6fa56bb2d9c6ef772857cea32fd99c02c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a92b2d9dd6144a6-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 17 Mar 2023 05:05:03 GMT
expires: Thu, 16 Mar 2023 05:05:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzFB9CTBLJiytKL6iMWYZ1ljAZ8qB9s0lwD3tqFIHbhm%2BaMs2RgzBSAgwdzqHIeanIaI4bKkH4f1Q392hyBrq6NNYowMlhb1Hpy4kvvTCkQsutkMfNPQ%2F1Ev9m2Jx9mViHFz1VKqFS%2FFv%2BSwpA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 font-awesome.min.css
userscloud.com/uc/vendor/ 23 KB
6 KB 15ms
13ms Stylesheet
text/css 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/1nqp8t6j9azo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1159480
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:50:50 GMT
server: cloudflare
etag: W/"5ff0965a-5c79"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkLIlrCtOa1yKUXX%2FY%2B%2FIeElEbV9M1%2BIe4VF24RAM7qB9WjmtDIrqr4V7TeJeUgs0PqhPjAU%2B6Ggz4g8kwtE9axrNBhXEKvEdwIeccm058mTVeky8G6RJTnXos%2Br5ex3FY3si799W9VsR%2FvD%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7a92b2db6e5744a6-SIN
access-control-allow-headers: X-Requested-With
expires: Sun, 02 Apr 2023 19:00:24 GMT

GET
H2 200 bootstrap.css
userscloud.com/css/vendor/ 110 KB
20 KB 17ms
16ms Stylesheet
text/css 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/vendor/bootstrap.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/1nqp8t6j9azo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1159024
cf-polished: origSize=113031
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:12:22 GMT
server: cloudflare
etag: W/"591db9d6-1b987"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xgj4Fwh%2BC2d6gXxs8pC4R5rFBH7u%2B0%2BSy5Sr4lUXRURsqDx%2B%2B1MDA%2Bco61XlV5QxX3oaXLGl39oWEZ8c4eXm1gAlfF0hnuOR%2BLGFbELg%2BIz36QvjgjVWCwPyzKVDi9d1CtIqWymUdN7DlNvMyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7a92b2db6e5b44a6-SIN
access-control-allow-headers: X-Requested-With
expires: Sun, 02 Apr 2023 19:08:00 GMT

GET
H2 200 essentials.css
userscloud.com/css/app/ 46 KB
8 KB 18ms
17ms Stylesheet
text/css 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/essentials.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/1nqp8t6j9azo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1159426
cf-polished: origSize=47095
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:13:10 GMT
server: cloudflare
etag: W/"591dba06-b7f7"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmd2Vf5QVMZQ3nch1XnQlmEfI2Kx6fZtBWkFdNvBtmhRNsUStTrb7kdL6I873fta1CTrHrLLRTp60HMezuggCnEtts8UcjaZGEJDoe60UL3uIn9cqPXjqEbox%2BO2zDX0%2B3fl271fy9kur5GXiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7a92b2db6e5d44a6-SIN
access-control-allow-headers: X-Requested-With
expires: Sun, 02 Apr 2023 19:01:18 GMT

GET
H2 200 layout.min.css
userscloud.com/css/app/ 6 KB
2 KB 16ms
15ms Stylesheet
text/css 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/layout.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/1nqp8t6j9azo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1159024
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:52:04 GMT
server: cloudflare
etag: W/"5ff096a4-17d9"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yS34GomB9WNELXJC6YxhtSy3CsRRvvaSgo4jeftAoymM3U4bNedv6ECLJHLydhzVCDITxtNCNxT3qHlho%2BflD7TuxAqSvEwWQApPWNJFJlORj8ih5gejjUZ5tPAoBMyCA8z7Pml6zuCnHru%2FqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7a92b2db6e5e44a6-SIN
access-control-allow-headers: X-Requested-With
expires: Sun, 02 Apr 2023 19:08:00 GMT

GET
H2 200 navbar.css
userscloud.com/css/app/ 21 KB
4 KB 15ms
14ms Stylesheet
text/css 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/navbar.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/1nqp8t6j9azo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1159220
cf-polished: origSize=21572
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:14:54 GMT
server: cloudflare
etag: W/"591dba6e-5444"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjAPV4E%2B8N3L%2FyAuRrpH4UZTPi7g1QEBLCehpAF%2F%2FmaaxZeaJeK88%2FPO0ihFON42mMk9f3o5tQYoekDVuL94Fk2X7hM0nQl3jwueiQsgt5XTROwzF4buB765adR7%2BlazmN2rB%2BxBKAZnWnyhxw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7a92b2db6e5f44a6-SIN
access-control-allow-headers: X-Requested-With
expires: Sun, 02 Apr 2023 19:04:44 GMT

GET
H2 200 gview Show response
docs.google.com/ Frame 48D5 9 KB
4 KB 877ms
857ms Document
text/html 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true

Requested by

Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4a5d6327c7c5a97795d3d444e025982a4614e773425f9ccfbbcaa1a6aa6af5d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4hCfUuURWOCd-vfcpvjuYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4hCfUuURWOCd-vfcpvjuYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
date: Fri, 17 Mar 2023 05:05:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 logo_s.jpg
userscloud.com/images/ 2 KB
2 KB 11ms
10ms Image
image/jpeg 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://userscloud.com/images/logo_s.jpg
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/1nqp8t6j9azo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 321446
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1624
last-modified: Thu, 17 Dec 2020 16:14:49 GMT
server: cloudflare
etag: "5fdb83f9-658"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btW14HnS7z0Ybi4yO7iu4O3VLyAzV6kp08ULk22tSqVmvN4mcb03joRJ6my6qhPPcofdbCxKk4spNhED%2FWiCB7nlRXAMg0tSav3r%2B150TVfXWmI7yUmgU9XDFaQKyRsEZGaZsyE93dkXS%2BTEMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a92b2deae66a03b-SIN
access-control-allow-headers: X-Requested-With
priority: u=3,i
expires: Wed, 12 Apr 2023 11:47:38 GMT

GET
H3 200 rocket-loader.min.js Show response
userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 6ms
5ms Script
application/javascript 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/1nqp8t6j9azo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 22:56:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6407c11e-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHuxxPhSiDcCAgs4O6v%2BK6eXyiiQ2CIbogmaDzQm92u6n5U%2BzHd%2BBOLeWyx8gV43i%2Bob7%2Bx64EEyaQWlRqHNkxH4DH2LZmnFQbm%2BJMkfvu0NXPUkN8QXuSY3IyddTxYrNX72gHDd2UOIxErpIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7a92b2deae67a03b-SIN
expires: Sun, 19 Mar 2023 05:05:03 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 48ms
36ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://userscloud.com/
Origin: https://userscloud.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:03 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7a92b2debc993e20-SIN

GET
H3 200 fontawesome-webfont.woff2
userscloud.com/uc/fonts/ 55 KB
56 KB 11ms
11ms Font
font/woff2 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: userscloud.com
URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://userscloud.com/uc/vendor/font-awesome.min.css
Origin: https://userscloud.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 321533
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56780
last-modified: Mon, 14 Dec 2020 20:14:38 GMT
server: cloudflare
etag: "5fd7c7ae-ddcc"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K35voZtjYplvohGaxo4QZZcYXNOGpfwSwRggaZPv2UovZlomgVvNE7Gn59TUQzetVuoHjE056YHa9kPu2U3H9qrjRuWl2%2BUC05THhJ%2FcWWP5xs3vtBQjaOYmoUa6jAhzsni9iQgiMKMPnsYPtA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a92b2deae6da03b-SIN
access-control-allow-headers: X-Requested-With
priority: u=0,i=?0
expires: Wed, 12 Apr 2023 11:46:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 24ms
11ms Script
application/javascript 2404:6800:4003:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-70768172-1

Requested by

Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecea94cb8200e277a287319b0ba927f92c53d77b48da18fb989d4f0978482937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44663
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Mar 2023 05:05:03 GMT

GET
H3 200 bootstrap.js Show response
userscloud.com/ 35 KB
10 KB 11ms
10ms Script
application/javascript 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/bootstrap.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/1nqp8t6j9azo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4617
cf-polished: origSize=35778
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 26 Dec 2020 13:26:43 GMT
server: cloudflare
etag: W/"8bc2-5b75dfde473c8-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDKWc3DWtZJeq2OEvbEZd8bLoxgI%2BPwh4%2BvA8XpdQ7sRmfI%2BZmTcwuJ8xrQG5ru8Zcng%2FcO3D75zXrBtEf1baVxZxmnEGIl%2B8P7EgKHpvBoNXxtAEs9mnqLjt8ClnfXoK6%2FWP%2FgwMVu0h95DhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=259200
cf-ray: 7a92b2defeaba03b-SIN
access-control-allow-headers: X-Requested-With
priority: u=1,i=?0

GET
H3 200 jquery.min.js Show response
userscloud.com/assets/library/jquery/ 91 KB
34 KB 14ms
13ms Script
application/javascript 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/library/jquery/jquery.min.js?v=v2.0.0-rc8&sv=v0.0.1.2
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/1nqp8t6j9azo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 321533
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 May 2014 12:12:31 GMT
server: cloudflare
etag: W/"5381de2f-16b88"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwlsw%2BrzTVSrD6jrGU567sA8wpA3JVjZ%2BcmMiSj%2B9zRkzoJ3B2oxCALxFIvJhSWQwbXDxb%2FGLLyae00LbczmjgQg00L59%2BcOEl9r9w7MZicp8gnblFzwQI4nohcq4TD3M%2BURBul1TEoFL6MhYg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7a92b2defeaca03b-SIN
access-control-allow-headers: X-Requested-With
priority: u=1,i=?0
expires: Wed, 12 Apr 2023 11:46:11 GMT

GET
H2 200 rs=AC2dHMIDYx_FC8vN29eyn7uebJkipOJ0ag
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.j64yqHtwNe4.L.W.O/d=0/ Frame 48D5 334 KB
42 KB 247ms
4ms Stylesheet
text/css 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.j64yqHtwNe4.L.W.O/d=0/rs=AC2dHMIDYx_FC8vN29eyn7uebJkipOJ0ag

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7264731376c24e92124e0ce44f5240cf9f3e20770c19fdb53b90deb26a178417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 15:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42558
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 20:06:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 15:46:58 GMT

GET
H2 200 thumb
docs.google.com/viewerng/ Frame 48D5 94 KB
94 KB 299ms
298ms Image
image/png 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.google.com/viewerng/thumb?ds=AON1mFy22xe8G17N6914PAFpCQaWtLfvXZw6NyMcZR4JQJglWSVeP2E1Is5e5s9TqZf3z1Iem5zc9-PYPRsyIVyRyCFh917KUwpI0UM96M-C77gEYdxGNSshy0acD0FjWro-vLMYiYexLJtkMkZA8Y1VG3mBJG_WyJaBBzfv5tin0NpmsNpw0HDltXf-JU-cpc-vy3MpRFd_gPHpyVBukiC7dG-3G1sbGwqfEoT4-WaUAJJX_MN_Ci9H013k9X-49utmULIjoGnBP2KuxtzsoDJzCe5sTyZk4jxqzfN27jEogCjyQECpsxnnKoNz-67JC9BoYA-dAXBZgDyiYsxmglb_m-PlvyNpB5HASocOsTcYmKjc_8_CTbU%3D&ck=lantern&authuser&w=800&webp=true&p=proj

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5157eb374ad23b2f0a4096acf74d08b893714f43fa85ef9d86d4c0e93a43513

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cZGCLmT0a51FB7jzUBoIVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:04 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-cZGCLmT0a51FB7jzUBoIVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Fri, 17 Mar 2023 05:05:04 GMT

GET
H2 200 m=main Show response
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.F-7VeKGskno.O/d=1/rs=AC2dHMLpvVuxoTFjpOwTgFe7p432R0CT5w/ Frame 48D5 1 MB
431 KB 250ms
9ms Script
text/javascript 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.F-7VeKGskno.O/d=1/rs=AC2dHMLpvVuxoTFjpOwTgFe7p432R0CT5w/m=main

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e5e422066f4ead367cdd4ad616e4aba054cf7bff4cd00b58e8dc7eb635ca829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 00:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 440537
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 08:00:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 00:56:36 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ Frame 48D5 17 KB
7 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed05ba9ca2ac4e8ed909410a8686b8e4f06da34644ef77a267f851c517a24617

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 05:05:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "f8b323e21c2bb48a"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 05:05:04 GMT

POST
H2 404 cspreport
docs.google.com/ Frame 48D5 141 B
345 B 237ms
236ms Other
text/html 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/cspreport

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F4BAPYQgZlwBf06roqe7aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: script-src 'report-sample' 'nonce-F4BAPYQgZlwBf06roqe7aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 05:05:04 GMT
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Fri, 17 Mar 2023 05:05:04 GMT

POST
H2 404 cspreport
docs.google.com/ Frame 48D5 141 B
535 B 230ms
230ms Other
text/html 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/cspreport

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lXzhFffok1vesDpmqJ90cA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: script-src 'report-sample' 'nonce-lXzhFffok1vesDpmqJ90cA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 05:05:04 GMT
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Fri, 17 Mar 2023 05:05:04 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/ Frame 48D5 315 KB
107 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cebdb5bf570a8a687478359f01b1d07f6ee56c7fd55c28d8090743d5583b49e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 16:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109898
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 16:56:54 GMT

GET
H2 200 v-sprite49.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 48D5 111 KB
48 KB 19ms
4ms Image
image/svg+xml 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite49.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.j64yqHtwNe4.L.W.O/d=0/rs=AC2dHMIDYx_FC8vN29eyn7uebJkipOJ0ag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6f297b877fae9ac87f177ad1fdcb9d0ea41624dc87f7a81a7ab80ab7efd8975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 12:30:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48304
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Fri, 15 Mar 2024 12:30:18 GMT

GET
H3 200 meta Show response
docs.google.com/viewerng/ Frame 48D5 36 B
85 B 242ms
241ms XHR
application/json 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/meta?id=ACFrOgCPDMs6lKBDgJ5LrtvyN6HxJilRTJYUmGqC_AY7CaVIiAq7Bcqm0A7IffAL0BfZuwXnNT3FhzfGF998XhU-UlecLXxRaFGj-P9_HXBR-pr60eQ6Oo4_kkLPfBXuMP0zAXZi9b0NZ8VZniDN

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.F-7VeKGskno.O/d=1/rs=AC2dHMLpvVuxoTFjpOwTgFe7p432R0CT5w/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

450f6ca98d98ad460909a056162d17b1e267d3251c1a4150d79c879d2fcc3304

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w-MuL5fxaOJ74bffVeDggA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 05:05:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-w-MuL5fxaOJ74bffVeDggA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
content-encoding: gzip
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame E29D 382 B
1022 B 26ms
7ms Document
text/html 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3de1df81c8f143025d44dedcb9abd69c4fc3ac31db7f5111cd32769c5a7b5186

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-7b8XAoZAirs0o4XcHfGgvg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 271
content-security-policy: script-src 'nonce-7b8XAoZAirs0o4XcHfGgvg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 05:05:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 17 Jul 2020 22:45:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 apiserving
csp.withgoogle.com/csp/ Frame E29D 0
0 27ms
11ms Other
text/html 2404:6800:4003:c02::8d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/apiserving
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c02::8d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://content.googleapis.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame E29D 17 KB
7 KB 7ms
7ms Script
text/javascript 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8abad0c95d453a9cb7a8d94199db57035bac3bef9da7e772092f31fe3ec083b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 05:05:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "2dec8214aa3ffcf8"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 05:05:05 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/ Frame E29D 70 KB
25 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0cd8a36a51dfa01d044cf17b7597eedde6e8a74d563be3f3fd1cb97efab482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 03:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25326
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Mar 2024 03:53:59 GMT

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 31ms
11ms Fetch
binary/octet-stream 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2107
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Mar 2023 04:29:58 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlYE2ET%2BGn%2FgLJqjwHhxRkhNzkP%2BpHAkFnn7MIs%2BgCC462ffCV1OYrYO7280QAdk47aWwxxfRKleiRdByn%2FLnCf38twhEjp1IIS3YvJQFHLqKcMaYcX81k28fI2khgl%2B"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7a92b2e838fa4912-SIN
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
369 B 293ms
273ms Fetch
text/plain 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63dd74b0b4ec3be55a4207f8cfd6701b4e85bbf12465b514c0c6e60537e619f8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fep5cK4NkyRj%2BdJTnDZj607pVOyeucLSc8fHJsNazFynZ0JbwYHnubdTYfFFaJXx1iiBEWu8r%2FsOiJ2o2JGPFfCpRKneszS%2BN6pdmYvdR21%2FHxt1E3NUM2eCDFdwDC8N"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7a92b2e838fe4912-SIN
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
mentxviewsinte.info/ 0
536 B 234ms
215ms XHR
text/plain 54.192.150.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsinte.info/utx?cb=sEoKlp1WyBvc&top=userscloud.com&tid=600304
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-5.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 05:05:05 GMT
via: 1.1 54f86e61f2776ccac14162805d7331b2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: p6Ev3J2o-1nmO0NcVBdxFa6ONds7AusSNyThAsISPACLIXc2ohsd9Q==

GET
H2 200 MBkkCQdnPksPYCI+IT8Qc0YwJAMHOhABACcsNCJmGRMzPxMRQRk7A2IxOShhESE3PmQMEx0+FC8lRSgXLiA2O2QHIkMqPQ8YAi4GESIaO2AuIBcVBB88BS1kBkQKIBtlQR40PTInFDQQNSY0LXc8Bx0CIWsHQjwpDDsQByMcIDE1GA Show response
mentxviewsinte.info/VnRybFE3FhEBbjdJEEokJBhPSWMQUUAqNWRNHxQ0IRgbCDc8E0NCMjobBwg3JBscGH84EQZJYxA+JAE9Yy0nH2AUHBEkNRU9MyQHLk0oAD0dISpVJhcDHSMbBS4nLz0TFj4GHGQ1Cy06Hw1CBRQ+TSIoAyUCE109MDAhA2USHyAkHTwTO... Frame 37E4 3 KB
2 KB 217ms
217ms Document
text/html 54.192.150.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsinte.info/VnRybFE3FhEBbjdJEEokJBhPSWMQUUAqNWRNHxQ0IRgbCDc8E0NCMjobBwg3JBscGH84EQZJYxA+JAE9Yy0nH2AUHBEkNRU9MyQHLk0oAD0dISpVJhcDHSMbBS4nLz0TFj4GHGQ1Cy06Hw1CBRQ+TSIoAyUCE109MDAhA2USHyAkHTwTOT4XFAA8G2E0LDpVJh4lGSMYEQcxLwA9GzwtMgU2GwM9AgMFLTU8BzUtJjEaPQs5NSEFXTsERB4pNAEuMCg2MRg/CwgZMR9ZOgEmETozOyYoPxcQGCgHKR09QFk6ASVGJRsBNhY0Fx8+EV0lHDMqXTgHMl8UBTMOETYSB0QHJQAhFjEFGD8gNx8/MBkkCQdnPksPYCI+IT8Qc0YwJAMHOhABACcsNCJmGRMzPxMRQRk7A2IxOShhESE3PmQMEx0+FC8lRSgXLiA2O2QHIkMqPQ8YAi4GESIaO2AuIBcVBB88BS1kBkQKIBtlQR40PTInFDQQNSY0LXc8Bx0CIWsHQjwpDDsQByMcIDE1GA
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-5.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 53849a8efbc095e804a7e617aae80f6cafd995cc85952af97e8a49172e308f5e

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1238
content-type: text/html
date: Fri, 17 Mar 2023 05:05:05 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 54f86e61f2776ccac14162805d7331b2.cloudfront.net (CloudFront)
x-amz-cf-id: HHSEeFLQt-Lq0QWcB9zhBS8BTuz6PxfDy7xIh0AyMPEr3hIIPuvGVA==
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 9ms
8ms Fetch
binary/octet-stream 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2107
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Mar 2023 04:29:58 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bIk%2BJngC%2BWAEexc%2B604Hhj6lKA4Rqv6K8gov5DDS1VaWwi6LSU2fBwGpf3CLIttKi%2BqZKhAT%2FZkplVeIi4BpyDpZcqYJVxleM6yPDsV6GNhXwtTpjpdcbs%2Ba1B6swC9R"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7a92b2e8694e4912-SIN
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 25 B
344 B 273ms
273ms Fetch
text/plain 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14698114c08ab567d1c8f51b53f06ecec055096e615bc679d6103c4ddfbcbdeb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JfqDVL4CeMW%2BUh68C8hqukQSZJH012Nn034L1rkwvU5qXOHND4HJWeQ51gc9KxRgnyOvvha26G9mAM7GIYXTfd59nUVObzKrrGGvtT6aMzRVMyQMUDUCB0OtLqkKRuu"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7a92b2e869534912-SIN
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
mentxviewsinte.info/ 0
536 B 217ms
217ms XHR
text/plain 54.192.150.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsinte.info/utx?cb=epBcLLNzNrBD&top=userscloud.com&tid=708052
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-5.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 05:05:05 GMT
via: 1.1 54f86e61f2776ccac14162805d7331b2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: jqFgszXNhcLTQoNSFEYaXrZKofzi4QneEbm260MJhqyLKk0xue_KcQ==

GET
H2 200 DicnSSISAkNhHAonN1sWFTQfeBISBjN4Ohs7GVcYICA0RgYCWAp4EhE2IUkfJS8KYgcZBgFhADQVQnZnFTA6WgwGOwUWPzAOHEBoElQ2eAR6VBpUHA Show response
mentxviewsinte.info/VUNhcjA0IQIfDzR+A1RFJy9cVwITZlM0VGd6DApVIi8IFlY/JFBcUzksFBZWJywPBh47JhVXAhNzOxhYEQw3K3YDOlAUUQcJMzhHBys3FXIvByYgcQApIyV/FxonN1ciEC0fXGMHJUZzNhQ3PHwUCicRSG11I0NpPgEpM3QDKiA3amUBO... Frame 6592 3 KB
2 KB 215ms
214ms Document
text/html 54.192.150.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsinte.info/VUNhcjA0IQIfDzR+A1RFJy9cVwITZlM0VGd6DApVIi8IFlY/JFBcUzksFBZWJywPBh47JhVXAhNzOxhYEQw3K3YDOlAUUQcJMzhHBys3FXIvByYgcQApIyV/FxonN1ciEC0fXGMHJUZzNhQ3PHwUCicRSG11I0NpPgEpM3QDKiA3amUBOzgBITE0GgRmEDUZfhcQCThgMhUAPmYcOyNCRDkXJRZSAxAZNmAiMzQ7WC0oKDMBIQA5PGUWBBU9YCIrAj51YS8wBUAvFRg4dBYtLDtqPiQoKFc6FjAFQC8XC0p5ES0CEWoGEgURYT42NDNIJAsmIGcCF0w8ehokLyJ6OTBYNgAtLiIKcgEAUiNoDxUgFlMEL0RAchEVIEFmETMlMVcUIDs0agAIDTtKBDQRCGg/DicnSSISAkNhHAonN1sWFTQfeBISBjN4Ohs7GVcYICA0RgYCWAp4EhE2IUkfJS8KYgcZBgFhADQVQnZnFTA6WgwGOwUWPzAOHEBoElQ2eAR6VBpUHA
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-5.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 45fb1af9e07cc7cfb70ec7f989eb1310a25a3caa3905ffbb87292f3d4c51697e

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1232
content-type: text/html
date: Fri, 17 Mar 2023 05:05:05 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 54f86e61f2776ccac14162805d7331b2.cloudfront.net (CloudFront)
x-amz-cf-id: XMCODoqCB0aXBIdPKl8-uz3VVPOoyDr9sh6wFLRPWRiGJafMaI4zsA==
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront

GET
H3 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 11ms
11ms Fetch
binary/octet-stream 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2330
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 17 Mar 2023 04:26:15 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agH%2FesN%2BSg6KnA1uxzSMeCRJvCgCxh2%2FeWhek3E3fpotvwKnAft88wqLwLnaoq8DxbfF%2FpD98s0ul2iVVvDQUWW3jCIdx81BXc0CnSxi8R8273UpOXDAJeqKa96bXEDa"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7a92b2e88bed8820-SIN
access-control-allow-headers: X-Requested-With, content-type

GET
H3 200 / Show response
pogothere.xyz/ 27 B
539 B 269ms
268ms Fetch
text/plain 172.64.172.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.172.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ce0b32f08dea86680590578b04324c0ef3a47172f83406640365cfbd44702d6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaUhqHVqNHyTkr5GTs5nQfQeqTmC%2Bo6QpmU84FXREoiZFFnhPEgaUI3QVbX%2F1ioWfCs2PMHVWjlnSHAia7WU4XxZCO9gbCFHZPYwQqObLcZhR1%2Fkvu%2BKXEgbMBkrMlPc"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7a92b2e88bf08820-SIN
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
mentxviewsinte.info/ 0
536 B 428ms
427ms XHR
text/plain 54.192.150.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsinte.info/utx?cb=QyMTcj45xVYh&top=userscloud.com&tid=816973
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-5.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 05:05:05 GMT
via: 1.1 54f86e61f2776ccac14162805d7331b2.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: k29rK0OYEhGLAalGmBB7Bo3R-HUvlkpbs1yVwnk1-Oow6YLP9iYL1A==

GET
H2 200 KUoeBGAsSnIXfTddVCt6U3xkBAgnU2VafgN3fUYLIGVfC1MuWHoAezVWYgJ6EnxWNmxUc2IuTDN1Wzp9HwZkLmgCcFEIXRdxRCIMIVhQLW0+WUk6VSB1VlJNE2UCIUAxAAICbT5edShoDX14BFocZmUMdzd1XwVrCFp3BXtXZFYEHwxBXA1JW2FANggQX3QUWAU Show response
mentxviewsinte.info/MjNjOWZTUQBUWVMOAR8TQF9eHFR0FlF/AgAKDkEDRV8KXQBYVFIXBV5cFl0AQFwNTUhcVhccVHRgB28WXVImSjF8Yjp2AnN2GX0gZEkxfh5ga1BRMn9xEHEsY2UNdh5BVjF6EXR/GU4zfWZXWitgdQ1uIwZdJX03YmU0CTd8chdvA15+V... Frame 8CFD 3 KB
2 KB 230ms
229ms Document
text/html 54.192.150.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mentxviewsinte.info/MjNjOWZTUQBUWVMOAR8TQF9eHFR0FlF/AgAKDkEDRV8KXQBYVFIXBV5cFl0AQFwNTUhcVhccVHRgB28WXVImSjF8Yjp2AnN2GX0gZEkxfh5ga1BRMn9xEHEsY2UNdh5BVjF6EXR/GU4zfWZXWitgdQ1uIwZdJX03YmU0CTd8chdvA15+VH0nQgEyYRFRdCBoA2hELmAvSmpXewF/QCV6Cn17MEkvfEQAai9aWFF6MwMGLgtfdWQkDC5TWCJfL1pARgskcEtbDTN1Wzp7DAtiAn8OaFZSTRdmZRBzM3VbOnEfe1EBfx58ViddQwB1NFUBSGJRDCRmaw9/KUoeBGAsSnIXfTddVCt6U3xkBAgnU2VafgN3fUYLIGVfC1MuWHoAezVWYgJ6EnxWNmxUc2IuTDN1Wzp9HwZkLmgCcFEIXRdxRCIMIVhQLW0+WUk6VSB1VlJNE2UCIUAxAAICbT5edShoDX14BFocZmUMdzd1XwVrCFp3BXtXZFYEHwxBXA1JW2FANggQX3QUWAU
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-5.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 099825fe6cba7b314c6f1dd655c44b6fe6838053e2b7bf52da8c20c3c57956ca

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1231
content-type: text/html
date: Fri, 17 Mar 2023 05:05:05 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 54f86e61f2776ccac14162805d7331b2.cloudfront.net (CloudFront)
x-amz-cf-id: r04L4L8wOZJ-Dpos_vC8rmo2wfdi4GNfLPmmJPrJC6fUYOyl5hvE5w==
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront

GET
H2 204 VGM5UVN7XFoibjEIDBo3ODl6NAsgM2AUP2IFfBs7ADtjKwEDWx8lOjBeD2FjZ1MNdyM9BwRgdScXWCUmJ14Idzo6BVZsdSJeCH9gYE0KY31lRUxsYnIXSTA0aVIfIScgDwRgZWNaCWNqYVMMY2ph
esorandhewa.com/ 0
248 B 293ms
267ms Image
text/plain 104.21.15.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esorandhewa.com/VGM5UVN7XFoibjEIDBo3ODl6NAsgM2AUP2IFfBs7ADtjKwEDWx8lOjBeD2FjZ1MNdyM9BwRgdScXWCUmJ14Idzo6BVZsdSJeCH9gYE0KY31lRUxsYnIXSTA0aVIfIScgDwRgZWNaCWNqYVMMY2ph
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=337AJT1wZGcxpuAgqQeKCvDi%2FvXY3y%2FSM6d6gtPTLUDMqnjHEW2vVECMDicsMWK3ocerV6hgHctneD7Xwww8wbHJBCmyOEirU1%2FhmLkpO%2FvIalbt9X35LanFruqtVFvl%2FX8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7a92b2e8da0b896e-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 295ms
281ms Image
text/html 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHcaf5AdycLYUCRISXzqVvb_MkEtTl9fN-w4oUldCnJcGoL_80DV4O6D0Hs...
https://accounts.google.com/v3/signin/identifier?dsh=S-905093783%3A1679029505489977&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHdW-Uq54dRoD2g399u7XQLgSzePparbixi1taFc-WK7cr...

0
0

32ms
31ms

Image
text/html

2404:6800:4003:c01::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-905093783%3A1679029505489977&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHdW-Uq54dRoD2g399u7XQLgSzePparbixi1taFc-WK7cr6pr9GYNuH1i3wzK1XJ_9Xuxzjayg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Protocol: H3
Server: 2404:6800:4003:c01::54 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 17 Mar 2023 05:05:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LDJZcFx3I_Ozo9ovADw28Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 394
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-905093783%3A1679029505489977&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHdW-Uq54dRoD2g399u7XQLgSzePparbixi1taFc-WK7cr6pr9GYNuH1i3wzK1XJ_9Xuxzjayg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHcA4RRlnd1s6Ey1QTOVLDAxD_2nklwg52xJVnH8nhNxkBxnGq_6bPD...
https://accounts.google.com/v3/signin/identifier?dsh=S285579541%3A1679029505514699&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHciS_qknxb6T6Svkk_TYVcaMpwQrKA-eKhaEKFWGDXwi3...

0
0

30ms
30ms

Image
text/html

2404:6800:4003:c01::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S285579541%3A1679029505514699&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHciS_qknxb6T6Svkk_TYVcaMpwQrKA-eKhaEKFWGDXwi3f99qiNVpiUNSlJkl22ZbUAQH1bFw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Protocol: H3
Server: 2404:6800:4003:c01::54 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 17 Mar 2023 05:05:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-W7XK1_aG9Ya_gCCe5N6NEQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S285579541%3A1679029505514699&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHciS_qknxb6T6Svkk_TYVcaMpwQrKA-eKhaEKFWGDXwi3f99qiNVpiUNSlJkl22ZbUAQH1bFw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 UWJdaXJT
esorandhewa.com/ZFJoWkZLbQspezEHLgIRCiIPORFdIztoKhMILzIIPWEiNB9UZk4uLwBvX2p+VGdafDYNNlVof0IhHDsyESFVa2ANPA41e0IkVWtoVHxeamhWdB1nd0ImGDshWWNOKjIQPlVrcFNrWGh/ 0
406 B 287ms
263ms Image
text/plain 104.21.15.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esorandhewa.com/ZFJoWkZLbQspezEHLgIRCiIPORFdIztoKhMILzIIPWEiNB9UZk4uLwBvX2p+VGdafDYNNlVof0IhHDsyESFVa2ANPA41e0IkVWtoVHxeamhWdB1nd0ImGDshWWNOKjIQPlVrcFNrWGh/UWJdaXJT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqoBxCUhmGU1dEdPOZ58w7LyY883SC2G%2FUyJVMlt3N9FtjY4obmZBmBIfrVP5BqOCelgEF2TKVcE1uKYBWbnlyBldFWwnVTMUX9CFZw8aJDPAUgb2oE8QIFF9g3Yd1URpCk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7a92b2e8da0c896e-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 PBRfRmU2QiBOBGZBWlQ9BFYaXzdoSF8AamJDSEY6MU1cD3UmBA9CJiZNXxA6OxYBC3UjTV8YY3tGXhhhcwVTB3UhAA9RbmRWHkInOU1fAGRsQFwPZmVFXQBr
esorandhewa.com/U1VwbjZ8ahMdCzEAACVgYx8pDQU/ 0
243 B 296ms
273ms Image
text/plain 104.21.15.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esorandhewa.com/U1VwbjZ8ahMdCzEAACVgYx8pDQU/PBRfRmU2QiBOBGZBWlQ9BFYaXzdoSF8AamJDSEY6MU1cD3UmBA9CJiZNXxA6OxYBC3UjTV8YY3tGXhhhcwVTB3UhAA9RbmRWHkInOU1fAGRsQFwPZmVFXQBr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbqRkJLntWIH7ie4Vt3jEU95nexkkpOXFEYPdRSWTTJkh7rfc3b3BL%2BI7KnU5qsHPUsLrh0cKFe1Wk96gs8g65jTUaZEnRMshnEjl20EY%2Br873UBgI3uKO2d2OLdZoYWtd4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7a92b2e8da0e896e-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 48D5 94 KB
94 KB 297ms
296ms XHR
image/png 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/img?id=ACFrOgCPDMs6lKBDgJ5LrtvyN6HxJilRTJYUmGqC_AY7CaVIiAq7Bcqm0A7IffAL0BfZuwXnNT3FhzfGF998XhU-UlecLXxRaFGj-P9_HXBR-pr60eQ6Oo4_kkLPfBXuMP0zAXZi9b0NZ8VZniDN&page=0&w=800&webp=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.F-7VeKGskno.O/d=1/rs=AC2dHMLpvVuxoTFjpOwTgFe7p432R0CT5w/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5157eb374ad23b2f0a4096acf74d08b893714f43fa85ef9d86d4c0e93a43513

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jZZhqWNZt8vLvIZtbwwjVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 05:05:05 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-jZZhqWNZt8vLvIZtbwwjVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 48D5 16 KB
5 KB 290ms
289ms XHR
application/json 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/presspage?id=ACFrOgCPDMs6lKBDgJ5LrtvyN6HxJilRTJYUmGqC_AY7CaVIiAq7Bcqm0A7IffAL0BfZuwXnNT3FhzfGF998XhU-UlecLXxRaFGj-P9_HXBR-pr60eQ6Oo4_kkLPfBXuMP0zAXZi9b0NZ8VZniDN&page=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.F-7VeKGskno.O/d=1/rs=AC2dHMLpvVuxoTFjpOwTgFe7p432R0CT5w/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

93e6f116200b8282f0d2a0535916315a88a1f8d90dfbf9c349ceae599e14a3b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cdbsvus2Hsp-7APK9CC7gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 05:05:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-cdbsvus2Hsp-7APK9CC7gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
content-encoding: gzip
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 48D5 6 KB
6 KB 278ms
277ms XHR
image/png 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.F-7VeKGskno.O/d=1/rs=AC2dHMLpvVuxoTFjpOwTgFe7p432R0CT5w/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42406f65c5338e8e8f628d4c431a42b9b0798a0534c00a1495e67cb057b6076d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uF7VoGUH21xvnECk742pow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 05:05:05 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-uF7VoGUH21xvnECk742pow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 48D5 378 B
235 B 237ms
237ms XHR
application/json 2404:6800:4003:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.F-7VeKGskno.O/d=1/rs=AC2dHMLpvVuxoTFjpOwTgFe7p432R0CT5w/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8754f35943bde7b2f43fce6c38955651e5a63e9300e38e1e02bb4367352ef780

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PZxLONOJ4bSj7AccvfOItQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 05:05:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-PZxLONOJ4bSj7AccvfOItQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame E29D 0
181 B 272ms
271ms XHR
text/html 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 05:05:05 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
userscloud.com/cdn-cgi/ 0
140 B 13ms
13ms XHR
text/plain 2606:4700:3032::6815:4566
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4566 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://userscloud.com/1nqp8t6j9azo
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://userscloud.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7a92b2e8ef94a03b-SIN

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 16ms
5ms Script
text/javascript 2404:6800:4003:c01::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70768172-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 04:21:08 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2637
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 17 Mar 2023 06:21:08 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 5ms
5ms XHR
text/plain 2404:6800:4003:c01::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1244054311&t=pageview&_s=1&dl=https%3A%2F%2Fuserscloud.com%2F1nqp8t6j9azo&ul=en-us&de=UTF-8&dt=Userscloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1841641426&gjid=50335306&cid=480390541.1679029505&tid=UA-70768172-1&_gid=1115849370.1679029505&_r=1&gtm=457e33f0&z=174627909

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://userscloud.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 05:05:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userscloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 JVml5YUs1BhcHdCIAHVx9ZllKUX9wAwoOJSZUClEbLjM2AyAkIy0iEh9PDRsva1lfDSo4DkRHLjgKRFBtNw0bXH9wHQkOIGsCCQkoNAcSBiolTwwAdjsGAwgnOghcUw1jR0lEeWZBDgglMgYOEm5kWRcVbmRZSFFlZkxKI25kWQ4IJWBdXFIJc1tJGX1iQF-xTezc... Show response
d29mxewlidfjg1.cloudfront.net/ Frame 37E4 1 KB
1 KB 260ms
227ms Script
text/plain 2600:9000:200a:aa00:14:df85:4c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29mxewlidfjg1.cloudfront.net/JVml5YUs1BhcHdCIAHVx9ZllKUX9wAwoOJSZUClEbLjM2AyAkIy0iEh9PDRsva1lfDSo4DkRHLjgKRFBtNw0bXH9wHQkOIGsCCQkoNAcSBiolTwwAdjsGAwgnOghcUw1jR0lEeWZBDgglMgYOEm5kWRcVbmRZSFFlZkxKI25kWQ4IJWBdXFIJc1tJGX1iQF-xTezcZCQ0uIQwbCiIiTEsnfmVeV1J9c1tJSSA+HRQNbmQqXFN7OgASBG5kWR4EKD0GUER5ZgoREyQ7DFxTDW5QV1FlYlpBWGVhW1xTeyUIHwA5P0xLJ35lXldSfXAcRFA
Requested by: Host: mentxviewsinte.info
URL: https://mentxviewsinte.info/VnRybFE3FhEBbjdJEEokJBhPSWMQUUAqNWRNHxQ0IRgbCDc8E0NCMjobBwg3JBscGH84EQZJYxA+JAE9Yy0nH2AUHBEkNRU9MyQHLk0oAD0dISpVJhcDHSMbBS4nLz0TFj4GHGQ1Cy06Hw1CBRQ+TSIoAyUCE109MDAhA2USHyAkHTwTOT4XFAA8G2E0LDpVJh4lGSMYEQcxLwA9GzwtMgU2GwM9AgMFLTU8BzUtJjEaPQs5NSEFXTsERB4pNAEuMCg2MRg/CwgZMR9ZOgEmETozOyYoPxcQGCgHKR09QFk6ASVGJRsBNhY0Fx8+EV0lHDMqXTgHMl8UBTMOETYSB0QHJQAhFjEFGD8gNx8/MBkkCQdnPksPYCI+IT8Qc0YwJAMHOhABACcsNCJmGRMzPxMRQRk7A2IxOShhESE3PmQMEx0+FC8lRSgXLiA2O2QHIkMqPQ8YAi4GESIaO2AuIBcVBB88BS1kBkQKIBtlQR40PTInFDQQNSY0LXc8Bx0CIWsHQjwpDDsQByMcIDE1GA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:200a:aa00:14:df85:4c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 35753b5ec7800dcd4866e1d8ac5345253bcbaef3304ec208a0d25e3cc7acab22

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mentxviewsinte.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
content-encoding: gzip
via: 1.1 423016d18a128e118b016383665b6de8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 760
x-amz-cf-id: 1iWQke2VeTVyNFPZQMS6EkgKbJhRIZuTKAE85OHfiXoSMWVovUlmGw==

GET
H2 200 0ZjhDOVYFVy1faRJRJwRhVgBzDGRAUjBWOBYFEgwSLml6DD4CcWVNLAIFcx86B1YkBHADViAEZ0BZJ1trUh43STkNBShJPgVaLVIxB0tlTDdbVSxDPwpUIhxkIA1tCXNUCGtOPwhcLE4lQwpzVyJDCnMIZkgIZgoUQwpzTj8IDnccZSQdcQkuUAxqHGRWWT-NJOgN... Show response
d29mxewlidfjg1.cloudfront.net/ Frame 6592 594 B
726 B 206ms
198ms Script
text/plain 2600:9000:200a:aa00:14:df85:4c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29mxewlidfjg1.cloudfront.net/0ZjhDOVYFVy1faRJRJwRhVgBzDGRAUjBWOBYFEgwSLml6DD4CcWVNLAIFcx86B1YkBHADViAEZ0BZJ1trUh43STkNBShJPgVaLVIxB0tlTDdbVSxDPwpUIhxkIA1tCXNUCGtOPwhcLE4lQwpzVyJDCnMIZkgIZgoUQwpzTj8IDnccZSQdcQkuUAxqHGRWWT-NJOgNPJls9D0xmCxBTC3QXZVAdcQl+DVA3VDpDCgAcZFZUKlIzQwpzXjMFUywQc1QIIFEkCVUmHGQgAHoXZkgMcAFvSA9xHGRWSyJfNxRRZgsQUwt0F2VQHjYEZw
Requested by: Host: mentxviewsinte.info
URL: https://mentxviewsinte.info/VUNhcjA0IQIfDzR+A1RFJy9cVwITZlM0VGd6DApVIi8IFlY/JFBcUzksFBZWJywPBh47JhVXAhNzOxhYEQw3K3YDOlAUUQcJMzhHBys3FXIvByYgcQApIyV/FxonN1ciEC0fXGMHJUZzNhQ3PHwUCicRSG11I0NpPgEpM3QDKiA3amUBOzgBITE0GgRmEDUZfhcQCThgMhUAPmYcOyNCRDkXJRZSAxAZNmAiMzQ7WC0oKDMBIQA5PGUWBBU9YCIrAj51YS8wBUAvFRg4dBYtLDtqPiQoKFc6FjAFQC8XC0p5ES0CEWoGEgURYT42NDNIJAsmIGcCF0w8ehokLyJ6OTBYNgAtLiIKcgEAUiNoDxUgFlMEL0RAchEVIEFmETMlMVcUIDs0agAIDTtKBDQRCGg/DicnSSISAkNhHAonN1sWFTQfeBISBjN4Ohs7GVcYICA0RgYCWAp4EhE2IUkfJS8KYgcZBgFhADQVQnZnFTA6WgwGOwUWPzAOHEBoElQ2eAR6VBpUHA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:200a:aa00:14:df85:4c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d065102a28c1f2d9eb2d347044ff24bdca2dc1ff6da31600c793a1a3e5d61565

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mentxviewsinte.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
content-encoding: gzip
via: 1.1 423016d18a128e118b016383665b6de8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 447
x-amz-cf-id: EWXF7eZb-dJPF_TlHpudDY99BZUzCtaNmfgm_3SGGU5HWxNnkZtFYQ==

GET
H2 200 WlhjHjIcBSdQaCtNeUU2AQMuUGhYDy4WMQdBbkdqCwA5GjcNTXkzYlFGe1tuW1ByW21aTXlFKQkOKgczTVoNQGlfRnhDfB1Veg Show response
d29mxewlidfjg1.cloudfront.net/SdVpoaEsWNQYOdAEzDFVzRGxRX3hTMBsHJQVnOxseRCwFLzwUOU4cMRFnWE4nFDQPVW0QNAtVelM7DAp2QXwcGCQeZwMYIxY4BgMsFClOHSpINwcSIhk2CU15M29GWG5HakAfIhs+Bx84UGhYBj9QaFhZe1tqTVsJUGhYHy... Frame 8CFD 578 B
723 B 236ms
235ms Script
text/plain 2600:9000:200a:aa00:14:df85:4c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29mxewlidfjg1.cloudfront.net/SdVpoaEsWNQYOdAEzDFVzRGxRX3hTMBsHJQVnOxseRCwFLzwUOU4cMRFnWE4nFDQPVW0QNAtVelM7DAp2QXwcGCQeZwMYIxY4BgMsFClOHSpINwcSIhk2CU15M29GWG5HakAfIhs+Bx84UGhYBj9QaFhZe1tqTVsJUGhYHyIbbFxNeDd/WlgzQ25BTXlFOx-gYJxAtDQogHC5NWg1AaV9GeEN/WlhjHjIcBSdQaCtNeUU2AQMuUGhYDy4WMQdBbkdqCwA5GjcNTXkzYlFGe1tuW1ByW21aTXlFKQkOKgczTVoNQGlfRnhDfB1Veg
Requested by: Host: mentxviewsinte.info
URL: https://mentxviewsinte.info/MjNjOWZTUQBUWVMOAR8TQF9eHFR0FlF/AgAKDkEDRV8KXQBYVFIXBV5cFl0AQFwNTUhcVhccVHRgB28WXVImSjF8Yjp2AnN2GX0gZEkxfh5ga1BRMn9xEHEsY2UNdh5BVjF6EXR/GU4zfWZXWitgdQ1uIwZdJX03YmU0CTd8chdvA15+VH0nQgEyYRFRdCBoA2hELmAvSmpXewF/QCV6Cn17MEkvfEQAai9aWFF6MwMGLgtfdWQkDC5TWCJfL1pARgskcEtbDTN1Wzp7DAtiAn8OaFZSTRdmZRBzM3VbOnEfe1EBfx58ViddQwB1NFUBSGJRDCRmaw9/KUoeBGAsSnIXfTddVCt6U3xkBAgnU2VafgN3fUYLIGVfC1MuWHoAezVWYgJ6EnxWNmxUc2IuTDN1Wzp9HwZkLmgCcFEIXRdxRCIMIVhQLW0+WUk6VSB1VlJNE2UCIUAxAAICbT5edShoDX14BFocZmUMdzd1XwVrCFp3BXtXZFYEHwxBXA1JW2FANggQX3QUWAU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:200a:aa00:14:df85:4c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c00baada5e06cab8ac4f494a32dd9a339267df53675b00821cbb5e77b185d9b7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mentxviewsinte.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
content-encoding: gzip
via: 1.1 423016d18a128e118b016383665b6de8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 446
x-amz-cf-id: BuVYgbsVKRxU0xDjCve4MwhwJf9QUgDVL6oNI2gnaV0YB_q9lf6QQQ==

GET
H2 204 ZX4ESGBjaUFGYGZtRk1jbG1JQWByLAEUNmlpVwUlIDRMRGdjYUFHaGFoRENpZQ
esorandhewa.com/dVFUWHFabjcrTCxjMDIVLRs2DTc/HAYeMyEHAR43IxdtOSMeInIsGBFsYmhBRmFgfgEcNWlpVwYlNSwEBmxnaEFEdz02FxpsZGhBRHciZUBbYmB2Qkd/ 0
246 B 263ms
263ms Image
text/plain 104.21.15.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esorandhewa.com/dVFUWHFabjcrTCxjMDIVLRs2DTc/HAYeMyEHAR43IxdtOSMeInIsGBFsYmhBRmFgfgEcNWlpVwYlNSwEBmxnaEFEdz02FxpsZGhBRHciZUBbYmB2Qkd/ZX4ESGBjaUFGYGZtRk1jbG1JQWByLAEUNmlpVwUlIDRMRGdjYUFHaGFoRENpZQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 05:05:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkPAAIEvxKLDyGhIfedFeQEUqXu%2F16v1ftFnsI1b764wjyyljiONvnmwDvXveJeRPYvAMqUAnPIQXVKo3IWIConAZaZtFDlwZByDJOjd%2FWHfg2ipWSCkSVJpNOrZKosVDkc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7a92b2ea8bcb896e-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
BLOB 200
OK 2ad70eb5-20bc-4c54-a8af-7b15ec160958
https://docs.google.com/ Frame 48D5 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/2ad70eb5-20bc-4c54-a8af-7b15ec160958
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42406f65c5338e8e8f628d4c431a42b9b0798a0534c00a1495e67cb057b6076d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 6334
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 48D5 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame E29D 0
19 B 276ms
275ms XHR
text/html 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 05:05:05 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 popunder.gif
esorandhewa.com/ 35 B
550 B 13ms
12ms Image
image/gif 104.21.15.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://esorandhewa.com/popunder.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Fri, 17 Mar 2023 05:05:05 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Mar 2023 18:16:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 470928
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oC5AekTxrQ2mETNJXhkyQ6fV9V1kqBTi9OG8NRMGpXRmAfvOgzwNBs2wbfGsOsL1toMJgLNxLNOsBEI0RqZM8e99aZ3Uacy%2F%2F%2B8eVEEH2iFgmWgKdodegwmh7UemR%2B51RuU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7a92b2eb38b540f5-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 multi Show response
anifefashionism.com/ 3 KB
2 KB 235ms
217ms XHR
text/plain 13.33.88.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://anifefashionism.com/multi?cs=ckd4MkFDd0ACcEp2SwB2QHRIC3U&abt=0&red=1&sm=76&k=userscloud%20free%20cloud%20storage%20unlimited&v=1.0.60.2&sts=2&prn=0&emb=0&tid=708052&rxy=1600_1200&u=1710312578285841&agec=1679029505&fs=1&mbkb=1449.2753623188405&ref=https%3A%2F%2Fuserscloud.com%2F1nqp8t6j9azo&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&tzd=0&uloc=&if=0&_2eA2=1679029505803&crc=1
Requested by: Host: userscloud.com
URL: https://userscloud.com/1nqp8t6j9azo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-79.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 188214a9f8203f53b7059bfbad5581798ae1b484b4cf4bfb39c6b0a56876d5a3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 05:05:05 GMT
content-encoding: gzip
via: 1.1 4187f012ebd71eb85a8870ea46453784.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
content-type: text/plain
access-control-allow-origin: https://userscloud.com
p3p: CP="NID DSP ALL COR"
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-length: 1491
x-amz-cf-id: 1uJh8zznIvaCKL9D_my1jKz8ZA9jir4e2V9rYKoyLYp-TBdQobarUw==

GET
BLOB 200
OK 358bb48f-bf2f-467c-9e3e-f2dc41b40d04
https://docs.google.com/ Frame 48D5 94 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/358bb48f-bf2f-467c-9e3e-f2dc41b40d04
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5157eb374ad23b2f0a4096acf74d08b893714f43fa85ef9d86d4c0e93a43513

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 96201
Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 14:47:20	Name: NID Value: 511=TKga2jIRJ2pMuYAH364I1TU7-Vxq05-EsZ_k0BtfuaEoWneekhZmqaEv8fzB0631ZJ93IQz8e6_2K7GjJIeHXlPmstJeEpm1aJCGSrbw9CN5LSJsDhKFszUKDN9BU4CwjaWKVtvEnk2kyUGbxKhBn5496f06qWwTqE_dq5ndEds
.userscloud.com/	1970-01-20 19:59:49	Name: _ga Value: GA1.2.480390541.1679029505
.userscloud.com/	1970-01-20 10:25:15	Name: _gid Value: GA1.2.1115849370.1679029505
.userscloud.com/	1970-01-20 10:23:49	Name: _gat_gtag_UA_70768172_1 Value: 1
pogothere.xyz/	1970-01-20 19:02:13	Name: csu Value: 1710312578285841@1@1679029505

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-4hCfUuURWOCd-vfcpvjuYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/p6ztbtyp6ecsvzl5uohmpacnawltvpuxqm4aphdp5uuhhjafof7ds6y/1nqp8t6j9azo.pdf&embedded=true(Line 8) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-4hCfUuURWOCd-vfcpvjuYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
network	error	URL: https://docs.google.com/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://docs.google.com/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-905093783%3A1679029505489977&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHdW-Uq54dRoD2g399u7XQLgSzePparbixi1taFc-WK7cr6pr9GYNuH1i3wzK1XJ_9Xuxzjayg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S285579541%3A1679029505514699&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHciS_qknxb6T6Svkk_TYVcaMpwQrKA-eKhaEKFWGDXwi3f99qiNVpiUNSlJkl22ZbUAQH1bFw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
anifefashionism.com
apis.google.com
content.googleapis.com
csp.withgoogle.com
d29mxewlidfjg1.cloudfront.net
docs.google.com
esorandhewa.com
mentxviewsinte.info
pogothere.xyz
ssl.gstatic.com
static.cloudflareinsights.com
userscloud.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.21.15.189
13.33.88.79
172.64.172.27
2404:6800:4003:c00::5e
2404:6800:4003:c01::54
2404:6800:4003:c01::8a
2404:6800:4003:c02::8d
2404:6800:4003:c04::5e
2404:6800:4003:c04::61
2404:6800:4003:c04::64
2404:6800:4003:c05::5f
2600:9000:200a:aa00:14:df85:4c40:21
2606:4700:3032::6815:4566
2606:4700::6810:3865
2a03:2880:f10c:381:face:b00c:0:25de
54.192.150.5
099825fe6cba7b314c6f1dd655c44b6fe6838053e2b7bf52da8c20c3c57956ca
0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
14698114c08ab567d1c8f51b53f06ecec055096e615bc679d6103c4ddfbcbdeb
188214a9f8203f53b7059bfbad5581798ae1b484b4cf4bfb39c6b0a56876d5a3
1e5e422066f4ead367cdd4ad616e4aba054cf7bff4cd00b58e8dc7eb635ca829
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4
35753b5ec7800dcd4866e1d8ac5345253bcbaef3304ec208a0d25e3cc7acab22
3a7b886d263b693fe670bb45ff1be6fa56bb2d9c6ef772857cea32fd99c02c7f
3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf
3de1df81c8f143025d44dedcb9abd69c4fc3ac31db7f5111cd32769c5a7b5186
42406f65c5338e8e8f628d4c431a42b9b0798a0534c00a1495e67cb057b6076d
450f6ca98d98ad460909a056162d17b1e267d3251c1a4150d79c879d2fcc3304
45fb1af9e07cc7cfb70ec7f989eb1310a25a3caa3905ffbb87292f3d4c51697e
4a5d6327c7c5a97795d3d444e025982a4614e773425f9ccfbbcaa1a6aa6af5d1
53849a8efbc095e804a7e617aae80f6cafd995cc85952af97e8a49172e308f5e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ce0b32f08dea86680590578b04324c0ef3a47172f83406640365cfbd44702d6
63dd74b0b4ec3be55a4207f8cfd6701b4e85bbf12465b514c0c6e60537e619f8
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7264731376c24e92124e0ce44f5240cf9f3e20770c19fdb53b90deb26a178417
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8754f35943bde7b2f43fce6c38955651e5a63e9300e38e1e02bb4367352ef780
8d0cd8a36a51dfa01d044cf17b7597eedde6e8a74d563be3f3fd1cb97efab482
93e6f116200b8282f0d2a0535916315a88a1f8d90dfbf9c349ceae599e14a3b9
a8abad0c95d453a9cb7a8d94199db57035bac3bef9da7e772092f31fe3ec083b
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f297b877fae9ac87f177ad1fdcb9d0ea41624dc87f7a81a7ab80ab7efd8975
c00baada5e06cab8ac4f494a32dd9a339267df53675b00821cbb5e77b185d9b7
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cebdb5bf570a8a687478359f01b1d07f6ee56c7fd55c28d8090743d5583b49e2
d065102a28c1f2d9eb2d347044ff24bdca2dc1ff6da31600c793a1a3e5d61565
d5157eb374ad23b2f0a4096acf74d08b893714f43fa85ef9d86d4c0e93a43513
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecea94cb8200e277a287319b0ba927f92c53d77b48da18fb989d4f0978482937
ed05ba9ca2ac4e8ed909410a8686b8e4f06da34644ef77a267f851c517a24617
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

userscloud.com Open in urlscan Pro 2606:4700:3032::6815:4566 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

94 %HTTPS

75 %IPv6

14 Domains

17 Subdomains

17 IPs

3 Countries

1507 kBTransfer

3873 kBSize

5 Cookies

0 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

userscloud.com Open in urlscan Pro
2606:4700:3032::6815:4566 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

94 %
HTTPS

75 %
IPv6

14
Domains

17
Subdomains

17
IPs

3
Countries

1507 kB
Transfer

3873 kB
Size

5
Cookies

62 HTTP transactions
1 data transactions