userscloud.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://userscloud.com/d9rkznva4y85
Submission: On October 22 via manual (October 22nd 2023, 3:57:15 am UTC) from VN — Scanned from CH

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 71 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is userscloud.com. The Cisco Umbrella rank of the primary domain is 921961.
TLS certificate: Issued by E1 on September 1st 2023. Valid for: 3 months.

This is the only time userscloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2011	15169 (GOOGLE) (GOOGLE)
6	172.64.199.35 172.64.199.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	65.9.66.71 65.9.66.71	16509 (AMAZON-02) (AMAZON-02)
5	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:4001:803::200d	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2600:9000:224... 2600:9000:2240:5200:3:3306:7b40:21	16509 (AMAZON-02) (AMAZON-02)
71	18

13 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

userscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.199.35 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.66.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-71.fra56.r.cloudfront.net

ntmastsault.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

omouswoma.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::200d (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2240:5200:3:3306:7b40:21 (United States)

ASN16509 (AMAZON-02, US)

dfjlgfb4lxka5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	google.com 4 redirects docs.google.com — Cisco Umbrella Rank: 141 apis.google.com — Cisco Umbrella Rank: 125 play.google.com — Cisco Umbrella Rank: 37 accounts.google.com — Cisco Umbrella Rank: 32	389 KB
13	userscloud.com userscloud.com — Cisco Umbrella Rank: 921961	271 KB
7	ntmastsault.info ntmastsault.info	9 KB
6	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 25650	302 KB
5	omouswoma.info omouswoma.info	2 KB
4	gstatic.com www.gstatic.com ssl.gstatic.com	969 KB
3	cloudfront.net dfjlgfb4lxka5.cloudfront.net	2 KB
3	googleapis.com content.googleapis.com — Cisco Umbrella Rank: 2269	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	253 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 508
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	92 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	7 KB
71	13

	Domain	Requested by
13	userscloud.com	userscloud.com static.cloudflareinsights.com
9	docs.google.com	userscloud.com docs.google.com www.gstatic.com
8	play.google.com	www.gstatic.com
7	ntmastsault.info	userscloud.com
6	accounts.google.com	4 redirects
6	pogothere.xyz	userscloud.com
5	omouswoma.info
4	apis.google.com	docs.google.com apis.google.com content.googleapis.com
3	dfjlgfb4lxka5.cloudfront.net	ntmastsault.info
3	content.googleapis.com	apis.google.com
3	www.gstatic.com	docs.google.com www.gstatic.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.facebook.com
1	csp.withgoogle.com	userscloud.com
1	ssl.gstatic.com	www.gstatic.com
1	www.googletagmanager.com	userscloud.com
1	static.cloudflareinsights.com	userscloud.com
71	17

This site contains no links.

Subject Issuer	Validity	Valid
userscloud.com E1	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
ntmastsault.info Amazon RSA 2048 M02	`2023-10-12` - `2024-11-09`	a year	crt.sh
omouswoma.info GTS CA 1P5	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://userscloud.com/d9rkznva4y85
Frame ID: 10758CB033224913C51F851E62536FB1
Requests: 34 HTTP requests in this frame

Frame: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true
Frame ID: 4674A3D3BC4EB373C7CD5038228EB786
Requests: 22 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__
Frame ID: 654FE2760BF339E2D9D98DBA6A8D2240
Requests: 6 HTTP requests in this frame

Frame: https://ntmastsault.info/MFZSTFdRNDEhaFFrMGoiQjpvaWV2c2AKM1Y8PisxUmI+NDxRY3wvO18jNiolXzgmYjlVInd+EVcHYihlUwA9KxxyMQoWA1MjFycvQzVhKBFhAWcgG2EDNwITfmAUNh5aFCUNPH0UYiE0dDE8CC9DFxQKNEUZAQIbYWUlOh1YMQUWZWU/FQ4dXjU/CQ92AjppZXI1Yw0Rez8lPwRINSUBE3EEFAhnRBoAOA98Lxh6EEhiNQc+QzcXBG5IFwcCMVE7CH0FXD0mBz5bBRolZ0cPOR4VfhI2JQV1ECAvZVwRBAs8cg85HhV8BT08BnUAd34RUxcEGAYCOWUvAh0cCypkdmUUOxJBGisFFXYSNSMbVxwHLRZmLwAZDQA1GgoDYWQiPhtyYhQCLgk/AAgdFWQULw9TNxUIEl0POR4VYAULJx9iYygWOWYRFyYeSB0QPwJWZRcOA1s+Yi9lXBUDIR0GNwcKE1ZlFH8VYhdqBT1lMAQLMHY1ORoQVB4QNAJxBDwvMBY8ISM5QGszDy50EQANEFVhHBoCaBEw
Frame ID: B9A1CEC74A26C245DAA101EF5359F006
Requests: 2 HTTP requests in this frame

Frame: https://ntmastsault.info/RG9UN2glDTdaVyVSNhEdNgNpEloCSmZxDCIFOFAOJls4TwMlWnpUBCsaMFEaKwEgGQYhG3EFLi0MPw46ETkRZSEAV2dVDx0CGmAQKT46UwAeKBpiIhcmcQUqFBgeTiEWJjNwDx0nDloEByUzRAQDPDtEDD06JnEGDgUwTVgQJgBtGyAXN18lKRczYStwXhkFEAMOB2IAFAc4TiY+HD11OyNfGl1QHSY6VAMJKmxeOC0cYH8BCRgwcCV0CjoOACAqFhJaAgoHblwMLCcSWgYlPX0wIjgREloCJQJTUR04Fl8wDFZkbgAKNzJgLSkgFk9dHjcGXiUDHz5uOygqMQRFLF8NByExJgdyUQIVMwclPgA2eFsWBRIHDHw1Og4BFigkXTEcBA59ERFXBGEMfSo6ZQIVBhkDJy49DFE/AV0adS0vPzpfWBUnbE4nFyIwfgIWXw1NOncOHA4AHCcgXgkTBzdSLwpfDQchfCIQVB8FLA4HMTwLHFEvHkpmcTEvPSR9LzwIcl0bKwEkChgHHjx+PnNXZF4yMCcMVA
Frame ID: 41CA160EC991327C29E52ACA0CFEC22A
Requests: 2 HTTP requests in this frame

Frame: https://ntmastsault.info/RGtHSTglCSQkByVWJW9NNgd6bAoCTnUPXCIBKy5eJl8rMVMlXmkqVCseIy9KKwUzZ1YhH2J7fhU9dAANJVoOeXASCAkrawkJHx9iNTEsGHkcLAExfwEEAhl7IDsULlAuLC8xYAk5MH9yFQQgBkAvICYMCCknFRB9EzMWfn11CAorCwEzET5QMjErG2EAEQU4aixTIQBSIzEFCAhwIQYfXQABEnx/AjkJA0IeOxEIaSs7L3xuBwUjJXYFEwEQVg4qBBx1KDsvMVwGKBIibjMfJRl7CjMEeEwuMXY+chAGAh9uMx8lA2xwCAN4AXcxAwhbEzwOP2oFRnYKXHY9BB56NwIIMVwLLy0IAANbdgZhBi0PClQ8Ux0MaSc8EAMddi0AH30iOz09YAcSL3piESERCFIvEhE+TCYlEwBqEQwVflsvKg0KfCsHDx9pCw91HAgFPQ1xYnUcCR5/NB4fCA0eD3UfexcMKHl2IykWHVUFORU+SCcNABt9DBNyP2IjTS06VyobejpbdSYpJ2IKBhB6cy0lPxg
Frame ID: CEA91C2EE32857A31F0A878211A631B5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Userscloud

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

94 %
HTTPS

82 %
IPv6

13
Domains

17
Subdomains

18
IPs

3
Countries

2041 kB
Transfer

4442 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyz2G2ZkQMDIOYovB4Lil5q2GTVB2dSYLjoVKAXWFn4B4_9u4nmFchOSJmwUSp7EsppZHFMfOg HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxg4pOg-EKWINMyCouzA8o3e_sXHl--agxp3xAAY6Th6XTVO38waO4PdpbneaCs7gP6xD6z3g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S822840016%3A1697947031671600&theme=glif

Request Chain 56

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeywcN_6gYajBrBsKKuxdNl79IPnyMXqoJshu5JSdCGQxFCU8VjUh8KsKfqRgM8EvYsvjDgrRIQ HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyy2coYVenFbvrVfPQnlSUVFvZ_Z1bi59R5CQT774z2uuTrsfqBYpEonZ0sTwHj7TynXy1hr9w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1309573506%3A1697947031638069&theme=glif

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request d9rkznva4y85 Show response
userscloud.com/ 461 KB
101 KB 210ms
135ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/d9rkznva4y85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24da994858e9a3e79f2f40d91bf46a8a58fcfc4de3af43fa51217bd578a5004a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 819ed08b3811928d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 22 Oct 2023 03:57:10 GMT
expires: Sat, 21 Oct 2023 03:57:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWftHd9%2BC3SxGVzsolO9FmlBvzUepscDZayKkm%2BxsFaPg7mqlcDQm4%2F8WNSpfm8694FWyu903EM%2B1U3%2BAwJAVfDg01xut6WhVNJL0ruKIPr6HipwUJHV4ngszINYLjUkdOOfJkIcw1ODqLRxYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 font-awesome.min.css
userscloud.com/uc/vendor/ 23 KB
6 KB 42ms
41ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/d9rkznva4y85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 771235
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:50:50 GMT
server: cloudflare
etag: W/"5ff0965a-5c79"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjIHpmxhAQesCb2XHxnn35r%2Bq2pocNhpn6dsiAeEe8E1JEPLqFr1B%2BXNq4txrMIXdsDNragkbY%2FYk%2FlpqUOUIjl4qSIGcq%2Bh%2Fzj1g5yC0CsMoo5hgoRNjtH63rU%2Bh231%2BuC463IGX8fLgeS7Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 819ed08c2872928d-FRA
access-control-allow-headers: X-Requested-With
expires: Sun, 12 Nov 2023 05:43:15 GMT

GET
H2 200 bootstrap.css
userscloud.com/css/vendor/ 110 KB
20 KB 48ms
47ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/vendor/bootstrap.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/d9rkznva4y85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2328348
cf-polished: origSize=113031
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:12:22 GMT
server: cloudflare
etag: W/"591db9d6-1b987"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUTzdgeAUSg27XioE9yR4kpeS4x7ZQbWqvRrIfMMtyx41BiFzt6T9gwQBIGfJvufKJmFtl5ZRUJGXg3kcVDVSnowLgpvOZdeJjzdHWEs%2FXMb362%2FTc%2BWhp1TrKFnTFCV6Upneuli9oV7FEinNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 819ed08c2873928d-FRA
access-control-allow-headers: X-Requested-With
expires: Wed, 25 Oct 2023 05:11:22 GMT

GET
H2 200 essentials.css
userscloud.com/css/app/ 46 KB
8 KB 51ms
50ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/essentials.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/d9rkznva4y85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1093685
cf-polished: origSize=47095
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:13:10 GMT
server: cloudflare
etag: W/"591dba06-b7f7"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjzwsVyxo%2B3esn5zJGBTk4s1VT1pW%2BYjs7AynMpdqVSm9Mm%2BV8py%2BlE2uVZNx7fKjTM1hRuPFdUwXOJUq7GBHek3LDRL48Od6BZNsPAunO8R7gTplmqTrKi3QjAGpcgcxd7BIydYHLmjwAKSEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 819ed08c2874928d-FRA
access-control-allow-headers: X-Requested-With
expires: Wed, 08 Nov 2023 12:09:05 GMT

GET
H2 200 layout.min.css
userscloud.com/css/app/ 6 KB
2 KB 47ms
46ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/layout.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/d9rkznva4y85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1093685
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:52:04 GMT
server: cloudflare
etag: W/"5ff096a4-17d9"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cm3%2BiOwQ8y8nwa7Ot8VAjpTmD%2BjHsnYykmA8WpM9WCNEfdvfPuRbXIeaZrWHtuvzoc4CD6NgwglTdD5sjXxy1zB3fcTyLE0nCX%2FXeeTlrAISXJCa%2B4gF9A13WYu0aU6OjwNW893Ceiny%2BshUWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 819ed08c2875928d-FRA
access-control-allow-headers: X-Requested-With
expires: Wed, 08 Nov 2023 12:09:05 GMT

GET
H2 200 navbar.css
userscloud.com/css/app/ 21 KB
4 KB 41ms
40ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/navbar.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/d9rkznva4y85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1093685
cf-polished: origSize=21572
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:14:54 GMT
server: cloudflare
etag: W/"591dba6e-5444"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvrtekq41VsPxMVw4TcOrY1HLUXnw%2FEmUNxxytsx1K9PIZCNbKgLESNUG8wcR9awfVmydDzDTJw9ZIxnxpBf%2FLrGqcxX25ck48xNabAmePNG14BZkEy7I34pPfTrh%2FKw4zvX0DQ3VcA3y4lCVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 819ed08c2876928d-FRA
access-control-allow-headers: X-Requested-With
expires: Wed, 08 Nov 2023 12:09:05 GMT

GET
H3 200 logo_s.jpg
userscloud.com/images/ 2 KB
2 KB 55ms
54ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://userscloud.com/images/logo_s.jpg
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/d9rkznva4y85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1806040
alt-svc: h3=":443"; ma=86400
content-length: 1624
last-modified: Thu, 17 Dec 2020 16:14:49 GMT
server: cloudflare
etag: "5fdb83f9-658"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNmD4g%2FQj7MrmR30TwOQQZw9ZlERHBasQQ7mFT8WTFyjsH%2FKbw3CWMpF%2BzLHW2ymKylv%2FzVT2gMiptuzO1syUpN7IGtjEgCqpatv2Tm0j1COow39jmn%2F65Sm1tjBUTrPyBwlZH3LrWgWrjnOYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 819ed08c7a4c2c4b-FRA
access-control-allow-headers: X-Requested-With
priority: u=3,i
expires: Tue, 31 Oct 2023 06:16:30 GMT

GET
H2 200 gview Show response
docs.google.com/ Frame 4674 9 KB
4 KB 252ms
193ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true

Requested by

Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

931984dc4e4f9d7331755cbe84a5345a01ba1fd3d43e9e21c05601a276cfebc0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uBOqGZfl78aMWajQNhjgQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uBOqGZfl78aMWajQNhjgQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
date: Sun, 22 Oct 2023 03:57:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rocket-loader.min.js Show response
userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 45ms
44ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/d9rkznva4y85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2023 11:32:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652d1f47-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sj%2BnPqfzZOF1j1fxT7WdAQ9ojKWZzdQEOoL7Au97Dtrzg3iE57OLW7eBl3HazPR3R8JTny4Td5IKBjF9CCKllM%2BiJtvMFUIxWNSnA047H%2F8jWw6tsQNgpP8bLg8I%2BE8BVTlUj43raRvgpp7FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 819ed08c9a5e2c4b-FRA
expires: Tue, 24 Oct 2023 03:57:10 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 172ms
85ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://userscloud.com/
Origin: https://userscloud.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 819ed08d1db12bc7-FRA

GET
H3 200 fontawesome-webfont.woff2
userscloud.com/uc/fonts/ 55 KB
56 KB 50ms
49ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: userscloud.com
URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://userscloud.com/uc/vendor/font-awesome.min.css
Origin: https://userscloud.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2290998
alt-svc: h3=":443"; ma=86400
content-length: 56780
last-modified: Mon, 14 Dec 2020 20:14:38 GMT
server: cloudflare
etag: "5fd7c7ae-ddcc"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3sjXSMiiNWKOTN2SZ2f51aIFqS%2FC3KkchC2QUa5W4k3arXrUdrJwPLxdlb78l23o9aPSjHuNIbbcb%2BLU5lhUPrUAV7KplEYwb%2FipEnQ0HiDNeB20eWw%2F7nIiunMJi%2FQk2Nz436taQIbTeawNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 819ed08c9a622c4b-FRA
access-control-allow-headers: X-Requested-With
priority: u=0,i=?0
expires: Wed, 25 Oct 2023 15:33:52 GMT

GET
H3 200 jquery.nicescroll.js Show response
userscloud.com/assets/vendor/core/ 72 KB
19 KB 88ms
88ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/vendor/core/jquery.nicescroll.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc9042d6e57da51821acd007645a5269b176f61c9d35146966f971edba08396

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/d9rkznva4y85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 416520
cf-polished: origSize=115828
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 19 Jul 2023 07:57:30 GMT
server: cloudflare
etag: W/"64b7976a-1c474"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbDYv1v2afsstZ%2B%2FxhDQHNMpPvPlKMnU6xo0Ea6yExIBeAFjM%2F%2B4En8%2F8gef1tkzOZkGWYbuulHN4oNUfUzdvBxI36nRasH5ak9IDrw4h3VM3al0S7HqS9AeYz6uDsqGy5LCNVArEMcrcP1Yhg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 819ed08cea8f2c4b-FRA
access-control-allow-headers: X-Requested-With
priority: u=1,i=?0
expires: Thu, 16 Nov 2023 08:15:10 GMT

GET
H3 200 bootstrap.js Show response
userscloud.com/assets/vendor/core/ 66 KB
15 KB 116ms
116ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/vendor/core/bootstrap.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41af969ee00e8132a0040094db2b1a79a15b4d9b7e2bb485012970fdf7b5c455

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/d9rkznva4y85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194814
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Jul 2023 07:57:21 GMT
server: cloudflare
etag: W/"64b79761-107da"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrKQyLED9FHkR%2B378O3vN%2FU6MRd3b3nUugzuI8xmLQdW2bGXNY5CWrHTHOfUYjYqUS1jbSTjmvSdHVTQzRVlcj2SLAqZtzmsm8bCe2yHs3ec1wtF9YhMWutGqZbIoEdtpLE1TbSNixCHv9uhog%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 819ed08cea922c4b-FRA
access-control-allow-headers: X-Requested-With
priority: u=1,i=?0
expires: Sat, 18 Nov 2023 21:50:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
92 KB 91ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M73M877RTL

Requested by

Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84356dbe47e022faf5b3c28cc486332f125ff9889a501e266c62cc0c397d1159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93664
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 22 Oct 2023 03:57:10 GMT

GET
H3 200 jquery.min.js Show response
userscloud.com/assets/library/jquery/ 91 KB
34 KB 121ms
120ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/library/jquery/jquery.min.js?v=v2.0.0-rc8&sv=v0.0.1.2
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/d9rkznva4y85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1779626
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 25 May 2014 12:12:31 GMT
server: cloudflare
etag: W/"5381de2f-16b88"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHuq3uWb8Iz47FlVBuE612L6m6x5MWGOoBjZGZipNhcOw4d6fXr1Jj8iu4hLaEKImvyKHaVCFohX9dwc6KLY%2BJANHdUgayrDcX0JNNS4wQna%2BZcDFgdSAvIkL%2FmpED%2BM85ikOe73jP%2FFc%2BsDwA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 819ed08cea942c4b-FRA
access-control-allow-headers: X-Requested-With
priority: u=1,i=?0
expires: Tue, 31 Oct 2023 13:36:44 GMT

GET
H2 200 rs=AC2dHMJqaN5GgpkDMIWPpwlwhS6Zs1eleA
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.MDzWJslY5F8.L.W.O/d=0/ Frame 4674 422 KB
423 KB 75ms
22ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.MDzWJslY5F8.L.W.O/d=0/rs=AC2dHMJqaN5GgpkDMIWPpwlwhS6Zs1eleA

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

858be7e30120552c4ec02bf160519aab3017234dbc89c9b0c8642df6e2ec7175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 05:38:05 GMT
x-content-type-options: nosniff
age: 425945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 432343
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 01:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 05:38:05 GMT

GET
H2 200 thumb
docs.google.com/viewerng/ Frame 4674 92 KB
92 KB 92ms
90ms Image
image/png 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.google.com/viewerng/thumb?ds=AON1mFxCqMKbgo-ypjVDtK5dfiDLBtVY5ANkFYKpstG_STchGDbl4TLd9JGtL9PYLpF3VzKkcXC1o0Jbh9Iqjv6Qw_IP8RscpsTar66vSHbwivviTbRmRIHQ5NGH5Do4nndMTvZ_pVd4GRgguloQwvxC1yhyGvxvsXyagjAhiZbcCLvgbD1HpvFhXW9DCy16OnLj6jeYG41Loxf4pPzaMFfQPcM7Kdu8glWyj75ptncgXl39Qe0skme4d0n8ahQ4Mc-vBUewsLXZwwpquw8fJq-wbZwgqKJLUC5PRyM-2WZQFCUyQE92QYaIvjrJUZ8MQVHxnrs6dyZ-zg1CVnB9DDgVBZR_HmxbIArIPspBmI-2ZYXrHPC0x74%3D&ck=lantern&authuser&w=800&webp=true&p=proj

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f448f4cb752b074c2de369eb0d424ea8217f4c8d98a765ac5c3034958771f8f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_dfMQ_1o5dwqOg4VPmIs3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:10 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-_dfMQ_1o5dwqOg4VPmIs3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Sun, 22 Oct 2023 03:57:10 GMT

GET
H2 200 m=main Show response
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/ Frame 4674 1 MB
463 KB 168ms
115ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38bb8de9189003e6eddb162ebb55813c5bd57abd7cafee24c67fcda29b0cc1a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 21:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 474093
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 07:02:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 21:01:24 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ Frame 4674 18 KB
7 KB 82ms
30ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c91768ddd242fe465fd233dc5166c4810ae9f8740d3b1ac389cffd283503bd1e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 22 Oct 2023 03:57:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7115
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "bbaa33c2b5cbc5af"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Oct 2023 03:57:10 GMT

POST
H2 404 cspreport
docs.google.com/ Frame 4674 141 B
595 B 142ms
141ms Other
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/cspreport

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HbOmbSlA9DEUtmvfNG3FWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: script-src 'report-sample' 'nonce-HbOmbSlA9DEUtmvfNG3FWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 22 Oct 2023 03:57:10 GMT
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Sun, 22 Oct 2023 03:57:10 GMT

POST
H2 404 cspreport
docs.google.com/ Frame 4674 141 B
346 B 144ms
143ms Other
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/cspreport

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--KvDRxppZb84t5jJqiL3eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: script-src 'report-sample' 'nonce--KvDRxppZb84t5jJqiL3eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 22 Oct 2023 03:57:10 GMT
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Sun, 22 Oct 2023 03:57:10 GMT

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ Frame 4674 98 KB
34 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e176d82f3f5eb2d708e6f740c8b941915a18ec54408eaef5c8da4d61a86b396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34762
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 17:05:09 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 22 Oct 2023 04:34:19 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 103ms
38ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 22 Oct 2023 03:57:11 GMT
expires: Sun, 22 Oct 2023 03:57:11 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 73ms
38ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 22 Oct 2023 03:57:11 GMT
expires: Sun, 22 Oct 2023 03:57:11 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/ Frame 4674 316 KB
108 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfa3bceb249c735a7936c072cc3937fc8c8169c8f58c9f1fdcadf5f7d43d471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110385
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 09:55:05 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4674 131 B
155 B 92ms
48ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 22 Oct 2023 03:57:11 GMT

GET
H2 200 v-sprite54.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 4674 113 KB
48 KB 89ms
22ms Image
image/svg+xml 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite54.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.MDzWJslY5F8.L.W.O/d=0/rs=AC2dHMJqaN5GgpkDMIWPpwlwhS6Zs1eleA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64db3530653f3c614e2ef2daa616a5ab601c0cd3201b01f8b7842a0e666cbde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 07:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 333729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49026
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 18:18:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Thu, 17 Oct 2024 07:15:02 GMT

GET
H3 200 meta Show response
docs.google.com/viewerng/ Frame 4674 36 B
85 B 53ms
53ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/meta?id=ACFrOgCA7Jyqy3YZbpMMAuCCv_0S9zrMVDlsBL_33P3Xb23csxaRqsq_OE1mAZ97MpnY7UnWrT3gcWsqirV-YqVGJ8Nk1l6nuzqmnLUQHuBi5qVWDdNkkVVCEquz4XZXddvcfWmNfgakoctQCWTK

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

450f6ca98d98ad460909a056162d17b1e267d3251c1a4150d79c879d2fcc3304

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xcw6QiaFYe-32-IoYur5ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 03:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-Xcw6QiaFYe-32-IoYur5ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4674 131 B
155 B 92ms
49ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 22 Oct 2023 03:57:11 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame 654F 382 B
1021 B 92ms
30ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a25de84409e6dc1d33a36271e50835fae77574935f07aa4bbb254494654c837

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-l1taOmeBaBAEQXbdgxqqVA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 270
content-security-policy: script-src 'nonce-l1taOmeBaBAEQXbdgxqqVA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Oct 2023 03:57:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 4674 92 KB
92 KB 109ms
109ms XHR
image/png 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/img?id=ACFrOgCA7Jyqy3YZbpMMAuCCv_0S9zrMVDlsBL_33P3Xb23csxaRqsq_OE1mAZ97MpnY7UnWrT3gcWsqirV-YqVGJ8Nk1l6nuzqmnLUQHuBi5qVWDdNkkVVCEquz4XZXddvcfWmNfgakoctQCWTK&page=0&w=800&webp=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f448f4cb752b074c2de369eb0d424ea8217f4c8d98a765ac5c3034958771f8f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bW5jG3aDmpCwQEJAsISWZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 03:57:11 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-bW5jG3aDmpCwQEJAsISWZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 4674 14 KB
4 KB 62ms
62ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/presspage?id=ACFrOgCA7Jyqy3YZbpMMAuCCv_0S9zrMVDlsBL_33P3Xb23csxaRqsq_OE1mAZ97MpnY7UnWrT3gcWsqirV-YqVGJ8Nk1l6nuzqmnLUQHuBi5qVWDdNkkVVCEquz4XZXddvcfWmNfgakoctQCWTK&page=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

284a1d42b3ed245405bb7dcded0e97cc6fa25824704e008ce45da8175d316190

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aKMs6kCBHQeuUaWGa5BTtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 03:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-aKMs6kCBHQeuUaWGa5BTtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 4674 40 KB
40 KB 82ms
82ms XHR
image/png 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

df8e7d1a3b41fda29ec9af90cd991aa62986af90a9f5cb2a9d63326e7c9cb0fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ifcoNUPWp_tFHgkn6FkBBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 03:57:11 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-ifcoNUPWp_tFHgkn6FkBBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 4674 5 KB
2 KB 64ms
64ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3978d27f27e094dfa2f8691a2ee3008a936cd64489202c637313b2ecf8b16e63

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CVoix-EozzAEkHDuk8FRaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 03:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-CVoix-EozzAEkHDuk8FRaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 apiserving
csp.withgoogle.com/csp/ Frame 654F 0
0 95ms
38ms Other
text/html 2a00:1450:4001:806::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/apiserving
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://content.googleapis.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame 654F 18 KB
7 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b093037c5b94003859b96af6b27c8ba17832cfc8943b7511b905b571e78723

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 22 Oct 2023 03:57:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7116
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "23edfa0f3c3c3329"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Oct 2023 03:57:11 GMT

GET
BLOB 200
OK 18e2a19a-efaa-4476-8ebc-ee4182d84fe5
https://docs.google.com/ Frame 4674 40 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/18e2a19a-efaa-4476-8ebc-ee4182d84fe5
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df8e7d1a3b41fda29ec9af90cd991aa62986af90a9f5cb2a9d63326e7c9cb0fb

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 41095
Content-Type: image/png

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 29ms
28ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 22 Oct 2023 03:57:11 GMT
expires: Sun, 22 Oct 2023 03:57:11 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4674 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3 200 log Show response
play.google.com/ Frame 4674 131 B
155 B 53ms
53ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 22 Oct 2023 03:57:11 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/ Frame 654F 77 KB
27 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f867efe89de2acc7f60da32733292e8c8ea157c6e64dd7a7434c6eb4955475f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27761
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 09:55:06 GMT

GET
BLOB 200
OK f2cd0555-5afd-4633-8c2a-1cc7e741a6e6
https://docs.google.com/ Frame 4674 92 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/f2cd0555-5afd-4633-8c2a-1cc7e741a6e6
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f448f4cb752b074c2de369eb0d424ea8217f4c8d98a765ac5c3034958771f8f3

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 94186
Content-Type: image/png

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 142ms
83ms Fetch
binary/octet-stream 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6133
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 22 Oct 2023 02:14:58 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1lM3H3MWnvV2ijhEvrKVcsRTqksm94gDU60NVpwFcSo%2FWFrFV7byJOEHXYbU3zrxz9zR6CxsWx2Q8O25oHGtfJPMmD8FMQu6oWNIP038W84fG4J58mJlj4i1MpOCXLR"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 819ed092981419b3-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
350 B 181ms
122ms Fetch
text/plain 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3daf6aaeafbe346a3470d0a55b3f59ceef9dc337d8ac5cc6371c59212fc65be2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tL%2BLmCJoHx44IM90mFz4wll3bSIpMp7hGdZGwd0ttG%2FWDefOmKSAcBs89FdjEgoDEidtHDrU8YgXDH6ELUXdEXeNe1X%2BxPWWv8A4RSOfwgGDEOLKilj0BtyA6t4sKIzj"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 819ed092981519b3-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
ntmastsault.info/ 0
537 B 174ms
118ms XHR
text/plain 65.9.66.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntmastsault.info/utx?cb=UjsIQ6KSHyX8&top=userscloud.com&tid=600304
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-71.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 03:57:11 GMT
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: Le3rx4jD0RPbuUhvqPtshW1NCC2UM5eXRy_55_tF9rRw3NdQWBdJZw==

GET
H2 200 AAgdFWQULw9TNxUIEl0POR4VYAULJx9iYygWOWYRFyYeSB0QPwJWZRcOA1s+Yi9lXBUDIR0GNwcKE1ZlFH8VYhdqBT1lMAQLMHY1ORoQVB4QNAJxBDwvMBY8ISM5QGszDy50EQANEFVhHBoCaBEw Show response
ntmastsault.info/MFZSTFdRNDEhaFFrMGoiQjpvaWV2c2AKM1Y8PisxUmI+NDxRY3wvO18jNiolXzgmYjlVInd+EVcHYihlUwA9KxxyMQoWA1MjFycvQzVhKBFhAWcgG2EDNwITfmAUNh5aFCUNPH0UYiE0dDE8CC9DFxQKNEUZAQIbYWUlOh1YMQUWZWU/FQ4d... Frame B9A1 3 KB
2 KB 148ms
122ms Document
text/html 65.9.66.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntmastsault.info/MFZSTFdRNDEhaFFrMGoiQjpvaWV2c2AKM1Y8PisxUmI+NDxRY3wvO18jNiolXzgmYjlVInd+EVcHYihlUwA9KxxyMQoWA1MjFycvQzVhKBFhAWcgG2EDNwITfmAUNh5aFCUNPH0UYiE0dDE8CC9DFxQKNEUZAQIbYWUlOh1YMQUWZWU/FQ4dXjU/CQ92AjppZXI1Yw0Rez8lPwRINSUBE3EEFAhnRBoAOA98Lxh6EEhiNQc+QzcXBG5IFwcCMVE7CH0FXD0mBz5bBRolZ0cPOR4VfhI2JQV1ECAvZVwRBAs8cg85HhV8BT08BnUAd34RUxcEGAYCOWUvAh0cCypkdmUUOxJBGisFFXYSNSMbVxwHLRZmLwAZDQA1GgoDYWQiPhtyYhQCLgk/AAgdFWQULw9TNxUIEl0POR4VYAULJx9iYygWOWYRFyYeSB0QPwJWZRcOA1s+Yi9lXBUDIR0GNwcKE1ZlFH8VYhdqBT1lMAQLMHY1ORoQVB4QNAJxBDwvMBY8ISM5QGszDy50EQANEFVhHBoCaBEw
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-71.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 485f82e1060329620f3a25d31f64bd26bbe2985ab5f01c2f872e2b5a877ccd30

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1241
content-type: text/html
date: Sun, 22 Oct 2023 03:57:11 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-id: 9-jhBuXGw7l45EGdnpyKUCbJpOpO22DcfD9YcHzjGCdOKXIy4wGiCA==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 55ms
35ms Fetch
binary/octet-stream 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6133
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 22 Oct 2023 02:14:58 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvi9FSYU7ja9AxNF%2BhxD%2BQovxwFVOtQaNttGDiM9I%2FAWyvzHR9WWwrYo9EWeWEj3XrDo43mgaRNzO1hho0AAfhN6hbHOaV6xnQkZmVQ%2FYeXCxlpBQtx%2FT3eat4rjInTO"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 819ed092981619b3-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
349 B 150ms
130ms Fetch
text/plain 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee31d220edb3a247bac9a660877fe7e20f928c27adb8860af252a3882b43a2a0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uykNKC67ipfpqseQVlS%2B2p1vyg0DhkkYZOMghAuKOBNsgthM0WGgW4bkHJPYz29zDgfShKjAOKO0QsuWJq1%2F68fdO8vj7zeYAB6YhZZJmTp1yvjYHJHB0tOa97MRYtNQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 819ed092981719b3-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
ntmastsault.info/ 0
537 B 143ms
125ms XHR
text/plain 65.9.66.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntmastsault.info/utx?cb=BjcpYOq779uX&top=userscloud.com&tid=708052
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-71.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 03:57:11 GMT
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 4B_H6bIRPElYxDxVbE5N5u7tg4zx023bD4WajhlpBZJAGyOjdZm-uw==

GET
H2 200 AV0adS0vPzpfWBUnbE4nFyIwfgIWXw1NOncOHA4AHCcgXgkTBzdSLwpfDQchfCIQVB8FLA4HMTwLHFEvHkpmcTEvPSR9LzwIcl0bKwEkChgHHjx+PnNXZF4yMCcMVA Show response
ntmastsault.info/RG9UN2glDTdaVyVSNhEdNgNpEloCSmZxDCIFOFAOJls4TwMlWnpUBCsaMFEaKwEgGQYhG3EFLi0MPw46ETkRZSEAV2dVDx0CGmAQKT46UwAeKBpiIhcmcQUqFBgeTiEWJjNwDx0nDloEByUzRAQDPDtEDD06JnEGDgUwTVgQJgBtGyAXN18l... Frame 41CA 3 KB
2 KB 134ms
128ms Document
text/html 65.9.66.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntmastsault.info/RG9UN2glDTdaVyVSNhEdNgNpEloCSmZxDCIFOFAOJls4TwMlWnpUBCsaMFEaKwEgGQYhG3EFLi0MPw46ETkRZSEAV2dVDx0CGmAQKT46UwAeKBpiIhcmcQUqFBgeTiEWJjNwDx0nDloEByUzRAQDPDtEDD06JnEGDgUwTVgQJgBtGyAXN18lKRczYStwXhkFEAMOB2IAFAc4TiY+HD11OyNfGl1QHSY6VAMJKmxeOC0cYH8BCRgwcCV0CjoOACAqFhJaAgoHblwMLCcSWgYlPX0wIjgREloCJQJTUR04Fl8wDFZkbgAKNzJgLSkgFk9dHjcGXiUDHz5uOygqMQRFLF8NByExJgdyUQIVMwclPgA2eFsWBRIHDHw1Og4BFigkXTEcBA59ERFXBGEMfSo6ZQIVBhkDJy49DFE/AV0adS0vPzpfWBUnbE4nFyIwfgIWXw1NOncOHA4AHCcgXgkTBzdSLwpfDQchfCIQVB8FLA4HMTwLHFEvHkpmcTEvPSR9LzwIcl0bKwEkChgHHjx+PnNXZF4yMCcMVA
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-71.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 8f952a8fcbcf53be1f23f467a1c9f5e0e40983c024b3f93bff1331e6d210ee8c

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1237
content-type: text/html
date: Sun, 22 Oct 2023 03:57:11 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-id: A1Y_auUuath75MYhyobUQj7blT7Ph10UvpujJK_4NYRoHEi5xRK5bQ==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 82ms
81ms Fetch
binary/octet-stream 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6133
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 22 Oct 2023 02:14:58 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHNLIh%2BX4I6tF0jGqOaEcg1hZS74hC5bpHhg1%2BFT3usnHqi72lpF0uxnCrpTLMnKB4wY4T0tbtxGHUEGuQ0j2eeOSgtvqMdLXkZ8UWmzmFOs07Tm7V2DV02fZkLxajjg"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 819ed092981819b3-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
371 B 121ms
121ms Fetch
text/plain 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 238f8ee928bead2180efc970570634698aa6d1b9bb5e1a0d63d3829873ce715e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9pCOlrwiafmG70rgY1VUEmtJVsF51y5QNTD3q%2FBUDlNTGuoxVTN01NbmIepSxCbB%2F1MYoLP7UlQskEegQkl12z4U4WfInSI5gXl9RoPVD%2BnvLnAErjIavpI86r%2FQJAL"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 819ed092981919b3-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
ntmastsault.info/ 0
535 B 120ms
120ms XHR
text/plain 65.9.66.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntmastsault.info/utx?cb=2HOtLhTrcew2&top=userscloud.com&tid=816973
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-71.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 03:57:11 GMT
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: nX_cwujKsS1arBk7ePcxwpiPVtIJqtrDCu_Qx_FfyigLqsK1jUk15A==

GET
H2 200 NB4fCA0eD3UfexcMKHl2IykWHVUFORU+SCcNABt9DBNyP2IjTS06VyobejpbdSYpJ2IKBhB6cy0lPxg Show response
ntmastsault.info/RGtHSTglCSQkByVWJW9NNgd6bAoCTnUPXCIBKy5eJl8rMVMlXmkqVCseIy9KKwUzZ1YhH2J7fhU9dAANJVoOeXASCAkrawkJHx9iNTEsGHkcLAExfwEEAhl7IDsULlAuLC8xYAk5MH9yFQQgBkAvICYMCCknFRB9EzMWfn11CAorCwEzET5Q... Frame CEA9 3 KB
2 KB 117ms
117ms Document
text/html 65.9.66.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntmastsault.info/RGtHSTglCSQkByVWJW9NNgd6bAoCTnUPXCIBKy5eJl8rMVMlXmkqVCseIy9KKwUzZ1YhH2J7fhU9dAANJVoOeXASCAkrawkJHx9iNTEsGHkcLAExfwEEAhl7IDsULlAuLC8xYAk5MH9yFQQgBkAvICYMCCknFRB9EzMWfn11CAorCwEzET5QMjErG2EAEQU4aixTIQBSIzEFCAhwIQYfXQABEnx/AjkJA0IeOxEIaSs7L3xuBwUjJXYFEwEQVg4qBBx1KDsvMVwGKBIibjMfJRl7CjMEeEwuMXY+chAGAh9uMx8lA2xwCAN4AXcxAwhbEzwOP2oFRnYKXHY9BB56NwIIMVwLLy0IAANbdgZhBi0PClQ8Ux0MaSc8EAMddi0AH30iOz09YAcSL3piESERCFIvEhE+TCYlEwBqEQwVflsvKg0KfCsHDx9pCw91HAgFPQ1xYnUcCR5/NB4fCA0eD3UfexcMKHl2IykWHVUFORU+SCcNABt9DBNyP2IjTS06VyobejpbdSYpJ2IKBhB6cy0lPxg
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-71.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 9bfc0cbdfded213181bd698aab04a7ab8ef48506fc09fe249c7785a9b863258f

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1243
content-type: text/html
date: Sun, 22 Oct 2023 03:57:11 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-id: 7spJimHKkjaCv0Q5bQLAY-fD9gqlMr5GdHKrFOATo-J06XndlE5dTw==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

GET
H2 204 a0doVGNEeAsnXjIQJiUBEQ06AiUbHyo4BzwfBDMgPQEiMTQqAk4gCg96XmRTWHdcchMCI1VlRRgzCSAWGHpZcgoFIQdpRR16WXpQX2lbYE1bYR1pUk0zGDUEVnZOJBcfK1VlVVJwUWBUW3RZZ1tc
omouswoma.info/ 0
251 B 218ms
120ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omouswoma.info/a0doVGNEeAsnXjIQJiUBEQ06AiUbHyo4BzwfBDMgPQEiMTQqAk4gCg96XmRTWHdcchMCI1VlRRgzCSAWGHpZcgoFIQdpRR16WXpQX2lbYE1bYR1pUk0zGDUEVnZOJBcfK1VlVVJwUWBUW3RZZ1tc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0OdZ9EXV5qwkjFvbBAAjpY3nMQqflscLPGQPJ2iyh2ec8Ht5ehPgIEjDcsn%2F71kXMzKPhiafAfjY%2BQVhEmF3%2Fhb%2B0%2BRU3dJKZNu5wnypC%2F1ezHMwaDrTco0PtRa9utpsg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 819ed09359c49b8c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 258ms
184ms Image
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyz2G2ZkQMDIOYovB4Lil5q2GTVB2dSYLjoVKAXWFn4B4_9u4nmFchOSJmw...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxg4pOg-EKWINMyCouzA8o3e_sXHl--agxp3xAAY6Th6XTVO38waO4PdpbneaCs7gP6xD6z3g&passiv...

0
0

45ms
45ms

Image
text/html

2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxg4pOg-EKWINMyCouzA8o3e_sXHl--agxp3xAAY6Th6XTVO38waO4PdpbneaCs7gP6xD6z3g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S822840016%3A1697947031671600&theme=glif
Protocol: H3
Server: 2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 22 Oct 2023 03:57:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-4uhrM37T-ro161eAUVxpEA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxg4pOg-EKWINMyCouzA8o3e_sXHl--agxp3xAAY6Th6XTVO38waO4PdpbneaCs7gP6xD6z3g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S822840016%3A1697947031671600&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeywcN_6gYajBrBsKKuxdNl79IPnyMXqoJshu5JSdCGQxFCU8VjUh8Ks...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyy2coYVenFbvrVfPQnlSUVFvZ_Z1bi59R5CQT774z2uuTrsfqBYpEonZ0sTwHj7TynXy1hr9w&passi...

0
0

43ms
43ms

Image
text/html

2a00:1450:4001:803::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyy2coYVenFbvrVfPQnlSUVFvZ_Z1bi59R5CQT774z2uuTrsfqBYpEonZ0sTwHj7TynXy1hr9w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1309573506%3A1697947031638069&theme=glif
Protocol: H3
Server: 2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 22 Oct 2023 03:57:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rOF1c7mplb27qwDiP1c3xg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyy2coYVenFbvrVfPQnlSUVFvZ_Z1bi59R5CQT774z2uuTrsfqBYpEonZ0sTwHj7TynXy1hr9w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1309573506%3A1697947031638069&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 QEd1bDxNWGA+OREOe3tvAB0yJnRBX399cERednl4RFty
omouswoma.info/RkpJcGlpdSoDVCccAzs+LX8oKVoyOy1BXDQsDkFdEx0TRwgeIW8EACJ3fkBRdn97VhkvLnRCUGA5PREdMzl0QU8vJC8fVGA8dEFHdmR/ 0
247 B 220ms
123ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omouswoma.info/RkpJcGlpdSoDVCccAzs+LX8oKVoyOy1BXDQsDkFdEx0TRwgeIW8EACJ3fkBRdn97VhkvLnRCUGA5PREdMzl0QU8vJC8fVGA8dEFHdmR/QEd1bDxNWGA+OREOe3tvAB0yJnRBX399cERednl4RFty
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YWZkM12ZrjaOBc1cFors48%2BkPk5bzHrre6bjGzMEaKpEK7kYNVQRcUk460KjgCqEWurfGXMzfi%2Fxop4fLQq3wZcReUk7Xr3Sav0GKdv5%2F3vOd6nbrMVNBPiYGbPhbnKKg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 819ed09359c09b8c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 VHBPbk97TywdcgElCSkaPzolDXwCHSwpFWUTCDx8DigVXxUMKWkaJjBNd195bUd8SD89FHJcdnIDOw87IQNyX2k9HikBcnIGcl9hZF55XmFnVjpTfnIEPw8oaUFpHjsgHHJfeW1Hdlp4ZEN+Wntg
omouswoma.info/ 0
393 B 216ms
119ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omouswoma.info/VHBPbk97TywdcgElCSkaPzolDXwCHSwpFWUTCDx8DigVXxUMKWkaJjBNd195bUd8SD89FHJcdnIDOw87IQNyX2k9HikBcnIGcl9hZF55XmFnVjpTfnIEPw8oaUFpHjsgHHJfeW1Hdlp4ZEN+Wntg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwUpMbtYWfAeNsLIwDB9TGugS1pLXFxd8ci5dwtNTpNIzgliKwEeB3Hfu6%2F3gxmN%2FqBGrb%2FjAxzovw47ABQYZPZwbKPeHGqu5AxajhLPaxu4%2Bp%2FnCts1TT85T6MAsM2bFA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 819ed09359c29b8c-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 654F 0
172 B 142ms
141ms XHR
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 03:57:11 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 654F 0
47 B 151ms
150ms XHR
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 03:57:11 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 100ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M73M877RTL&gtm=45je3ai0&_p=229600294&cid=834647753.1697947032&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1697947031&sct=1&seg=0&dl=https%3A%2F%2Fuserscloud.com%2Fd9rkznva4y85&dt=Userscloud&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M73M877RTL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 03:57:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userscloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
userscloud.com/cdn-cgi/ 0
140 B 48ms
48ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://userscloud.com/d9rkznva4y85
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://userscloud.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 819ed0939edc2c4b-FRA

GET
H2 200 cXcaGDEmYkRBPSYkHR5zZnVGEjIxKBsUf3EBTkh0c2lCQmJ6aUFDf3F3BRA8IjUfVGgFckVGdHBxUARncg Show response
dfjlgfb4lxka5.cloudfront.net/gQ0d2cVogKBgXZTcuEkxsc3dFQW5lLQUeNDN6FzIjBwAkMB0mcDgnDxsAFFcuOSNLQ3wvJhgWZ2UiGBJncmEXFTh+c1AFKiwsSxcwMDARFD0tLRtXLyJ6Gx4gKisaEH9xAUNfamZ1RlktKikSHi0wYkRBNDdiREFrc2lGVGk... Frame B9A1 1 KB
1 KB 262ms
172ms Script
text/plain 2600:9000:2240:5200:3:3306:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dfjlgfb4lxka5.cloudfront.net/gQ0d2cVogKBgXZTcuEkxsc3dFQW5lLQUeNDN6FzIjBwAkMB0mcDgnDxsAFFcuOSNLQ3wvJhgWZ2UiGBJncmEXFTh+c1AFKiwsSxcwMDARFD0tLRtXLyJ6Gx4gKisaEH9xAUNfamZ1RlktKikSHi0wYkRBNDdiREFrc2lGVGkBYkRBLSopQEV/cAVTQ2o7cU-JYf3F3FwEqLyIBFDgoLgJUaAVyRUZ0cHFTQ2prLB4FNy9iRDJ/cXcaGDEmYkRBPSYkHR5zZnVGEjIxKBsUf3EBTkh0c2lCQmJ6aUFDf3F3BRA8IjUfVGgFckVGdHBxUARncg
Requested by: Host: ntmastsault.info
URL: https://ntmastsault.info/MFZSTFdRNDEhaFFrMGoiQjpvaWV2c2AKM1Y8PisxUmI+NDxRY3wvO18jNiolXzgmYjlVInd+EVcHYihlUwA9KxxyMQoWA1MjFycvQzVhKBFhAWcgG2EDNwITfmAUNh5aFCUNPH0UYiE0dDE8CC9DFxQKNEUZAQIbYWUlOh1YMQUWZWU/FQ4dXjU/CQ92AjppZXI1Yw0Rez8lPwRINSUBE3EEFAhnRBoAOA98Lxh6EEhiNQc+QzcXBG5IFwcCMVE7CH0FXD0mBz5bBRolZ0cPOR4VfhI2JQV1ECAvZVwRBAs8cg85HhV8BT08BnUAd34RUxcEGAYCOWUvAh0cCypkdmUUOxJBGisFFXYSNSMbVxwHLRZmLwAZDQA1GgoDYWQiPhtyYhQCLgk/AAgdFWQULw9TNxUIEl0POR4VYAULJx9iYygWOWYRFyYeSB0QPwJWZRcOA1s+Yi9lXBUDIR0GNwcKE1ZlFH8VYhdqBT1lMAQLMHY1ORoQVB4QNAJxBDwvMBY8ISM5QGszDy50EQANEFVhHBoCaBEw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5200:3:3306:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dcdb93a7f655aae8c7b18ec7983bdca21b8805f8c1a68c5c3334263f2ff3d4b1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ntmastsault.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 775
x-amz-cf-id: CPeKp70cnIkWPITJgBfO_ISo1iRLZwUQyh-DCQumudQg_rtolJl4Sg==

GET
H2 200 YkRpJGxg Show response
dfjlgfb4lxka5.cloudfront.net/ick9RUVERID83bgYmNWxmQndhZGNUJSI+PwJyIRIgGgYHZmlCJgslGSosdyUrFnJjdz0TITZsdxchMmxgVC41M2xGaSUhPhlyNzsiBSg0Nj8YInckME8iPis4HiMwdGM0en9hdEB/eSY4HCs+JiJXfWE/JVd9YWBhXH90YhN... Frame 41CA 587 B
717 B 254ms
169ms Script
text/plain 2600:9000:2240:5200:3:3306:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dfjlgfb4lxka5.cloudfront.net/ick9RUVERID83bgYmNWxmQndhZGNUJSI+PwJyIRIgGgYHZmlCJgslGSosdyUrFnJjdz0TITZsdxchMmxgVC41M2xGaSUhPhlyNzsiBSg0Nj8YInckME8iPis4HiMwdGM0en9hdEB/eSY4HCs+JiJXfWE/JVd9YWBhXH90YhNXfWEmOBx5ZXRiMGpjYSlEe3-h0Y0IuISE9Fzg0MzobO3RjF0d8Zn9iRGpjYXkZJyU8PVd9EnRjQiM4OjRXfWE2NBEkPnh0QH8yOSMdIjR0YzR3aH9hXHtiaWhceGN0Y0I8MDcwACZ0YxdHfGZ/YkRpJGxg
Requested by: Host: ntmastsault.info
URL: https://ntmastsault.info/RG9UN2glDTdaVyVSNhEdNgNpEloCSmZxDCIFOFAOJls4TwMlWnpUBCsaMFEaKwEgGQYhG3EFLi0MPw46ETkRZSEAV2dVDx0CGmAQKT46UwAeKBpiIhcmcQUqFBgeTiEWJjNwDx0nDloEByUzRAQDPDtEDD06JnEGDgUwTVgQJgBtGyAXN18lKRczYStwXhkFEAMOB2IAFAc4TiY+HD11OyNfGl1QHSY6VAMJKmxeOC0cYH8BCRgwcCV0CjoOACAqFhJaAgoHblwMLCcSWgYlPX0wIjgREloCJQJTUR04Fl8wDFZkbgAKNzJgLSkgFk9dHjcGXiUDHz5uOygqMQRFLF8NByExJgdyUQIVMwclPgA2eFsWBRIHDHw1Og4BFigkXTEcBA59ERFXBGEMfSo6ZQIVBhkDJy49DFE/AV0adS0vPzpfWBUnbE4nFyIwfgIWXw1NOncOHA4AHCcgXgkTBzdSLwpfDQchfCIQVB8FLA4HMTwLHFEvHkpmcTEvPSR9LzwIcl0bKwEkChgHHjx+PnNXZF4yMCcMVA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5200:3:3306:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 55fddb63cdf958e2316bdd25f85986c34f6232aa8e604b8efb7bad916c8a83bd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ntmastsault.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 438
x-amz-cf-id: GuPJr8W8NXcK527jZZA3mN-6IyQc1RayA_5uVwAY4OWy9kpVhACWmQ==

GET
H2 200 GVEfPztXCyh3ZUJVAjkyVwtbNTIRUgR7ckAJCDolHVQOd2U0AVJ8Z1wNWGpuXA5Zd2VCSgo0NgBQTmARRwpcfGREHx5vZg Show response
dfjlgfb4lxka5.cloudfront.net/QV3I5a1I0HVcNbSMbXVZqZkQAXGFxGEoEPCdPSghjGhxXMRw6JQogOxkKaE0mLRYEWXQ7E1cMb3EXVwhvZlRYDzBqRh8fIjgZBA04JAVeDjU5GFRNJzZPVAQoPh5VCndlNAxFYnJACUMlPhxdBCUkVwtbPCNXC1tjZ1wJTmE... Frame CEA9 572 B
720 B 260ms
174ms Script
text/plain 2600:9000:2240:5200:3:3306:7b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dfjlgfb4lxka5.cloudfront.net/QV3I5a1I0HVcNbSMbXVZqZkQAXGFxGEoEPCdPSghjGhxXMRw6JQogOxkKaE0mLRYEWXQ7E1cMb3EXVwhvZlRYDzBqRh8fIjgZBA04JAVeDjU5GFRNJzZPVAQoPh5VCndlNAxFYnJACUMlPhxdBCUkVwtbPCNXC1tjZ1wJTmEVVwtbJT4cD193ZDAcWWIvRA-1Cd2VCWBsiOxdODjA8G01OYBFHClx8ZEQcWWJ/GVEfPztXCyh3ZUJVAjkyVwtbNTIRUgR7ckAJCDolHVQOd2U0AVJ8Z1wNWGpuXA5Zd2VCSgo0NgBQTmARRwpcfGREHx5vZg
Requested by: Host: ntmastsault.info
URL: https://ntmastsault.info/RGtHSTglCSQkByVWJW9NNgd6bAoCTnUPXCIBKy5eJl8rMVMlXmkqVCseIy9KKwUzZ1YhH2J7fhU9dAANJVoOeXASCAkrawkJHx9iNTEsGHkcLAExfwEEAhl7IDsULlAuLC8xYAk5MH9yFQQgBkAvICYMCCknFRB9EzMWfn11CAorCwEzET5QMjErG2EAEQU4aixTIQBSIzEFCAhwIQYfXQABEnx/AjkJA0IeOxEIaSs7L3xuBwUjJXYFEwEQVg4qBBx1KDsvMVwGKBIibjMfJRl7CjMEeEwuMXY+chAGAh9uMx8lA2xwCAN4AXcxAwhbEzwOP2oFRnYKXHY9BB56NwIIMVwLLy0IAANbdgZhBi0PClQ8Ux0MaSc8EAMddi0AH30iOz09YAcSL3piESERCFIvEhE+TCYlEwBqEQwVflsvKg0KfCsHDx9pCw91HAgFPQ1xYnUcCR5/NB4fCA0eD3UfexcMKHl2IykWHVUFORU+SCcNABt9DBNyP2IjTS06VyobejpbdSYpJ2IKBhB6cy0lPxg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5200:3:3306:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0efce57756bff1917dd9cceef075815f5ef5008421d97e8e31084e6562d518b0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ntmastsault.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 443
x-amz-cf-id: esmBu6ZxsMksUW2iyWW9SaDkkTyG4DqRcw8PIbMBE2UuhQl1UAiFSA==

GET
H2 204 ZkxhbWNJcwIeXjMYCTwCDSAJKVEkHwc6ACgWJ1xWPA0NBjs+I0cZCgJxV11TVXxVSxMPKFxcRRU4ABkWFXFSXVNXaggDBQlxUV1TV2oXUFJIf1VDUFJiUUsWW31ZVFRQfllaWlZ0VFpTXn5HGRMHK1xcRRY4FQFeV3pYWlpSe1FeUlF4VQ
omouswoma.info/ 0
245 B 117ms
117ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omouswoma.info/ZkxhbWNJcwIeXjMYCTwCDSAJKVEkHwc6ACgWJ1xWPA0NBjs+I0cZCgJxV11TVXxVSxMPKFxcRRU4ABkWFXFSXVNXaggDBQlxUV1TV2oXUFJIf1VDUFJiUUsWW31ZVFRQfllaWlZ0VFpTXn5HGRMHK1xcRRY4FQFeV3pYWlpSe1FeUlF4VQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 03:57:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwDtW758hb4JtyruYKUDWUj%2BFkZpWzn8OXZshYAKgl0VAfvYgrtUqvXEbg38FzepQulgUAj4LgL53CGLcDcojPUJ6fmXm2y5f7LuMHOdZ6etQBfDbEHjqb2nZkIiy0wenw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 819ed0947b0d9b8c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 popunder.gif
omouswoma.info/ 35 B
532 B 31ms
31ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://omouswoma.info/popunder.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sun, 22 Oct 2023 03:57:11 GMT
cf-cache-status: HIT
last-modified: Sat, 21 Oct 2023 15:25:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 45102
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKCu5FJgZTrF3374BfHqrLXP3egZHlknhyn8v4uw%2BJT5P4fOoLQQh9fGSkL8vFBySBUgnc8K%2FLVzCeUShqd360jl3hDSixiG0vJQ1INwsKOH12NX3g%2FwpJYsV1nZlVLwRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 819ed095ad02bbd4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 multi Show response
ntmastsault.info/ 3 KB
2 KB 130ms
130ms XHR
text/plain 65.9.66.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntmastsault.info/multi?cs=dnpLWXJFS3ppS0FDfW5ETk56akU&abt=0&red=1&sm=76&k=userscloud%20free%20cloud%20storage%20unlimited&v=1.0.60.3&sts=0&prn=0&emb=0&tid=708052&rxy=1600_1200&u=1897628790857082&agec=1697947031&fs=1&mbkb=400&ref=https%3A%2F%2Fuserscloud.com%2Fd9rkznva4y85&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&tzd=2&uloc=&if=0&_k7J5=1697947031981&crc=1
Requested by: Host: userscloud.com
URL: https://userscloud.com/d9rkznva4y85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-71.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: faff7f14e50132c626afde2ec8dc779904526ddaac2c00636b535155ee7a2205

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 03:57:12 GMT
content-encoding: gzip
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: text/plain
access-control-allow-origin: https://userscloud.com
p3p: CP="NID DSP ALL COR"
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-length: 1534
x-amz-cf-id: q6CgT_kHS4HoiwRdbRr8s3BipJ296hXz0xOQvE7hLBB_dYPtUUlxTA==

POST
H3 200 log Show response
play.google.com/ Frame 4674 131 B
155 B 41ms
41ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 22 Oct 2023 03:57:14 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 22 Oct 2023 03:57:14 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 28ms
28ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 22 Oct 2023 03:57:14 GMT
expires: Sun, 22 Oct 2023 03:57:14 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.userscloud.com/	1969-12-31 23:59:59	Name: lang Value: german
.google.com/	1970-01-20 20:02:38	Name: NID Value: 511=ee1WQtVrdnLLn1Aed7ivwPF_SkMmkeT9PFZv8FtxaZmQNUdoJCsTjTpcnLdLZtsFAYis2XHNi2lIeVYLy0ae3oRzYnq89sdRUv1mnY843GZ6_913o4vEypY9CdRZ-h8Jd7dhziK-wP1K57imkp9U87w83y88YL48QE_bYd6SLio
.userscloud.com/	1970-01-21 01:15:07	Name: _ga Value: GA1.1.834647753.1697947032
pogothere.xyz/	1970-01-21 00:17:31	Name: csu Value: 1897628790857082@1@1697947031
.userscloud.com/	1970-01-21 01:15:07	Name: _ga_M73M877RTL Value: GS1.1.1697947031.1.0.1697947031.0.0.0

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-uBOqGZfl78aMWajQNhjgQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/nxchpt22uydddj3h4oc4vgapl7murshhgweybufomluthimqhglc6gy/d9rkznva4y85.pdf&embedded=true(Line 8) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-uBOqGZfl78aMWajQNhjgQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
network	error	URL: https://docs.google.com/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://docs.google.com/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyy2coYVenFbvrVfPQnlSUVFvZ_Z1bi59R5CQT774z2uuTrsfqBYpEonZ0sTwHj7TynXy1hr9w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1309573506%3A1697947031638069&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxg4pOg-EKWINMyCouzA8o3e_sXHl--agxp3xAAY6Th6XTVO38waO4PdpbneaCs7gP6xD6z3g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S822840016%3A1697947031671600&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
content.googleapis.com
csp.withgoogle.com
dfjlgfb4lxka5.cloudfront.net
docs.google.com
ntmastsault.info
omouswoma.info
play.google.com
pogothere.xyz
region1.google-analytics.com
ssl.gstatic.com
static.cloudflareinsights.com
userscloud.com
www.facebook.com
www.googletagmanager.com
www.gstatic.com
172.64.199.35
188.114.97.3
2001:4860:4802:34::36
2600:9000:2240:5200:3:3306:7b40:21
2606:4700::6810:3965
2a00:1450:4001:803::200d
2a00:1450:4001:803::200e
2a00:1450:4001:806::2011
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2008
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
65.9.66.71
0efce57756bff1917dd9cceef075815f5ef5008421d97e8e31084e6562d518b0
238f8ee928bead2180efc970570634698aa6d1b9bb5e1a0d63d3829873ce715e
24da994858e9a3e79f2f40d91bf46a8a58fcfc4de3af43fa51217bd578a5004a
284a1d42b3ed245405bb7dcded0e97cc6fa25824704e008ce45da8175d316190
2dfa3bceb249c735a7936c072cc3937fc8c8169c8f58c9f1fdcadf5f7d43d471
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4
38bb8de9189003e6eddb162ebb55813c5bd57abd7cafee24c67fcda29b0cc1a0
3978d27f27e094dfa2f8691a2ee3008a936cd64489202c637313b2ecf8b16e63
3a25de84409e6dc1d33a36271e50835fae77574935f07aa4bbb254494654c837
3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf
3daf6aaeafbe346a3470d0a55b3f59ceef9dc337d8ac5cc6371c59212fc65be2
3e176d82f3f5eb2d708e6f740c8b941915a18ec54408eaef5c8da4d61a86b396
41af969ee00e8132a0040094db2b1a79a15b4d9b7e2bb485012970fdf7b5c455
450f6ca98d98ad460909a056162d17b1e267d3251c1a4150d79c879d2fcc3304
485f82e1060329620f3a25d31f64bd26bbe2985ab5f01c2f872e2b5a877ccd30
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
55fddb63cdf958e2316bdd25f85986c34f6232aa8e604b8efb7bad916c8a83bd
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84356dbe47e022faf5b3c28cc486332f125ff9889a501e266c62cc0c397d1159
858be7e30120552c4ec02bf160519aab3017234dbc89c9b0c8642df6e2ec7175
8f952a8fcbcf53be1f23f467a1c9f5e0e40983c024b3f93bff1331e6d210ee8c
931984dc4e4f9d7331755cbe84a5345a01ba1fd3d43e9e21c05601a276cfebc0
9bfc0cbdfded213181bd698aab04a7ab8ef48506fc09fe249c7785a9b863258f
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137
c91768ddd242fe465fd233dc5166c4810ae9f8740d3b1ac389cffd283503bd1e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d64db3530653f3c614e2ef2daa616a5ab601c0cd3201b01f8b7842a0e666cbde
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc
dcc9042d6e57da51821acd007645a5269b176f61c9d35146966f971edba08396
dcdb93a7f655aae8c7b18ec7983bdca21b8805f8c1a68c5c3334263f2ff3d4b1
df8e7d1a3b41fda29ec9af90cd991aa62986af90a9f5cb2a9d63326e7c9cb0fb
e3b093037c5b94003859b96af6b27c8ba17832cfc8943b7511b905b571e78723
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee31d220edb3a247bac9a660877fe7e20f928c27adb8860af252a3882b43a2a0
f448f4cb752b074c2de369eb0d424ea8217f4c8d98a765ac5c3034958771f8f3
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f867efe89de2acc7f60da32733292e8c8ea157c6e64dd7a7434c6eb4955475f1
faff7f14e50132c626afde2ec8dc779904526ddaac2c00636b535155ee7a2205

userscloud.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

94 %HTTPS

82 %IPv6

13 Domains

17 Subdomains

18 IPs

3 Countries

2041 kBTransfer

4442 kBSize

5 Cookies

0 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

userscloud.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

94 %
HTTPS

82 %
IPv6

13
Domains

17
Subdomains

18
IPs

3
Countries

2041 kB
Transfer

4442 kB
Size

5
Cookies

71 HTTP transactions
1 data transactions