urlscan.io logo urlscan.io
SecurityTrails logo

userscloud.com Open in urlscan Pro
2606:4700:3034::ac43:cf69  Public Scan

Go To Rescan Add Verdict Report
URL: https://userscloud.com/ge8tzew4jjn7
Submission: On March 14 via manual from CA — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3034::ac43:cf69, located in United States and belongs to CLOUDFLARENET, US. The main domain is userscloud.com. The Cisco Umbrella rank of the primary domain is 796099.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time userscloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    2606:4700:3034::ac43:cf69 (United States)

ASN13335 (CLOUDFLARENET, US)
userscloud.com
11    2404:6800:4003:c04::64 (Singapore)

ASN15169 (GOOGLE, US)
docs.google.com
apis.google.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2404:6800:4003:c04::61 (Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2404:6800:4003:c05::5e (Singapore)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
3    2404:6800:4003:c04::5f (Singapore)

ASN15169 (GOOGLE, US)
content.googleapis.com
1    2404:6800:4003:c02::8d (Singapore)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
6    172.64.173.27 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
7    65.8.11.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-11-57.kul50.r.cloudfront.net
mentxviewsinte.info
7    104.21.15.189 (None, )

ASN13335 (CLOUDFLARENET, US)
esorandhewa.com
1    2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2404:6800:4003:c00::54 (Singapore)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2404:6800:4003:c00::66 (Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2600:9000:2179:dc00:14:df85:4c40:21 (United States)

ASN16509 (AMAZON-02, US)
d29mxewlidfjg1.cloudfront.net
Apex Domain
Subdomains		 Transfer
17 google.com
docs.google.com — Cisco Umbrella Rank: 124
apis.google.com — Cisco Umbrella Rank: 107
accounts.google.com — Cisco Umbrella Rank: 73
275 KB
12 userscloud.com
userscloud.com — Cisco Umbrella Rank: 796099
248 KB
7 esorandhewa.com
esorandhewa.com
2 KB
7 mentxviewsinte.info
mentxviewsinte.info
8 KB
6 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 27761
303 KB
3 cloudfront.net
d29mxewlidfjg1.cloudfront.net
2 KB
3 googleapis.com
content.googleapis.com — Cisco Umbrella Rank: 1544
1 KB
3 gstatic.com
www.gstatic.com
ssl.gstatic.com
526 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
20 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 495
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
44 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 886
6 KB
61 13
Domain Requested by
12 userscloud.com userscloud.com
static.cloudflareinsights.com
7 esorandhewa.com userscloud.com
7 mentxviewsinte.info userscloud.com
7 docs.google.com userscloud.com
docs.google.com
www.gstatic.com
6 accounts.google.com 4 redirects
6 pogothere.xyz userscloud.com
4 apis.google.com docs.google.com
apis.google.com
content.googleapis.com
3 d29mxewlidfjg1.cloudfront.net mentxviewsinte.info
3 content.googleapis.com apis.google.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.gstatic.com docs.google.com
1 www.facebook.com
1 csp.withgoogle.com userscloud.com
1 ssl.gstatic.com www.gstatic.com
1 www.googletagmanager.com userscloud.com
1 static.cloudflareinsights.com userscloud.com
61 16

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
mentxviewsinte.info
Amazon RSA 2048 M02		 2023-03-02 -
2024-03-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-22		 2 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh

This page contains 6 frames:

Primary Page: https://userscloud.com/ge8tzew4jjn7
Frame ID: A6ED1FFC2215CBC406ECCD21D8520452
Requests: 36 HTTP requests in this frame

Frame: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
Frame ID: A874FA004B03269061A9EB7492E298F0
Requests: 14 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__
Frame ID: D04D611A7EA7419C8B16A8545F977DEB
Requests: 6 HTTP requests in this frame

Frame: https://mentxviewsinte.info/OW9PUWdYDSw8WFhSLXcSSwNydFV/Sn0XAwtWIikCTgMmNQFTCH5/BFUAOjUBSwAhJUlXCjt0VX8aAjw1DzgjNTV6Fx5pBnw2ARkKXQcOPTVzDiIcMn0IJGAobCUVFx1eKxUrVxxdCR0lQQ4GAxBwDBoIAnECKz8heAgtHyN4Px45XwkhDmgxYSs8KzJ/AwA3JHcsDCkhVz8KGCp+OyhkMGgiLRo/fycNBAQKIAo2KX8FFmMhCDZ3M1RSLB4ED0gJfwQpfyt7ZTVrCykwIF0MChdeVjU4HzJvKD8oJmo1KTAgXSkLAzVKNjc1P3Yndj0mURcCMwkNNxk6SlZYBWEucCc2YR5sLncFK1cmDhgMAB8WEx9hOwdoC3gEOAMqUCEpEiEAAAkTA248JQhCCy0YACFfDgg1MXg9JCkoexsNAiBWXxg5Pm8hNRg/bwU3OAVRFxoHIAwEDD1WbA0YBD9vBCAhKVU+CRIjdxYOEi1pDhgQBG9fN2kuXlYZdw1KACEhWlQNGwQ+fBkEOSJfPQ
Frame ID: 7837B78118B67A4B1C201EDCB065176F
Requests: 2 HTTP requests in this frame

Frame: https://mentxviewsinte.info/Mkd0ZlNTJRcLbFN6FkAmQCtJQ2F0YkYgNwB+GR42RSsdAjVYIEVIMF4oAQI1QCgaEn1cIgBDYXQlIyI/YBAwN2RkLUxDYXAEDR4CfBAhIjJzARwEAmhiRiQGSw5HMTpVAjkiJwAMAyM/eRYXHwpwHkEjOkoDOjEGdyEYMyR8KzoKG0gWRjBhZw4QHD9jCBM0P1QsNQkFWDcYPipaFTkMI1MKRVIkeT89EgR1MEUxKngWJDIBZCElFQtQFQQJG3UJGy4QCxYkHCtQC0QWY1MgJVQHahUFJBRZDRJUNGAmRxJjUyAlEAZ2fgEnGwIMMVVjdSYxID1QBUVfEABqMVMBcS8iKBALFTsKGgYLNiAiVHUmFBIBHj88YAIAFSQWBAoxJ2JkHyYXNwF3OD8HYCM5VysCJhM3dgABLCIaSBBHIzBrdRw+Hnc0UVQRfBEyXxBKIxMiC2sNElQkeh41JHYAARYRCQsERiMhZBNBPxpIAiYHPQssFREdAAQZAnYABSUxBnthHhU8XDdJBzBwNEwSIgEtLSEy
Frame ID: FBA1EA569FE6EF55B6D26A3656EADA8D
Requests: 2 HTTP requests in this frame

Frame: https://mentxviewsinte.info/a1V2MFkKNxVdZgpoFBYsGTlLFWstcER2PVlsG0g8HDkfVD8BMkceOgc6A1Q/GToYRHcFMAIVay0+ImcpLzAxfSwpBkZVAS8+MnppPTcQdiFdAUdyKyoRN2gdP2QuexoYHzdZG1geNVcaIzw8VR8RNjlWMgMTP2EqHx1HBSsvLEZSAQUtO3kxHBcVdmwHETR9MCoNQmQcEgA8eQsyHD1XKhwNHmkqPSxCaB44BDF8IQcSEEkhWQMafjY8HThhHygEM3ohCAAmW2ATBjcAbD9mMHkMBWQzU2haBDIAYBMGNGEyKR0gfQsFYRlqMhsBOGYhWAAjanxZEyFZdCIcM0kcOxs0ABshMjsDAT0QOmhqKQUiaGwIDx1ADTEEM0IdKmEeZGouYiReYAoZDnUQIBBPSAoqBBlzCgwNJV0xMjYOQxU7IiNFET4PUwIfJx0Ccg0zZDNUaR83EnULWwYdanxZEyFaGDEXJUcAIDlHYhpabAFkaVpwRHIBLAA4aDcccxxDNgUlS1sKARo8BAkgGgJR
Frame ID: 7166626F00FA7622FE03CE12D9527C94
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Userscloud

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

95 %
HTTPS

80 %
IPv6

13
Domains

16
Subdomains

16
IPs

3
Countries

1433 kB
Transfer

3764 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHdgvqmuEArZRucDhLRTJ3HSq5opEK8fTUJJxqZSJ0FN54V-xyhZy3qdZI3hLkxOQV3rVbrjcw HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-754350325%3A1678831049565961&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeeVqKNs2OQzuw8M-izA-Zy0WAwRmbc3cONQk20C-t0Byf9XatLw0JQmwS88SgJpCrOCKKkpA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Request Chain 44
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHehS0VsVhczcpoIVQCy3-2VKeqkIVQxpmqNpN8orwdMkH5UCSs1ph2_38gUiG5KVbl2qzKyjQ HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-1526013337%3A1678831049560018&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHd1ac9ynVzzuQ9dmaTQy_3OQUCaG5ql2xxmMWCikhUllup9MMPpZwe4JcUv-sSS0WYSPp24Tg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ge8tzew4jjn7
userscloud.com/ 		467 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86dbbeef392abd1f3e7ea7f7add785c258a2b9924aa0deebea6bc71505ce26a1
Security Headers
Name Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a7fc5b97999ab55-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 14 Mar 2023 21:57:27 GMT
expires
Mon, 13 Mar 2023 21:57:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwdZMLBIoOfpRvDHBEDaiBMVrQ9W%2FiHos6Uw1wHnSgqsVM9xXSYr0j2tHiOR%2FUgSldfCtoz4TW1hq55FXr0cg%2FaI0m0AkFuDCBAvYMWvKSVbxQKVkzxq002Xj2pH6H4xw4rqRe9PYoqPTi%2FbMA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0;includeSubDomains;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
font-awesome.min.css
userscloud.com/uc/vendor/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/uc/vendor/font-awesome.min.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/ge8tzew4jjn7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
123241
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 02 Jan 2021 15:50:50 GMT
server
cloudflare
etag
W/"5ff0965a-5c79"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbnbcoO4TRtfPHanvFvBuy1SjUHMlT5IGc%2F4iP0YgUaZRi25SQXGUEX7Wg9mcOuMtJxBAX31Y04gPDZSJvBw3foY9lgnDfmaBACnGK3PKPBhDSsO%2BS4HJ3aANwaErwMY28PBacHDLNrzuhYjtw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
7a7fc5be6bb6ab55-SIN
access-control-allow-headers
X-Requested-With
expires
Wed, 12 Apr 2023 11:43:27 GMT
bootstrap.css
userscloud.com/css/vendor/ 		110 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/css/vendor/bootstrap.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/ge8tzew4jjn7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
123241
cf-polished
origSize=113031
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 18 May 2017 15:12:22 GMT
server
cloudflare
etag
W/"591db9d6-1b987"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsowzoD8TK9Q1yFF508FgAOTD1ON%2BXaMlNoD3orFeT7h9GqBtR7IwXv5xya%2BFywpQ33AXPJpxOO%2BkOXicfqasEqX%2B3Sj2egTgi%2Byxh1%2FALngN%2FrHq0tM10RjwgL%2BaDPlAGNdkM8gW7MbQXgibQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
7a7fc5be6bb7ab55-SIN
access-control-allow-headers
X-Requested-With
expires
Wed, 12 Apr 2023 11:43:27 GMT
essentials.css
userscloud.com/css/app/ 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/css/app/essentials.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/ge8tzew4jjn7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2297504
cf-polished
origSize=47095
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 18 May 2017 15:13:10 GMT
server
cloudflare
etag
W/"591dba06-b7f7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpQruko27Z51gCU20ixObled5hHcRCyA7gdzvbLu4TwewlUjobxPqPYxztb%2B0U6Esk5zsN%2BylNQUibf2qcKFD74GmuCetj5z%2FA4Uh2%2F7YddmbfOg4qXKxDz1M3MLm91RzaVqzCB78cqh8swjSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
7a7fc5be6bb8ab55-SIN
access-control-allow-headers
X-Requested-With
expires
Sat, 18 Mar 2023 07:45:43 GMT
layout.min.css
userscloud.com/css/app/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/css/app/layout.min.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/ge8tzew4jjn7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
123241
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 02 Jan 2021 15:52:04 GMT
server
cloudflare
etag
W/"5ff096a4-17d9"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhoVyxdUU3J1IGeRF6mNidP1fdpmlvBhBJMqbixbrXhjfvbOQ4qo80rSb0%2FzjDG7%2Bxgy%2FKnxwYhlS2Z91DnCxP0ni9Tt7IfcNPk4u1A9dvUhkYmLQRd3GE9eZvM6lNVZJUJtYtluD3WPmVWF7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
7a7fc5be6bb9ab55-SIN
access-control-allow-headers
X-Requested-With
expires
Wed, 12 Apr 2023 11:43:27 GMT
navbar.css
userscloud.com/css/app/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/css/app/navbar.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/ge8tzew4jjn7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
123240
cf-polished
origSize=21572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 18 May 2017 15:14:54 GMT
server
cloudflare
etag
W/"591dba6e-5444"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBLPrQC0%2FCkM0yLC2rfAKYiZi7%2BxPoAB9u4WtTBr8zQlpCyHo9%2FRccYo6tVSGYsWLOpaqwnlqBaguVAE7T41zTm2vOrYe%2BrM5ywio%2FRqkLXIRUaawrdat5H2u5KAt2%2BN%2BM2JMVcbZ4hb3X7Pzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
7a7fc5be6bbaab55-SIN
access-control-allow-headers
X-Requested-With
expires
Wed, 12 Apr 2023 11:43:28 GMT
gview
docs.google.com/ Frame A874 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a9dbd00ac38357f6e7781444a658d0299b6e52fca23723c7611b007771e6b433
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OHtnid1lr89DYUjxu19kyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://userscloud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-OHtnid1lr89DYUjxu19kyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy-report-only
require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only
same-origin; report-to="apps-viewer"
date
Tue, 14 Mar 2023 21:57:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
logo_s.jpg
userscloud.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://userscloud.com/images/logo_s.jpg
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/ge8tzew4jjn7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
123240
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1624
last-modified
Thu, 17 Dec 2020 16:14:49 GMT
server
cloudflare
etag
"5fdb83f9-658"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2F2WkQdR%2BK8jmgM%2BONcHCXF0BZ4IYo%2BBT5d5S4upE2mMF2oQInlk%2F5JePO4Hz4oLdWQDn%2BpTvoV60Bmmn7UH2rFpYDnDzTKxLkUZnmyXcr8igum7nuhrsvE%2BCgyT24Lu9xLwqwZajMjxmFG%2BtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7a7fc5c1c8e718ce-SIN
access-control-allow-headers
X-Requested-With
priority
u=3,i
expires
Wed, 12 Apr 2023 11:43:28 GMT
rocket-loader.min.js
userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/ge8tzew4jjn7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Mar 2023 22:56:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6407c11e-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBgAAXaeW%2B4IYvut0khupZ9Y3AFJ0L2uSpRS1khcCHOvM6f55llRSQhlKHLj2L1savzunmBW5cqxq3oOccyMs8Ap0HLxG47vKFeL5bdkEA3fCwac0f%2BlgsBQrPkRvEXy%2BopxabegDlSoYNd48g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7a7fc5c1c8e818ce-SIN
expires
Thu, 16 Mar 2023 21:57:27 GMT
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://userscloud.com/
Origin
https://userscloud.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:28 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7a7fc5c1dbaf496b-SIN
fontawesome-webfont.woff2
userscloud.com/uc/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/uc/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: userscloud.com
URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
https://userscloud.com/uc/vendor/font-awesome.min.css
Origin
https://userscloud.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
123240
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56780
last-modified
Mon, 14 Dec 2020 20:14:38 GMT
server
cloudflare
etag
"5fd7c7ae-ddcc"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJEmMqE%2BxuT%2Fx%2Bu9pnSdbDUnMek%2FH%2FmuhPUwGqg9E%2FeaqqsdHHBMnvuFziqCUZOIIyRUxnMpI75cFu43%2F%2Fx1voPSBEbGiPnu%2BSzW8nxOEy3QVgC81o6x8CScS0eOM48nzxHMORdbO4lBrl7XiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7a7fc5c1d8e918ce-SIN
access-control-allow-headers
X-Requested-With
priority
u=0,i=?0
expires
Wed, 12 Apr 2023 11:43:29 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-70768172-1
Requested by
Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b0cce286a0327ac843111dc98d1a960806246ca908bde9b5901ec48f1af8314
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44664
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:04:12 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Mar 2023 21:57:28 GMT
bootstrap.js
userscloud.com/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/bootstrap.js
Requested by
Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/ge8tzew4jjn7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
392
cf-polished
origSize=35778
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 26 Dec 2020 13:26:43 GMT
server
cloudflare
etag
W/"8bc2-5b75dfde473c8-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBSdm0YYZVSZVm5QsXXK%2FSe59ZOW%2BWlSYiyxyj323Lu1KcAYvcwU8Ur%2BomLqGQIb6H1q1h2eeu5xCsseJ%2FESJYATUuLLqZHTmI0CKgHDXDlfrjGx6j2NWq87NALGCX7SEpWRL1EO9Uv5yhcSvw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=259200
cf-ray
7a7fc5c208f618ce-SIN
access-control-allow-headers
X-Requested-With
priority
u=1,i=?0
jquery.min.js
userscloud.com/assets/library/jquery/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/assets/library/jquery/jquery.min.js?v=v2.0.0-rc8&sv=v0.0.1.2
Requested by
Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/ge8tzew4jjn7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
123241
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 25 May 2014 12:12:31 GMT
server
cloudflare
etag
W/"5381de2f-16b88"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGdp3WeoRtNRAF7QIs7%2BXj95hLU3ZDuPCsgjETX3dN%2FcJ5McGurTKP6xQM4L8J7TPGbLsYze2KWNWXHuBa9mPELz3%2FAJWxdtVvNx76ryTrQCg3zBEN6OBSw6jH%2BwggvA3gVSli4%2Fo%2BQhKVreig%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
7a7fc5c208f718ce-SIN
access-control-allow-headers
X-Requested-With
priority
u=1,i=?0
expires
Wed, 12 Apr 2023 11:43:28 GMT
rs=AC2dHMLeEShvqFulC8Ckcp5BZSaOUy3E1A
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.cw2pc5xJ8DQ.L.W.O/d=0/ Frame A874 		334 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.cw2pc5xJ8DQ.L.W.O/d=0/rs=AC2dHMLeEShvqFulC8Ckcp5BZSaOUy3E1A
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14d7bbe90573d7b3f0baa84288dfc1b4719cc37c8d33ec00f5909ba21a8bebc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 10:37:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
559217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42558
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 02:05:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-viewer"
vary
Accept-Encoding
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 10:37:11 GMT
thumb
docs.google.com/viewerng/ Frame A874 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://docs.google.com/viewerng/thumb?ds=AON1mFxYiMG7zu3r7gWdwbZ4maIw1RblywCTvddyU7QPmE-uJrD7mf5djoo4o1x0XOceoA3inqugUSIRpgQ5Rnm4U4qedkMuOBPOlyv96M_u3-WcW-tjWgm8ifRb0Bnzx3eEEsZBkznXfbDNMGjvo4mc3umgFntljciA7Vyn5FMzFhzgez90cpS1waDROoundbZbhh6IT9ewhllIzBSVQh5DKAaiGo08Zxt69GHs4Q9R1L-aaxpcD34RHKdjxPueqFYH-fRP3Au68G6Xuzr4kQNANQMpGmt-H5ADzk9zZsBE9OTtYhCR208W39AYkylUTh1r113KmRZD8M0sxzLDyghxneEzj0CvSu5qrXHIIXXxpCjuFQ2opbQ%3D&ck=lantern&authuser&w=800&webp=true&p=proj
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e990d11ddcdcbf2792d83c6d422748810eea1872063dce920a45c2d11703061c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eR_RGPQU96943DjpTctyXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
cross-origin-embedder-policy-report-only
require-corp; report-to="apps-viewer"
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-eR_RGPQU96943DjpTctyXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server
GSE
x-frame-options
SAMEORIGIN
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
image/png
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
cross-origin-opener-policy-report-only
same-origin; report-to="apps-viewer"
expires
Tue, 14 Mar 2023 21:57:29 GMT
m=main
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/ Frame A874 		1 MB
436 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/m=main
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
271faa66d427e1be15e1e655763bd1c279ca6d749aa96dbc0e713d86bb60da56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 00:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
445795
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 02:03:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-viewer"
vary
Accept-Encoding
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Mar 2024 00:21:33 GMT
client.js
apis.google.com/js/ Frame A874 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed05ba9ca2ac4e8ed909410a8686b8e4f06da34644ef77a267f851c517a24617
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Mar 2023 21:57:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6898
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"f8b323e21c2bb48a"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Mar 2023 21:57:28 GMT
cspreport
docs.google.com/ Frame A874 		141 B
535 B 		Other
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/cspreport
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K-wOAlukCT9_bwWlze72DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
script-src 'report-sample' 'nonce-K-wOAlukCT9_bwWlze72DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Mar 2023 21:57:28 GMT
server
GSE
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
x-xss-protection
1; mode=block
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_l9ocaq"
expires
Tue, 14 Mar 2023 21:57:28 GMT
cspreport
docs.google.com/ Frame A874 		141 B
345 B 		Other
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/cspreport
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H1HBh69pkzQP2rr7rX_uyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
script-src 'report-sample' 'nonce-H1HBh69pkzQP2rr7rX_uyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Mar 2023 21:57:28 GMT
server
GSE
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
x-xss-protection
1; mode=block
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_l9ocaq"
expires
Tue, 14 Mar 2023 21:57:28 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/ Frame A874 		315 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cebdb5bf570a8a687478359f01b1d07f6ee56c7fd55c28d8090743d5583b49e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 22:00:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
518236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109898
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 16:56:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 22:00:12 GMT
v-sprite49.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame A874 		111 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite49.svg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.cw2pc5xJ8DQ.L.W.O/d=0/rs=AC2dHMLeEShvqFulC8Ckcp5BZSaOUy3E1A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6f297b877fae9ac87f177ad1fdcb9d0ea41624dc87f7a81a7ab80ab7efd8975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 12:30:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
466031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48304
x-xss-protection
0
last-modified
Wed, 18 Jan 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Fri, 08 Mar 2024 12:30:18 GMT
meta
docs.google.com/viewerng/ Frame A874 		36 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/viewerng/meta?id=ACFrOgAivMsgkL3vkXJQOT7ePu0A37JXRH0ub63-ui0AK4rhnlf-woGuTJLfCQp3IXP9A38ZcMVcBmA7hBEgn_TZ9StKQ6SsbogyyIlZTJunZMHWkqwLhS1Fes6B4nMdehzpRHvbkAPhp2JHYQl2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/m=main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7b7c0fbe0bd60dd5fa1dbfad0ece7835c374e0dfeb56c5812e28872235cec2a5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B2Klg5a6BzFEWBuWiV7sEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 21:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-B2Klg5a6BzFEWBuWiV7sEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only
require-corp; report-to="apps-viewer"
server
GSE
x-frame-options
SAMEORIGIN
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
cross-origin-opener-policy-report-only
same-origin; report-to="apps-viewer"
expires
Mon, 01 Jan 1990 00:00:00 GMT
proxy.html
content.googleapis.com/static/ Frame D04D 		382 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00484a76f79ee220dce666fd17299f9c932a6ca34b2d2ae736dcbc2dff79ebb2
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-O7fv6EAyNwhLnD0hVqz44Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
275
content-security-policy
script-src 'nonce-O7fv6EAyNwhLnD0hVqz44Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type
text/html
cross-origin-embedder-policy
require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only
same-origin; report-to="apiserving"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Mar 2023 21:57:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Fri, 17 Jul 2020 22:45:00 GMT
pragma
no-cache
report-to
{"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
apiserving
csp.withgoogle.com/csp/ Frame D04D 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/apiserving
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::8d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://content.googleapis.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers
googleapis.proxy.js
apis.google.com/js/ Frame D04D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/googleapis.proxy.js?onload=startup
Requested by
Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8abad0c95d453a9cb7a8d94199db57035bac3bef9da7e772092f31fe3ec083b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Mar 2023 21:57:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6898
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"2dec8214aa3ffcf8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Mar 2023 21:57:29 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/ Frame D04D 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d0cd8a36a51dfa01d044cf17b7597eedde6e8a74d563be3f3fd1cb97efab482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 03:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25326
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 16:56:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Mar 2024 03:53:59 GMT
viewerimpressions
content.googleapis.com/drive/v2internal/ Frame D04D 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://docs.google.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Goog-AuthUser
0
X-Referer
https://docs.google.com

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 21:57:29 GMT
x-content-type-options
nosniff
server
ESF
etag
"vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin, X-Origin
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
img
docs.google.com/viewerng/ Frame A874 		59 KB
59 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/viewerng/img?id=ACFrOgAivMsgkL3vkXJQOT7ePu0A37JXRH0ub63-ui0AK4rhnlf-woGuTJLfCQp3IXP9A38ZcMVcBmA7hBEgn_TZ9StKQ6SsbogyyIlZTJunZMHWkqwLhS1Fes6B4nMdehzpRHvbkAPhp2JHYQl2&page=0&w=800&webp=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/m=main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e990d11ddcdcbf2792d83c6d422748810eea1872063dce920a45c2d11703061c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YkSoPg5JgSp7qfRQmqrVcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 21:57:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-YkSoPg5JgSp7qfRQmqrVcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only
require-corp; report-to="apps-viewer"
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
image/png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
cross-origin-opener-policy-report-only
same-origin; report-to="apps-viewer"
expires
Mon, 01 Jan 1990 00:00:00 GMT
presspage
docs.google.com/viewerng/ Frame A874 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/viewerng/presspage?id=ACFrOgAivMsgkL3vkXJQOT7ePu0A37JXRH0ub63-ui0AK4rhnlf-woGuTJLfCQp3IXP9A38ZcMVcBmA7hBEgn_TZ9StKQ6SsbogyyIlZTJunZMHWkqwLhS1Fes6B4nMdehzpRHvbkAPhp2JHYQl2&page=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.zh_CN.L0vEkvFaK80.O/d=1/rs=AC2dHMJTeGgMk_j8wEGDNG6PtBSTYW1yaQ/m=main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::64 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
82f28aafa358005622ed4a3114d1b0a829c4ef4d23e789d597e98aec614812d5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l2ZLgnRix2JwnRHdkvFvsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 21:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-l2ZLgnRix2JwnRHdkvFvsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only
require-corp; report-to="apps-viewer"
server
GSE
x-frame-options
SAMEORIGIN
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
cross-origin-opener-policy-report-only
same-origin; report-to="apps-viewer"
expires
Mon, 01 Jan 1990 00:00:00 GMT
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 14 Mar 2023 21:56:29 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://userscloud.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCPbdluVh1N97vMVWkpAJy3uJX9b0yGFoISN7kFsa80m5fUKDMJ1IObUCwDn5bH8GXMbaXaN1SNDJW5umI1lLmWk1CEdw%2B46dOaOfiMdA7qXtgd4YJUE8tsvqnjjbmmn"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7a7fc5cab86487f9-SIN
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
365 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5cecb50f40d4b8b5cb48488339d0138d50a2b924bcb31759c730bb0315ecb56

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ueJ2WCNVa7ECFaR2ez0WB2je4lGN6FbGiuHkDjbNX4o1qJ4YZ7eQZt1JE6Y2fcPG2uyp3i2Y4FnmOxV6nDdYxt55F4b%2Fy0woz77Wxb6vC%2B7wNuddQnPxez9vetEQ5E1"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://userscloud.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7a7fc5cab86587f9-SIN
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
mentxviewsinte.info/ 		0
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mentxviewsinte.info/utx?cb=Ael7lFAxMfvk&top=userscloud.com&tid=600304
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.11.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-11-57.kul50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 21:57:29 GMT
via
1.1 cd270bbe12916bdcf1df12e77dff4b40.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
KUL50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://userscloud.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
I_h8qY-4ZFDKe33vdUQZF0QUVdjrTyDPRhZDQ6MsCIVOTLANT475xQ==
bwU3OAVRFxoHIAwEDD1WbA0YBD9vBCAhKVU+CRIjdxYOEi1pDhgQBG9fN2kuXlYZdw1KACEhWlQNGwQ+fBkEOSJfPQ
mentxviewsinte.info/OW9PUWdYDSw8WFhSLXcSSwNydFV/Sn0XAwtWIikCTgMmNQFTCH5/BFUAOjUBSwAhJUlXCjt0VX8aAjw1DzgjNTV6Fx5pBnw2ARkKXQcOPTVzDiIcMn0IJGAobCUVFx1eKxUrVxxdCR0lQQ4GAxBwDBoIAnECKz8heAgtHyN4Px45XwkhD... Frame 7837 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mentxviewsinte.info/OW9PUWdYDSw8WFhSLXcSSwNydFV/Sn0XAwtWIikCTgMmNQFTCH5/BFUAOjUBSwAhJUlXCjt0VX8aAjw1DzgjNTV6Fx5pBnw2ARkKXQcOPTVzDiIcMn0IJGAobCUVFx1eKxUrVxxdCR0lQQ4GAxBwDBoIAnECKz8heAgtHyN4Px45XwkhDmgxYSs8KzJ/AwA3JHcsDCkhVz8KGCp+OyhkMGgiLRo/fycNBAQKIAo2KX8FFmMhCDZ3M1RSLB4ED0gJfwQpfyt7ZTVrCykwIF0MChdeVjU4HzJvKD8oJmo1KTAgXSkLAzVKNjc1P3Yndj0mURcCMwkNNxk6SlZYBWEucCc2YR5sLncFK1cmDhgMAB8WEx9hOwdoC3gEOAMqUCEpEiEAAAkTA248JQhCCy0YACFfDgg1MXg9JCkoexsNAiBWXxg5Pm8hNRg/bwU3OAVRFxoHIAwEDD1WbA0YBD9vBCAhKVU+CRIjdxYOEi1pDhgQBG9fN2kuXlYZdw1KACEhWlQNGwQ+fBkEOSJfPQ
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.11.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-11-57.kul50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
3b248d84df57bda8ad1c2bad80008dba66f80f564a9aa56cc2217b338adc8594

Request headers

Referer
https://userscloud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1232
content-type
text/html
date
Tue, 14 Mar 2023 21:57:29 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 cd270bbe12916bdcf1df12e77dff4b40.cloudfront.net (CloudFront)
x-amz-cf-id
QQzrHI4Myee-4uCQvImsf8HF4BhummSNu7iKx2B_sFBZxJ0cW3spmQ==
x-amz-cf-pop
KUL50-C2
x-cache
Miss from cloudfront
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 14 Mar 2023 21:56:29 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://userscloud.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kN7CtOY6ia%2BJostk9wmIwgHaTbNy9P601cn%2FOmXLn81jccrgGv%2FewJCzZdNnIEYuQs7t8L87eGyTFcgxyzdqxJs7OjsIFYwQUExmQ3CjNfB2LtkbZ%2FW%2ByI0HvNcCmBtN"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7a7fc5cad87587f9-SIN
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
354 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98dcccfde3850644c17897b63f5318f560058903928bffbc6ab3ed5c2e877dca

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbnSqsHA4l4AC9DeKrO6LniZtvOFN9Xl1Zvx8o5C3iaj8l%2F70Y1A%2BT0kfa8BMjCMtfOnEewJwM8%2FyArxhV23LuX5OlXvoTCeIW2qdQPY3w%2BE%2B3FFdQGqVGeAu%2B3r9xpN"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://userscloud.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7a7fc5cad87887f9-SIN
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
mentxviewsinte.info/ 		0
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mentxviewsinte.info/utx?cb=wzdTQyOLdXnu&top=userscloud.com&tid=708052
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.11.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-11-57.kul50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 21:57:29 GMT
via
1.1 cd270bbe12916bdcf1df12e77dff4b40.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
KUL50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://userscloud.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
NDyTpFXM2ROl_6fFnBhUw72ge9UCMH4eo_xsvDMLr8602oU1ZuDwiw==
eRYXHwpwHkEjOkoDOjEGdyEYMyR8KzoKG0gWRjBhZw4QHD9jCBM0P1QsNQkFWDcYPipaFTkMI1MKRVIkeT89EgR1MEUxKngWJDIBZCElFQtQFQQJG3UJGy4QCxYkHCtQC0QWY1MgJVQHahUFJBRZDRJUNGAmRxJjUyAlEAZ2fgEnGwIMMVVjdSYxID1QBUVfEABqM...
mentxviewsinte.info/Mkd0ZlNTJRcLbFN6FkAmQCtJQ2F0YkYgNwB+GR42RSsdAjVYIEVIMF4oAQI1QCgaEn1cIgBDYXQlIyI/YBAwN2RkLUxDYXAEDR4CfBAhIjJzARwEAmhiRiQGSw5HMTpVAjkiJwAMAyM/ Frame FBA1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mentxviewsinte.info/Mkd0ZlNTJRcLbFN6FkAmQCtJQ2F0YkYgNwB+GR42RSsdAjVYIEVIMF4oAQI1QCgaEn1cIgBDYXQlIyI/YBAwN2RkLUxDYXAEDR4CfBAhIjJzARwEAmhiRiQGSw5HMTpVAjkiJwAMAyM/eRYXHwpwHkEjOkoDOjEGdyEYMyR8KzoKG0gWRjBhZw4QHD9jCBM0P1QsNQkFWDcYPipaFTkMI1MKRVIkeT89EgR1MEUxKngWJDIBZCElFQtQFQQJG3UJGy4QCxYkHCtQC0QWY1MgJVQHahUFJBRZDRJUNGAmRxJjUyAlEAZ2fgEnGwIMMVVjdSYxID1QBUVfEABqMVMBcS8iKBALFTsKGgYLNiAiVHUmFBIBHj88YAIAFSQWBAoxJ2JkHyYXNwF3OD8HYCM5VysCJhM3dgABLCIaSBBHIzBrdRw+Hnc0UVQRfBEyXxBKIxMiC2sNElQkeh41JHYAARYRCQsERiMhZBNBPxpIAiYHPQssFREdAAQZAnYABSUxBnthHhU8XDdJBzBwNEwSIgEtLSEy
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.11.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-11-57.kul50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
2696306730e695a48eb9c69080be44dc11b18581888d0b24517706a3bfd0fb96

Request headers

Referer
https://userscloud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1233
content-type
text/html
date
Tue, 14 Mar 2023 21:57:29 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 cd270bbe12916bdcf1df12e77dff4b40.cloudfront.net (CloudFront)
x-amz-cf-id
FGMRHED9Ou2K9KbxyMSG7kxEj1rO7VVAxQwTU4QRRS6zQ05wHky8xA==
x-amz-cf-pop
KUL50-C2
x-cache
Miss from cloudfront
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 14 Mar 2023 21:56:36 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://userscloud.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8YXTGRHiIMbuCLB3WWX0fWkpSNEapVzeZayoTZHks4PpuhQc9SjLc573BnkVye34IOAki9a2Pg3uz8xKlRMHXMBV8JDwAcYgIbuQKCIAInWnI7Uvejhb13fOtUbQDqu"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7a7fc5cafd09483a-SIN
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.173.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84b71057d68aeefa465f356f6ecdd0a17bf22184bd5117996c40c66ffca467d7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czX5p%2BlHmZV9xBtRSr10GCD32YrgiGY3TOEgKs9UpgoKY7T4vysdXenTV%2FSznkq1DFzZheBAFruQ9gSqgLrE%2BY9YT%2B%2FfKB7BKxhZhp13tV0Z1MlDFG2PxnYcl2jb3CjP"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://userscloud.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7a7fc5cafd0a483a-SIN
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
mentxviewsinte.info/ 		0
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mentxviewsinte.info/utx?cb=V2nouBNijJ0l&top=userscloud.com&tid=816973
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.11.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-11-57.kul50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 21:57:29 GMT
via
1.1 cd270bbe12916bdcf1df12e77dff4b40.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
KUL50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://userscloud.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
kA5VGYuCBO_7pnL8bP1apmykBOjj4a1Rb_lrF4jhCNTdSVOCZupi8g==
GToYRHcFMAIVay0+ImcpLzAxfSwpBkZVAS8+MnppPTcQdiFdAUdyKyoRN2gdP2QuexoYHzdZG1geNVcaIzw8VR8RNjlWMgMTP2EqHx1HBSsvLEZSAQUtO3kxHBcVdmwHETR9MCoNQmQcEgA8eQsyHD1XKhwNHmkqPSxCaB44BDF8IQcSEEkhWQMafjY8HThhHygEM...
mentxviewsinte.info/a1V2MFkKNxVdZgpoFBYsGTlLFWstcER2PVlsG0g8HDkfVD8BMkceOgc6A1Q/ Frame 7166 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mentxviewsinte.info/a1V2MFkKNxVdZgpoFBYsGTlLFWstcER2PVlsG0g8HDkfVD8BMkceOgc6A1Q/GToYRHcFMAIVay0+ImcpLzAxfSwpBkZVAS8+MnppPTcQdiFdAUdyKyoRN2gdP2QuexoYHzdZG1geNVcaIzw8VR8RNjlWMgMTP2EqHx1HBSsvLEZSAQUtO3kxHBcVdmwHETR9MCoNQmQcEgA8eQsyHD1XKhwNHmkqPSxCaB44BDF8IQcSEEkhWQMafjY8HThhHygEM3ohCAAmW2ATBjcAbD9mMHkMBWQzU2haBDIAYBMGNGEyKR0gfQsFYRlqMhsBOGYhWAAjanxZEyFZdCIcM0kcOxs0ABshMjsDAT0QOmhqKQUiaGwIDx1ADTEEM0IdKmEeZGouYiReYAoZDnUQIBBPSAoqBBlzCgwNJV0xMjYOQxU7IiNFET4PUwIfJx0Ccg0zZDNUaR83EnULWwYdanxZEyFaGDEXJUcAIDlHYhpabAFkaVpwRHIBLAA4aDcccxxDNgUlS1sKARo8BAkgGgJR
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.11.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-11-57.kul50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
a2a920142c2e8c5374ed8fe48be66eccc00fe2e54c5833e30adbc509889edca5

Request headers

Referer
https://userscloud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1233
content-type
text/html
date
Tue, 14 Mar 2023 21:57:29 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 cd270bbe12916bdcf1df12e77dff4b40.cloudfront.net (CloudFront)
x-amz-cf-id
rwcxOrPKosQWbOjUBPS8O1kPO1DzStZNaEblBKKBsUZx1Sm0PPxzbg==
x-amz-cf-pop
KUL50-C2
x-cache
Miss from cloudfront
T1ZHBQlAWWBuBxRkUW8WA2BYTGQqB3ZtB0MEXWIGORNAUTRNAwQIY0ABEkg5FAgFHiMEVEBNI00EElE+FloJHiZNBBoLZF4GBhZhVkAJCXYERVVfbUETREwkHAgFDmdIDQcJYEQMBw9n
esorandhewa.com/UHA1NDh/ 		0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esorandhewa.com/UHA1NDh/T1ZHBQlAWWBuBxRkUW8WA2BYTGQqB3ZtB0MEXWIGORNAUTRNAwQIY0ABEkg5FAgFHiMEVEBNI00EElE+FloJHiZNBBoLZF4GBhZhVkAJCXYERVVfbUETREwkHAgFDmdIDQcJYEQMBw9n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IP%2F9gX%2F7hstCv5oNivSMrgRWrEpsTrCFtfLydvmOgsx5TYTEv7uLaf5cBu6LFR%2BocNSDonIUKyl8sEt5CSsP9%2BZFzuDpFzEDNzLLi3Gry12FHxNwiLIozgYMc6nQyIRqNw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7a7fc5cb3fef87cb-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHdgvqmuEArZRucDhLRTJ3HSq5opEK8fTUJJxqZSJ0FN54V-xyhZy3qdZI3...
  • https://accounts.google.com/v3/signin/identifier?dsh=S-754350325%3A1678831049565961&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeeVqKNs2OQzuw8M-izA-Zy0WAwRmbc3cONQk20C-t0By...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-754350325%3A1678831049565961&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeeVqKNs2OQzuw8M-izA-Zy0WAwRmbc3cONQk20C-t0Byf9XatLw0JQmwS88SgJpCrOCKKkpA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Protocol
H3
Server
2404:6800:4003:c00::54 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Tue, 14 Mar 2023 21:57:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-lDzzCBoIA_KbnGxmKYapZA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
393
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-754350325%3A1678831049565961&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeeVqKNs2OQzuw8M-izA-Zy0WAwRmbc3cONQk20C-t0Byf9XatLw0JQmwS88SgJpCrOCKKkpA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AWnogHehS0VsVhczcpoIVQCy3-2VKeqkIVQxpmqNpN8orwdMkH5UCSs1ph2...
  • https://accounts.google.com/v3/signin/identifier?dsh=S-1526013337%3A1678831049560018&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHd1ac9ynVzzuQ9dmaTQy_3OQUCaG5ql2xxmMWCikhUl...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-1526013337%3A1678831049560018&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHd1ac9ynVzzuQ9dmaTQy_3OQUCaG5ql2xxmMWCikhUllup9MMPpZwe4JcUv-sSS0WYSPp24Tg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Protocol
H3
Server
2404:6800:4003:c00::54 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Tue, 14 Mar 2023 21:57:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-DbrGvgLv7teKBl1v8-k7sQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
403
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-1526013337%3A1678831049560018&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHd1ac9ynVzzuQ9dmaTQy_3OQUCaG5ql2xxmMWCikhUllup9MMPpZwe4JcUv-sSS0WYSPp24Tg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
UW0zUml+UlAhVDIlYR0NOit7AwdgLlBiBRcIAxgeAih9YTgZOBUmADVQBGJRYVgBdBk4CQ5gUHceRzMdJB4OY084A1U9VHcbDmNHYUMFYkdjS0ZvWHcZQzMObFwVIh0lAQ5jX2ZVC2FYYVkKZlhi
esorandhewa.com/ 		0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esorandhewa.com/UW0zUml+UlAhVDIlYR0NOit7AwdgLlBiBRcIAxgeAih9YTgZOBUmADVQBGJRYVgBdBk4CQ5gUHceRzMdJB4OY084A1U9VHcbDmNHYUMFYkdjS0ZvWHcZQzMObFwVIh0lAQ5jX2ZVC2FYYVkKZlhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzRsDc2p%2BNonM0YGZXkUAGl9W4r6diQPk5x6YmuVl29aAGeShiO1v8s8n6gOogoxjHwEcVTEX2iveB9LvvAUQ%2F%2BKKV5IIAVCC6CBTLu1AfMdf1YIbWmcvRGBN%2FrG%2FtoqJAI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7a7fc5cb3ff087cb-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
STVFWnJmCiYpTyhhISwQDH8gGzQxbCEcQg5jKWMFHnQPPiURZGMuGy0IfWtEcAJ2fAIgUXhoS29GMTsGPEZ4a1QgWyM1T29DeGtceRtzalx7EzBnQ29BNTsVdARjKgY9WXhrRH4NfWlDeQF8bkBx
esorandhewa.com/ 		0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esorandhewa.com/STVFWnJmCiYpTyhhISwQDH8gGzQxbCEcQg5jKWMFHnQPPiURZGMuGy0IfWtEcAJ2fAIgUXhoS29GMTsGPEZ4a1QgWyM1T29DeGtceRtzalx7EzBnQ29BNTsVdARjKgY9WXhrRH4NfWlDeQF8bkBx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3ksBJpvHfUaFK2QLoORG7IIIrWFdCcJgAl7kIVZ%2Bg6Xbk7TWsX9GiI46Or8tJ0HnNA2klIMvsJuU1RwSIlSFwPYL5Pmd434RC6Y4PPitGaexIi3r5uGC0XdN1MI%2FZr9NFw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7a7fc5cb3ff187cb-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rum
userscloud.com/cdn-cgi/ 		0
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:cf69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://userscloud.com/ge8tzew4jjn7
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://userscloud.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7a7fc5cb2b0a18ce-SIN
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70768172-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::66 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Mar 2023 21:02:30 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3299
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 14 Mar 2023 23:02:30 GMT
collect
www.google-analytics.com/j/ 		1 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1693921967&t=pageview&_s=1&dl=https%3A%2F%2Fuserscloud.com%2Fge8tzew4jjn7&ul=en-us&de=UTF-8&dt=Userscloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=128011094&gjid=1800365583&cid=1990233024.1678831050&tid=UA-70768172-1&_gid=1167390699.1678831050&_r=1&gtm=457e33d0&z=818822584
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::66 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://userscloud.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 21:57:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://userscloud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
LBxaIRwIcUYeHmdnFAgbNDAPQh80NA9VXDszUFlOfCNCCxFnPEIMGTg5WQMbKXFHBUc3OEgNFjY2F1Y8b3kCQUhqf0UNFD44RRdfaGdcEF9oZwNUVGpyASZfaGdFDRRsYxdXOH9lAhxMbn4XVk-o7J0IIHy0yUA8TLnIAIk9pYBxXTH9lAkwRMiNfCF9oFBdWSjY+...
d29mxewlidfjg1.cloudfront.net/uMmR6WldRCxQ8aEYNHmdhAlRJamMUDgk1OUJZFzgDZz0/ Frame 7837 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d29mxewlidfjg1.cloudfront.net/uMmR6WldRCxQ8aEYNHmdhAlRJamMUDgk1OUJZFzgDZz0/LBxaIRwIcUYeHmdnFAgbNDAPQh80NA9VXDszUFlOfCNCCxFnPEIMGTg5WQMbKXFHBUc3OEgNFjY2F1Y8b3kCQUhqf0UNFD44RRdfaGdcEF9oZwNUVGpyASZfaGdFDRRsYxdXOH9lAhxMbn4XVk-o7J0IIHy0yUA8TLnIAIk9pYBxXTH9lAkwRMiNfCF9oFBdWSjY+WQFfaGdVARkxOBtBSGo0WhYVNzIXVjxibhxUVG5kCl1UbWUXVkopNlQFCDNyACJPaWAcV0x8Ig9V
Requested by
Host: mentxviewsinte.info
URL: https://mentxviewsinte.info/OW9PUWdYDSw8WFhSLXcSSwNydFV/Sn0XAwtWIikCTgMmNQFTCH5/BFUAOjUBSwAhJUlXCjt0VX8aAjw1DzgjNTV6Fx5pBnw2ARkKXQcOPTVzDiIcMn0IJGAobCUVFx1eKxUrVxxdCR0lQQ4GAxBwDBoIAnECKz8heAgtHyN4Px45XwkhDmgxYSs8KzJ/AwA3JHcsDCkhVz8KGCp+OyhkMGgiLRo/fycNBAQKIAo2KX8FFmMhCDZ3M1RSLB4ED0gJfwQpfyt7ZTVrCykwIF0MChdeVjU4HzJvKD8oJmo1KTAgXSkLAzVKNjc1P3Yndj0mURcCMwkNNxk6SlZYBWEucCc2YR5sLncFK1cmDhgMAB8WEx9hOwdoC3gEOAMqUCEpEiEAAAkTA248JQhCCy0YACFfDgg1MXg9JCkoexsNAiBWXxg5Pm8hNRg/bwU3OAVRFxoHIAwEDD1WbA0YBD9vBCAhKVU+CRIjdxYOEi1pDhgQBG9fN2kuXlYZdw1KACEhWlQNGwQ+fBkEOSJfPQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2179:dc00:14:df85:4c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
18e595071fb54da414e79fc05094a447284f02f00fb5e6c85d88788fb83124cb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mentxviewsinte.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
content-encoding
gzip
via
1.1 e45744c97381aa056cf8b022283ddaf0.cloudfront.net (CloudFront)
x-amz-cf-pop
KUL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
766
x-amz-cf-id
uhgLnNgDIp7toOg4-EgX1QxmbxBZ1AzKfx1PjdYodn_b2FcJivOAzw==
WjAZBSwYKl1RC19wT01+XGUNXnw
d29mxewlidfjg1.cloudfront.net/kTWpDeGMuBS0eXDkDJ0VbfFx6T1BrADAXDT1XKCsJAiB3KCgCHiJeFzcOfkhFIQstH15rDy0bXnxMIhwBcF5lDBMiAX4TEyUJIRYIKgswXhYsVy4XGSQGLxlGfyx2VlNoWHNQFCQEJxcUPk9xSA05T3FIUn1Ec11QD09xSB... Frame 7166 		575 B
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d29mxewlidfjg1.cloudfront.net/kTWpDeGMuBS0eXDkDJ0VbfFx6T1BrADAXDT1XKCsJAiB3KCgCHiJeFzcOfkhFIQstH15rDy0bXnxMIhwBcF5lDBMiAX4TEyUJIRYIKgswXhYsVy4XGSQGLxlGfyx2VlNoWHNQFCQEJxcUPk9xSA05T3FIUn1Ec11QD09xSBQkBHVMRn4oZkpTNVx3UUZ/Wi-IIEyEPNB0BJgM3XVELX3BPTX5cZkpTZQErDA4hT3E7Rn9aLxEIKE9xSAQoCSgXSmhYcxsLPwUuHUZ/LHtBTX1Ed0tbdER0SkZ/WjAZBSwYKl1RC19wT01+XGUNXnw
Requested by
Host: mentxviewsinte.info
URL: https://mentxviewsinte.info/a1V2MFkKNxVdZgpoFBYsGTlLFWstcER2PVlsG0g8HDkfVD8BMkceOgc6A1Q/GToYRHcFMAIVay0+ImcpLzAxfSwpBkZVAS8+MnppPTcQdiFdAUdyKyoRN2gdP2QuexoYHzdZG1geNVcaIzw8VR8RNjlWMgMTP2EqHx1HBSsvLEZSAQUtO3kxHBcVdmwHETR9MCoNQmQcEgA8eQsyHD1XKhwNHmkqPSxCaB44BDF8IQcSEEkhWQMafjY8HThhHygEM3ohCAAmW2ATBjcAbD9mMHkMBWQzU2haBDIAYBMGNGEyKR0gfQsFYRlqMhsBOGYhWAAjanxZEyFZdCIcM0kcOxs0ABshMjsDAT0QOmhqKQUiaGwIDx1ADTEEM0IdKmEeZGouYiReYAoZDnUQIBBPSAoqBBlzCgwNJV0xMjYOQxU7IiNFET4PUwIfJx0Ccg0zZDNUaR83EnULWwYdanxZEyFaGDEXJUcAIDlHYhpabAFkaVpwRHIBLAA4aDcccxxDNgUlS1sKARo8BAkgGgJR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2179:dc00:14:df85:4c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bab5180ad389444ae209c8c729b2be584832529c840d04e55334c6d33a8104f6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mentxviewsinte.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
content-encoding
gzip
via
1.1 e45744c97381aa056cf8b022283ddaf0.cloudfront.net (CloudFront)
x-amz-cf-pop
KUL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
444
x-amz-cf-id
_bT_5Iq0iMr_e2sjW9A-Zmm7B3d2NllN2iI_xmJex66nIsCzpTwr9w==
bwZ9C2ErVT5YIzERan9kawN2Cmd+QWUI
d29mxewlidfjg1.cloudfront.net/bWDlRWDQ7Vj8+CyxQNWUDaAFhbQZ+UyI3WigEMDt2KwElKQcyYBY5EixDNWUEflUwNlNlHzQ2V2UIdzlQOgRlfkAoVjplXyhRMjpaM14wKxItWGw1WyJQPTRVfQsXbRpoHGNoHC9QPzxbL0p0agQ2TXRqBGkJf2gRa3t0ag... Frame FBA1 		592 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d29mxewlidfjg1.cloudfront.net/bWDlRWDQ7Vj8+CyxQNWUDaAFhbQZ+UyI3WigEMDt2KwElKQcyYBY5EixDNWUEflUwNlNlHzQ2V2UIdzlQOgRlfkAoVjplXyhRMjpaM14wKxItWGw1WyJQPTRVfQsXbRpoHGNoHC9QPzxbL0p0agQ2TXRqBGkJf2gRa3t0agQvUD9uAH0KE30GaEFnbB19C2-E5RChVNC9ROlI4LBFqf2RrA3YKZ30GaBE6MEA1VXRqd30LYTRdM1x0agQ/XDIzW3EcY2hXMEs+NVF9CxdgDXYJf2wHYAB/bwZ9C2ErVT5YIzERan9kawN2Cmd+QWUI
Requested by
Host: mentxviewsinte.info
URL: https://mentxviewsinte.info/Mkd0ZlNTJRcLbFN6FkAmQCtJQ2F0YkYgNwB+GR42RSsdAjVYIEVIMF4oAQI1QCgaEn1cIgBDYXQlIyI/YBAwN2RkLUxDYXAEDR4CfBAhIjJzARwEAmhiRiQGSw5HMTpVAjkiJwAMAyM/eRYXHwpwHkEjOkoDOjEGdyEYMyR8KzoKG0gWRjBhZw4QHD9jCBM0P1QsNQkFWDcYPipaFTkMI1MKRVIkeT89EgR1MEUxKngWJDIBZCElFQtQFQQJG3UJGy4QCxYkHCtQC0QWY1MgJVQHahUFJBRZDRJUNGAmRxJjUyAlEAZ2fgEnGwIMMVVjdSYxID1QBUVfEABqMVMBcS8iKBALFTsKGgYLNiAiVHUmFBIBHj88YAIAFSQWBAoxJ2JkHyYXNwF3OD8HYCM5VysCJhM3dgABLCIaSBBHIzBrdRw+Hnc0UVQRfBEyXxBKIxMiC2sNElQkeh41JHYAARYRCQsERiMhZBNBPxpIAiYHPQssFREdAAQZAnYABSUxBnthHhU8XDdJBzBwNEwSIgEtLSEy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2179:dc00:14:df85:4c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bf95311e009f1850b4eb235769053093b178f0ced6d60937b9b563f5f2aa978b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mentxviewsinte.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:29 GMT
content-encoding
gzip
via
1.1 e45744c97381aa056cf8b022283ddaf0.cloudfront.net (CloudFront)
x-amz-cf-pop
KUL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
449
x-amz-cf-id
LJibdV00jjGjqk2X9S_FQpxkya5SuCKRXdKy4fPyS5BfjwJVdtB2hg==
eGlvVUxXVgwmcTVZKS0vIAYuNhk2IDsiOA87OgcGO1o5FB0tUUkhJRxUWWV8S1lbczwRDVJkagsdDiE5C1RcZXxJTwY7KhdUX2V8SU8ZaH1WWlt7f0pHXnM5RVhWZnhKUFhke0xeWWd+TlBJITwZDlJkaggdGzlxSV9YbXRLWF9hdU9ZXw
esorandhewa.com/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esorandhewa.com/eGlvVUxXVgwmcTVZKS0vIAYuNhk2IDsiOA87OgcGO1o5FB0tUUkhJRxUWWV8S1lbczwRDVJkagsdDiE5C1RcZXxJTwY7KhdUX2V8SU8ZaH1WWlt7f0pHXnM5RVhWZnhKUFhke0xeWWd+TlBJITwZDlJkaggdGzlxSV9YbXRLWF9hdU9ZXw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Mar 2023 21:57:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwnQHQXpkEpsa7R5QPwU2HcGAbVxfURYwRy15cXe%2BFgod6pEPt7FhMGOOHSNlN9nYmoHrL8w%2FKQjVzw0i%2Fb22lxjyaRpB%2FqZ8SltZFNzRW8NRu64ih6VnvFWLWFd4V5IruQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7a7fc5cca8af87cb-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
b7c55716-6969-4e25-99dd-c76f5b66f5c2
https://docs.google.com/ Frame A874 		59 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://docs.google.com/b7c55716-6969-4e25-99dd-c76f5b66f5c2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e990d11ddcdcbf2792d83c6d422748810eea1872063dce920a45c2d11703061c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
60414
Content-Type
image/png
truncated
/ Frame A874 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
viewerimpressions
content.googleapis.com/drive/v2internal/ Frame D04D 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.zh_CN.RxEEPlJGUdw.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://docs.google.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.zh_CN.RxEEPlJGUdw.O%2Fd%3D1%2Frs%3DAHpOoo9miqktP6ifi4_ptfv3aDf9rejZGQ%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Goog-AuthUser
0
X-Referer
https://docs.google.com

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 21:57:29 GMT
x-content-type-options
nosniff
server
ESF
etag
"vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin, X-Origin
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
popunder.gif
esorandhewa.com/ 		35 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esorandhewa.com/popunder.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 14 Mar 2023 21:57:29 GMT
cf-cache-status
HIT
last-modified
Sat, 11 Mar 2023 18:16:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
272470
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYrqKpYETTRyNk71ToQAVS9tywh9lV73GmmkPd8jn0%2Fv9g9V4IzmS%2FMzrBQywO4Au27uNmlqCE6j%2FVZj6ND2PoE6gO%2BVeBLOrGKPc3VnM8zrJMyEaYunW2DeYm0lxgOWgC8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
7a7fc5cd691687cb-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
popunder.gif
esorandhewa.com/ 		35 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esorandhewa.com/popunder.gif
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 14 Mar 2023 21:57:29 GMT
cf-cache-status
HIT
last-modified
Sat, 11 Mar 2023 18:16:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
272470
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGFvFS5wAjzQ%2Fi4et5boQr%2FFIZnhwaZaMKqRe9t%2BNn27WAdgLDA%2FhIvQN7tshKl65mSMtNYS1T2HiilBtFJPoiJVuMnS7BXaVd9wrwCHkrr9WO%2BtMWEYRC%2BhVGg6a1JYdeg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
7a7fc5cd792187cb-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
multi
mentxviewsinte.info/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mentxviewsinte.info/multi?cs=UDRFZjZnAnZSBGkFcFIHaAN8UAI&abt=0&red=1&sm=76&k=userscloud%20free%20cloud%20storage%20unlimited&v=1.0.60.2&sts=0&prn=0&emb=0&tid=708052&rxy=1600_1200&u=1222625364381564&agec=1678831049&fs=1&mbkb=1428.5714285714284&ref=https%3A%2F%2Fuserscloud.com%2Fge8tzew4jjn7&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&tzd=0&uloc=&if=0&_Zcv5=1678831049847&crc=1
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.11.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-11-57.kul50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
97cbc2b69db31ca1049e2b9774fdeadc111eb40a627868f621b98bfaf9ea628b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Mar 2023 21:57:29 GMT
content-encoding
gzip
via
1.1 cd270bbe12916bdcf1df12e77dff4b40.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
KUL50-C2
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
https://userscloud.com
p3p
CP="NID DSP ALL COR"
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-length
1566
x-amz-cf-id
mQuoVoKXqSZ6ZbaCSMGxTFJHAjy3Q-TxIBstURPXZJBPx6KZQIZ5ZQ==
popunder.gif
esorandhewa.com/ 		35 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esorandhewa.com/popunder.gif
Requested by
Host: userscloud.com
URL: https://userscloud.com/ge8tzew4jjn7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.15.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Tue, 14 Mar 2023 21:57:29 GMT
cf-cache-status
HIT
last-modified
Sat, 11 Mar 2023 18:16:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
272471
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWCV%2F3QyeABzO8XDHJWzoXLjZOFAo0wbX60G9YHVEJ1oDZ3xlICjXBtecvLBuV%2BkIomvlPT%2BiwZAVKxzhGc1jTQpQu9IlwMGVY6IZ2HZMuSey%2FysvyGowC37il%2F8xY5ywnE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
7a7fc5cdb8ef3de9-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| __cfQR object| __cfBeacon function| $ function| jQuery number| LAST_CORRECT_EVENT_TIME object| utr_600304 number| userTrackingInterval number| _2930819328 number| _891119744 function| fa number| _1393880397 object| colors object| config object| jQuery110208939152624668112 function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData number| iinf

5 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=n1FltpfavI6w7ua8AoYRTdOmSTJ2VJTST7kYLNjOzAVC0cGS7dnrpN0YsPlnpFLFgpd44jV4Lb2bfGpUhVdAoQKsA1WRu-DnM0UJdJLpJpAlGcn7GTTFpSrYx_wWtbKHhXWQ0AETHbeCytMCAkXDf6w-8NG5dlkZdqxUXWIkng4
.userscloud.com/ Name: _ga
Value: GA1.2.1990233024.1678831050
.userscloud.com/ Name: _gid
Value: GA1.2.1167390699.1678831050
.userscloud.com/ Name: _gat_gtag_UA_70768172_1
Value: 1
pogothere.xyz/ Name: csu
Value: 1222625364381564@1@1678831049

7 Console Messages

Source Level URL
Text
security error URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-OHtnid1lr89DYUjxu19kyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security error URL: https://docs.google.com/gview?url=https://9059.userscloud.com/cgi-bin/dl.cgi/ky4tbt2z7jgc5j3m4lijjc2zlwmyx7mbunampigkdqwq5yh2yrehu4q/ge8tzew4jjn7.pdf&embedded=true(Line 8)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-OHtnid1lr89DYUjxu19kyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
network error URL: https://docs.google.com/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://docs.google.com/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1526013337%3A1678831049560018&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AWnogHd1ac9ynVzzuQ9dmaTQy_3OQUCaG5ql2xxmMWCikhUllup9MMPpZwe4JcUv-sSS0WYSPp24Tg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-754350325%3A1678831049565961&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AWnogHeeVqKNs2OQzuw8M-izA-Zy0WAwRmbc3cONQk20C-t0Byf9XatLw0JQmwS88SgJpCrOCKKkpA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
content.googleapis.com
csp.withgoogle.com
d29mxewlidfjg1.cloudfront.net
docs.google.com
esorandhewa.com
mentxviewsinte.info
pogothere.xyz
ssl.gstatic.com
static.cloudflareinsights.com
userscloud.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.21.15.189
172.64.173.27
2404:6800:4003:c00::54
2404:6800:4003:c00::66
2404:6800:4003:c02::8d
2404:6800:4003:c04::5e
2404:6800:4003:c04::5f
2404:6800:4003:c04::61
2404:6800:4003:c04::64
2404:6800:4003:c05::5e
2600:9000:2179:dc00:14:df85:4c40:21
2606:4700:3034::ac43:cf69
2606:4700::6810:3965
2a03:2880:f10c:381:face:b00c:0:25de
65.8.11.57
00484a76f79ee220dce666fd17299f9c932a6ca34b2d2ae736dcbc2dff79ebb2
0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
14d7bbe90573d7b3f0baa84288dfc1b4719cc37c8d33ec00f5909ba21a8bebc5
18e595071fb54da414e79fc05094a447284f02f00fb5e6c85d88788fb83124cb
2696306730e695a48eb9c69080be44dc11b18581888d0b24517706a3bfd0fb96
271faa66d427e1be15e1e655763bd1c279ca6d749aa96dbc0e713d86bb60da56
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4
3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98
3b248d84df57bda8ad1c2bad80008dba66f80f564a9aa56cc2217b338adc8594
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816
6b0cce286a0327ac843111dc98d1a960806246ca908bde9b5901ec48f1af8314
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b7c0fbe0bd60dd5fa1dbfad0ece7835c374e0dfeb56c5812e28872235cec2a5
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977
82f28aafa358005622ed4a3114d1b0a829c4ef4d23e789d597e98aec614812d5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b71057d68aeefa465f356f6ecdd0a17bf22184bd5117996c40c66ffca467d7
86dbbeef392abd1f3e7ea7f7add785c258a2b9924aa0deebea6bc71505ce26a1
8d0cd8a36a51dfa01d044cf17b7597eedde6e8a74d563be3f3fd1cb97efab482
97cbc2b69db31ca1049e2b9774fdeadc111eb40a627868f621b98bfaf9ea628b
98dcccfde3850644c17897b63f5318f560058903928bffbc6ab3ed5c2e877dca
a2a920142c2e8c5374ed8fe48be66eccc00fe2e54c5833e30adbc509889edca5
a8abad0c95d453a9cb7a8d94199db57035bac3bef9da7e772092f31fe3ec083b
a9dbd00ac38357f6e7781444a658d0299b6e52fca23723c7611b007771e6b433
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f297b877fae9ac87f177ad1fdcb9d0ea41624dc87f7a81a7ab80ab7efd8975
bab5180ad389444ae209c8c729b2be584832529c840d04e55334c6d33a8104f6
bf95311e009f1850b4eb235769053093b178f0ced6d60937b9b563f5f2aa978b
c5cecb50f40d4b8b5cb48488339d0138d50a2b924bcb31759c730bb0315ecb56
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cebdb5bf570a8a687478359f01b1d07f6ee56c7fd55c28d8090743d5583b49e2
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e990d11ddcdcbf2792d83c6d422748810eea1872063dce920a45c2d11703061c
ed05ba9ca2ac4e8ed909410a8686b8e4f06da34644ef77a267f851c517a24617
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16