app.user.com Open in urlscan Pro
2606:4700:10::6816:30fd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://burdamedia.user.com/
Effective URL:
https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Submission: On January 31 via manual (January 31st 2024, 1:42:49 pm UTC) from IN — Scanned from DE

Summary HTTP 56 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 56 HTTP transactions. The main IP is 2606:4700:10::6816:30fd, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.user.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 13th 2023. Valid for: a year.

This is the only time app.user.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 25	2606:4700:10:... 2606:4700:10::6816:30fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:10:... 2606:4700:10::6816:31fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3 3	51.77.134.128 51.77.134.128	16276 (OVH) (OVH)
56	12

25 2606:4700:10::6816:30fd (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

burdamedia.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
register-static.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
support.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:31fd (United States)

ASN13335 (CLOUDFLARENET, US)

register-static.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
support.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.77.134.128 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ns3137052.ip-51-77-134.eu

eu.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.userengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	user.com 4 redirects burdamedia.user.com — Cisco Umbrella Rank: 585696 app.user.com register-static.user.com support.user.com widget.user.com — Cisco Umbrella Rank: 124559 media.user.com — Cisco Umbrella Rank: 173575 eu.user.com — Cisco Umbrella Rank: 590842	1 MB
8	gstatic.com www.gstatic.com fonts.gstatic.com	664 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2616	47 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	365 KB
2	userengage.com 2 redirects app.userengage.com	250 B
2	google.de www.google.de — Cisco Umbrella Rank: 6518	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	403 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 811	7 KB
56	9

	Domain	Requested by
9	register-static.user.com	app.user.com register-static.user.com
7	www.google.com	app.user.com www.gstatic.com www.google.com
6	www.gstatic.com	www.google.com www.gstatic.com
6	widget.user.com	app.user.com support.user.com
5	media.user.com	app.user.com
5	support.user.com	1 redirects support.user.com
4	www.googletagmanager.com	app.user.com www.googletagmanager.com www.google-analytics.com
3	app.user.com	app.user.com static.cloudflareinsights.com
2	app.userengage.com	2 redirects
2	www.google.de	app.user.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	fonts.gstatic.com	www.google.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	burdamedia.user.com	2 redirects
1	eu.user.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	app.user.com
56	18

This site contains links to these domains. Also see Links.

Domain
user.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Frame ID: CC0E9EEE4BFD1024106BC7582FC05DBC
Requests: 41 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=9ckyeh5m9jfb
Frame ID: 4979C2B63FBA5980D0FEAC654FF2DF09
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=normal&cb=ow3xj2uj6hga
Frame ID: 0C7BDE415C86FD49FFAAC4DD9595445F
Requests: 3 HTTP requests in this frame

Frame: https://media.user.com/avatars/1589565577617_GGKIClX.jpg
Frame ID: 122F9060A71E3AD2C3A1A34995E6368B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

User.com | Login - User.com

Page URL History Show full URLs

http://burdamedia.user.com/ HTTP 301
https://burdamedia.user.com/ HTTP 302
https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/ Page URL

Detected technologies

Django (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

56
Requests

93 %
HTTPS

92 %
IPv6

9
Domains

18
Subdomains

12
IPs

4
Countries

2510 kB
Transfer

6363 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://user.com/en/?utm_source=app.user.com&utm_medium=client_webpush

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://burdamedia.user.com/ HTTP 301
https://burdamedia.user.com/ HTTP 302
https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://support.user.com/widget.js HTTP 301
https://widget.user.com/widget.js

Request Chain 52

https://eu.user.com/media/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg HTTP 301
https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg

Request Chain 54

https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png HTTP 301
https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png

Request Chain 55

https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png HTTP 301
https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.user.com/accounts/login/
Redirect Chain

http://burdamedia.user.com/
https://burdamedia.user.com/
https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

8 KB
3 KB

140ms
119ms

Document
text/html

2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32af5ac50322fa8f7ce91691386676595732d6bcb7e5f90070afeeda98420666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
cf-cache-status: DYNAMIC
cf-ray: 84e2612ef80d5c14-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 31 Jan 2024 13:42:44 GMT
expires: Wed, 31 Jan 2024 13:42:44 GMT
referrer-policy: same-origin
server: cloudflare
ue-backend: wsgi-register
ue-node: uwsgi-register9
vary: Cookie, Accept-Language, Origin
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84e26128faf85c14-FRA
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 13:42:44 GMT
location: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
referrer-policy: same-origin
server: cloudflare
ue-backend: tenants
ue-node: apinode34
vary: Cookie, Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 / Show response
app.user.com/jsi18n/ 3 KB
1 KB 59ms
58ms Script
text/javascript 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.user.com/jsi18n/

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25606f56d89470768333065f9f9d8efcfe9b46dadece2af3420f5b8f05c7da6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: DENY
vary: Accept-Language, Cookie, Origin
content-language: en-us
content-type: text/javascript; charset="utf-8"
ue-backend: wsgi-register
ue-node: uwsgi-register4
cf-ray: 84e2612fc8b65c14-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.c414065cc9592d8017c4.css
register-static.user.com/static/bundles/ 792 KB
330 KB 52ms
32ms Stylesheet
text/css 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/bundles/main.c414065cc9592d8017c4.css
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ef629211f79c3de01794cf294dd988b6ab7bf7a8c7c3d58e3f24440038531b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: NPP9Y2NSV2SJ0JVK
age: 17355
cf-polished: origSize=923898
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NnobJCuUSSkhegOkYSDd35u0JPYeWNuzhmnY3mkJ/lprlySpSAHbsYhl4Whl6KPphw4aifcbMJM=
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 07:23:38 GMT
server: cloudflare
etag: W/"4a5449e2ee2834089b79fed0961f9496"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=432000
cf-ray: 84e2612fe8f05c14-FRA

GET
H2

200

widget.js Show response
widget.user.com/
Redirect Chain

https://support.user.com/widget.js
https://widget.user.com/widget.js

149 KB
51 KB

48ms
29ms

Script
application/javascript

2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget.js
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H2
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c885e6fb5f0e5e48b769b2be53ad58f33c09f0861179872907f13f975eb6991c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 06:03:33 GMT
server: cloudflare
x-amz-request-id: 83YFE6MCSS34BM6A
age: 3984
etag: W/"9f11295966ec1b0d997cde32b2bda20e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 84e26130292a5c14-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: TDrSnCH5ooqykw+eafRfjJJ17IcFh/t+UQ2sCgQnsId/soOOJxFg8dxQu9lxY1QTIsbgPDb9hd8=

Redirect headers

date: Wed, 31 Jan 2024 13:42:44 GMT
cf-cache-status: HIT
server: cloudflare
age: 26543
vary: Accept-Encoding
location: https://widget.user.com/widget.js
cache-control: max-age=3600
cf-ray: 84e2612fe8ec5c14-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 register.024de74d7aeea393ed03.css
register-static.user.com/static/bundles/ 384 KB
266 KB 44ms
24ms Stylesheet
text/css 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/bundles/register.024de74d7aeea393ed03.css
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a17dbb8eaac0ee5dfc23e1ab58b100062c8a791a134701945a858e0a98b03b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: NPPC47N9JH6XVHG3
age: 17355
cf-polished: origSize=403722
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3wvxRGR8MAJ596bJOveCnWufjB+sByM2i/nlCFEUvtw7gvZhpTkExl0XfH7CLxoEcqwkFedgmUQ=
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 07:23:38 GMT
server: cloudflare
etag: W/"bdc9b32bf30edfa72aa28fb23151febd"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=432000
cf-ray: 84e2612fe8ee5c14-FRA

GET
H2 200 logo-black-normal.svg
register-static.user.com/static/img/usercom/ 6 KB
2 KB 43ms
23ms Image
image/svg+xml 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register-static.user.com/static/img/usercom/logo-black-normal.svg
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1fd38fc3eedf82b1a61a1225d6469833f5a2775db377bf69d8b77e47e8c7250

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Feb 2022 07:35:57 GMT
server: cloudflare
x-amz-request-id: NPP49WVD35WTZ4X3
age: 17355
etag: W/"3338f831a349558bc7d70acf65ae8b44"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=432000
cf-ray: 84e2612fe8f25c14-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: HpCuY9MJrZ/m2ow0NAbSk0EGYWm78+IcGtgw6qTRwTZwF9+RHMjjc4KAg56QzT7HbzJNg6Rh9B8=

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 44ms
22ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

655a6b93bbbdaf4181c8971f4b9b1ff69f8d80fcaa0662789ab4400aa7b960be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 13:42:44 GMT

GET
H3 200 gogle-register%402x.png
register-static.user.com/static/img/brands/google/ 7 KB
8 KB 24ms
23ms Image
image/png 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register-static.user.com/static/img/brands/google/gogle-register%402x.png
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5323b169dbd28eb5b59d68445117d5d12c0151f2d5328f66862493c81d24e26d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
cf-cache-status: HIT
x-amz-request-id: NPP748CWXSYTWKMA
age: 17355
cf-polished: status=cannot_optimize
alt-svc: h3=":443"; ma=86400
content-length: 7446
x-amz-id-2: LETUQVbxPzfskaVtYqr+vYMX9HW6hWioOBoy8KysZt6otNch4mzwgVMzomIGdanfJedHyST2KKs=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 01 Feb 2022 07:35:57 GMT
server: cloudflare
etag: "b6f49555c27bc50bde81836f4feb1155"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 84e261300db6994e-FRA

GET
H3 200 main.78b14401f21f3790fe08.js Show response
register-static.user.com/static/bundles/ 452 KB
144 KB 44ms
44ms Script
application/javascript 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/bundles/main.78b14401f21f3790fe08.js
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ed88386aa88d633d73d721c092c4312820d45517879c4777b7f1f0c7948d696

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: NPPBQNE2D1JKK8XT
age: 17355
cf-polished: origSize=464464
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: XsvZRpgd3Wgz0nGZeWl4s/5DIMQEXEVoWz4lEw5wage0Irw1vtheSj6+sq/BiFjhW0XmBFPtXbQ=
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 07:23:38 GMT
server: cloudflare
etag: W/"09e134eda1c2895c652467f51dae353c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 84e261300db8994e-FRA

GET
H3 200 register.42baa2c13cf8f15c5c4b.js Show response
register-static.user.com/static/bundles/ 1 MB
423 KB 44ms
43ms Script
application/javascript 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/bundles/register.42baa2c13cf8f15c5c4b.js
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c2477b48cc513613b65e438b2dd63f8ef9eda733d946b3fc0b91c583f3116e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: NPP4V5TSGATHNW6N
age: 17355
cf-polished: origSize=1413403
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: toE6Vg4gFZw1lY/EwI1hsAU8V09V3DBarZuDDErGg4yCDavqLNfHqV8CVw124RFQAfzboRmQrTI=
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 07:23:38 GMT
server: cloudflare
etag: W/"02bb774ba73ed4045c14eff30a9a1275"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 84e261303ddd994e-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 81ms
61ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin: https://app.user.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 84e26130992668ef-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 368 KB
102 KB 60ms
38ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44263f5ea78e533c298e76ee7ac1c2b3b9f8a795da29ee5b8128d7da5bd1299e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103860
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Jan 2024 13:42:44 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ 485 KB
195 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://app.user.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 06:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198685
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 06:08:51 GMT

GET
H3 200 DMSans-Medium.woff2
register-static.user.com/static/fonts/dmsans/ 29 KB
30 KB 96ms
85ms Font
application/octet-stream 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/fonts/dmsans/DMSans-Medium.woff2
Requested by: Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.c414065cc9592d8017c4.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 087ad01ffaf62e7b8ecee1bd1e1ea770399c8fc82900d1e7db134e5baf825c0f

Request headers

Referer: https://register-static.user.com/static/bundles/main.c414065cc9592d8017c4.css
Origin: https://app.user.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: BWNBGBEHCXNEDDCM
alt-svc: h3=":443"; ma=86400
content-length: 29880
x-amz-id-2: TWFqtuksk8dLjDCmNxSH48qS8H/xoQ0a9PFzJfm1ObUYHCmMbw1aevBoc2bODN0MYrtnvNpAQTa6dnSuMGSu4w==
last-modified: Tue, 01 Feb 2022 07:35:56 GMT
server: cloudflare
etag: "d940ea16273447cce854f545842768fe"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 84e261308b1f2bd9-FRA

GET
H3 200 DMSans-Regular.woff2
register-static.user.com/static/fonts/dmsans/ 29 KB
30 KB 105ms
94ms Font
application/octet-stream 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/fonts/dmsans/DMSans-Regular.woff2
Requested by: Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.c414065cc9592d8017c4.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308

Request headers

Referer: https://register-static.user.com/static/bundles/main.c414065cc9592d8017c4.css
Origin: https://app.user.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: BWNEJHE54R3Y8FVN
alt-svc: h3=":443"; ma=86400
content-length: 29948
x-amz-id-2: VpVNw+P7hW+S4QkoMQlT8vmLFAxuQFtEoeVSulKOa+aWwzce+mx1d6GEPwKUkIX/Fu2YbXzU2QM=
last-modified: Tue, 01 Feb 2022 07:35:56 GMT
server: cloudflare
etag: "7795a419ed60bbfac7070ea410eeae6a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 84e261308b202bd9-FRA

GET
H3 200 fa-solid-900.woff2
register-static.user.com/static/fonts/ 63 KB
63 KB 81ms
70ms Font
application/octet-stream 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/fonts/fa-solid-900.woff2
Requested by: Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.c414065cc9592d8017c4.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad

Request headers

Referer: https://register-static.user.com/static/bundles/main.c414065cc9592d8017c4.css
Origin: https://app.user.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 18JF4FVTBKRN0S9Y
alt-svc: h3=":443"; ma=86400
content-length: 64428
x-amz-id-2: 2YZ0dv9LRKxgSPyAfSmu/ZMEaVVdCXmpzqUbHiwmbshye5CU2DbomFL7n0W9jv7fQsokqRESRV8=
last-modified: Tue, 01 Feb 2022 07:35:55 GMT
server: cloudflare
etag: "c4fc4e6d5fcf0af616e6cd6f884b72e9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 84e261308b1c2bd9-FRA

GET
H3 200 widget-app.2f1311514d2416d3d6d9.js Show response
widget.user.com/ 92 KB
18 KB 30ms
30ms Script
application/javascript 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-app.2f1311514d2416d3d6d9.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 030f7fa22bba9e4834ce68ce502f78520d0c5eaee401d7ff5654de7dc6494086

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 06:03:33 GMT
server: cloudflare
x-amz-request-id: VEV3Z1SETE2BH8EF
age: 3083
etag: W/"f294a3ea881ab4414e2e49f086355597"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 84e26130fe8f994e-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: JTM6pr3clQSG3Z1m/+eqDPxjfxEKw7xUIDeaI52mN1WRdgRXvNOOVZGZzxYrL/lzFi74GYOEIEs=

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4979 44 KB
28 KB 33ms
33ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=9ckyeh5m9jfb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3f9251758f3656a3d54c1ef83ee5a92ad0bd9005c757119856eeacacc0c6b1f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qz0FDeQRKOqUnYwkx2ia_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Qz0FDeQRKOqUnYwkx2ia_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 13:42:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0C7B 7 KB
1 KB 20ms
19ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=normal&cb=ow3xj2uj6hga

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

73a5985263dff1cb346774769bc5ed04581d07890751b76341fa494b50b1dd42

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lZkGolBfUlr9koTEJGcsMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lZkGolBfUlr9koTEJGcsMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 13:42:44 GMT
expires: Wed, 31 Jan 2024 13:42:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 0C7B 55 KB
24 KB 22ms
8ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=normal&cb=ow3xj2uj6hga

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 09:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jan 2025 09:41:03 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 0C7B 485 KB
194 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 06:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198685
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 06:08:51 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 4979 55 KB
24 KB 23ms
10ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 09:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jan 2025 09:41:03 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame 4979 485 KB
194 KB 48ms
34ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 06:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198685
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 06:08:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
89 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c74c957b6c91181561064e2b60eb5f3e9fccb4e2d28f98cabd6023c557f490d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90564
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 13:42:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

398116f5ddbc086d8e563650da65b1c8c628d48f293be0317e6f5b5cfdd7bfc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 13:42:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 55ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 11:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6875
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 31 Jan 2024 13:48:09 GMT

GET
H3 200 widget-actionsStore.2f1311514d2416d3d6d9.js Show response
widget.user.com/ 5 KB
2 KB 34ms
18ms Script
application/javascript 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-actionsStore.2f1311514d2416d3d6d9.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 06:03:33 GMT
server: cloudflare
x-amz-request-id: C922WQXD70BP1T1J
age: 1366
etag: W/"0d051876f932526893b9cf6305e9ce28"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 84e26131af1e994e-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: yYwqhJiOrM8416WDI26aWd0cT0v923zSVMAHNglDuwWEOgdMT3mEgtQGPDEC75arCvjh8VzVmlA=

POST
H3 200 / Show response
support.user.com/api/v2/user-chatping/ 5 KB
2 KB 142ms
141ms Fetch
application/json 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.user.com/api/v2/user-chatping/

Requested by

Host: support.user.com
URL: https://support.user.com/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d281835cbc324b82153f8044403d360505836fc94336ad0ce80ab37f340567a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ue-backend: tenants
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
vary: Cookie, Origin
allow: POST, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: https://app.user.com
access-control-allow-credentials: true
ue-node: apinode18
cf-ray: 84e261322f95994e-FRA

OPTIONS
H3 200 /
support.user.com/api/v2/user-chatping/ Frame 0
0 94ms
82ms Preflight
text/html 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.user.com/api/v2/user-chatping/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://app.user.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://app.user.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84e26131ac202bd9-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 13:42:44 GMT
server: cloudflare
ue-backend: tenants
ue-node: apinode40
vary: Origin

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 44ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P39TDMK54G&gtm=45je41t0v883336927z876971330&_p=1706708564453&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=852458495.1706708565&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706708564&sct=1&seg=0&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fburdamedia.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1524
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 13:42:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2065MFPQH5&gtm=45je41t0v876245972z876971330&_p=1706708564453&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=852458495.1706708565&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706708564&sct=1&seg=0&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fburdamedia.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&en=page_view&_fv=1&_ss=1&tfd=1561
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 13:42:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js Show response
www.google.com/js/bg/ Frame 4979 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=9ckyeh5m9jfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6914
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Jan 2025 18:58:19 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4979 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:51:38 GMT
x-content-type-options: nosniff
age: 67866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 06 Feb 2024 18:51:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4979 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 483348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4979 15 KB
15 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:08:25 GMT
x-content-type-options: nosniff
age: 185659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 10:08:25 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
220 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=298183110&t=pageview&_s=1&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fburdamedia.user.com%2F&ul=en-us&de=UTF-8&dt=User.com%20%7C%20Login%20-%20User.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAEK~&jid=403248889&gjid=806206579&cid=852458495.1706708565&tid=UA-100960632-1&_gid=2110558269.1706708565&_r=1&_slc=1&gtm=45He41t0n815SBSNG9v76971330&cd12=&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd3=852458495.1706708565&z=570980071

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

4e76f53ab3944fa6b24a671f438de2d4ea0ebc4a252cd8b4ae410c7626713e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 13:42:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4979 102 B
135 B 17ms
17ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

45f3e73f5b5d8f1accdba00c41a0ac3c0a6fdeee2f7e7d7f517296e8161188bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=9ckyeh5m9jfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 13:42:44 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-100960632-1&cid=852458495.1706708565&jid=403248889&gjid=806206579&_gid=2110558269.1706708565&_u=YCDACEAABAAAACAEK~&z=97069660

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 31 Jan 2024 13:42:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
86 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X19GWGFGFC&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4f2265817d9e309f73eba8b8aa84176ed785564c118aaf12a44a357f9f1aa67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 13:42:44 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 17ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-X19GWGFGFC&gtm=45je41t0v9165106096&_p=1706708564453&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=852458495.1706708565&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fburdamedia.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&sid=1706708564&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_3=852458495.1706708565&tfd=1691
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X19GWGFGFC&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 13:42:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 22ms
21ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X19GWGFGFC&cid=852458495.1706708565&gtm=45je41t0v9165106096&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X19GWGFGFC&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 13:42:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 55ms
32ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X19GWGFGFC&cid=852458495.1706708565&gtm=45je41t0v9165106096&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=461158011

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 13:42:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100960632-1&cid=852458495.1706708565&jid=403248889&_u=YCDACEAABAAAACAEK~&z=677603387

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 13:42:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 53ms
31ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100960632-1&cid=852458495.1706708565&jid=403248889&_u=YCDACEAABAAAACAEK~&z=677603387

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 13:42:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 /
support.user.com/api/webpush/ Frame 0
0 42ms
42ms Preflight
text/html 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.user.com/api/webpush/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://app.user.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://app.user.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84e261334db82bd9-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 13:42:45 GMT
server: cloudflare
ue-backend: tenants
ue-node: apinode40
vary: Origin

POST
H3 200 / Show response
support.user.com/api/webpush/ 1 KB
792 B 61ms
61ms Fetch
application/json 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.user.com/api/webpush/

Requested by

Host: support.user.com
URL: https://support.user.com/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c518d4a6aa0478e851ceed03b160fe582f7f22bd92c74a44b8bd48188654b9b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Jan 2024 13:42:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ue-backend: tenants
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
vary: Cookie, Origin
allow: POST, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: https://app.user.com
access-control-allow-credentials: true
ue-node: apinode45
cf-ray: 84e2613388b2994e-FRA

GET
H3 200 widget-chatStore.2f1311514d2416d3d6d9.js Show response
widget.user.com/ 12 KB
4 KB 19ms
17ms Script
application/javascript 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-chatStore.2f1311514d2416d3d6d9.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a34c36eba1fc5d92f556851778a8695936a52b8a63445aaee9863b2fc6b04e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 06:03:33 GMT
server: cloudflare
x-amz-request-id: NJA3CBJN25M4Y7WA
age: 4124
etag: W/"4550e64d06e66cf5565b1f1d49a27aa4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 84e261334878994e-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Wy4RULcMINM6wV8DxyVnQx8AmRweh9puBADLoIXabXIS67en+PV3dVhj3VpulM+W6mq584a6GhgoDReIb5WZ5A==

GET
H3 200 widget-launcherModule.2f1311514d2416d3d6d9.js Show response
widget.user.com/ 12 KB
5 KB 18ms
18ms Script
application/javascript 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-launcherModule.2f1311514d2416d3d6d9.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90b4a05a42e37f0e9c9edb4f2f29a5e46ee6d04dd2ea7e4ca29565cb9346d4ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 06:03:33 GMT
server: cloudflare
x-amz-request-id: AQT0RXP32V2SVEMK
age: 549
etag: W/"c910a153db19745fd01517e1bdb7c810"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 84e261334879994e-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: TeS2FaT7KFohoB+Xh7KT9IqVEngj/ynMuFSbToCiQQJFX126BDWgmnQWgknTnDsp06IecjMxovg=

GET
H2 200 1589565577617_GGKIClX.jpg
media.user.com/avatars/ Frame 122F 4 KB
4 KB 38ms
20ms Image
image/jpeg 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/avatars/1589565577617_GGKIClX.jpg
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd0d5465701018227e5d21b1c2f3f7e7413357a7a67522f88dcbd88fef088c13

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:45 GMT
x-amz-version-id: 5zzeqpI5F8fB.XQSSfgTuX_kSBBay4DX
cf-cache-status: HIT
x-amz-request-id: 4HQZMFBF2BE08CVA
age: 26168
cf-polished: origSize=3790
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 3601
x-amz-id-2: ndlrB9ipqzz32oO1cqio3FPwvgglMoIU+DFbau8DI/kp4nKCsoXMAQpXLj32oFYT1r7ZH1L896I=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 18 Mar 2022 12:11:53 GMT
server: cloudflare
etag: "77f138d686c94581f9058b39eb2a6fab"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 84e26133ac245c14-FRA

POST
H3 204 rum Show response
app.user.com/cdn-cgi/ 0
139 B 17ms
16ms XHR
text/plain 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.user.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

date: Wed, 31 Jan 2024 13:42:45 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://app.user.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 84e2613388b4994e-FRA

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 4979 13 KB
9 KB 55ms
55ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

faacfdc82ae5c12b644b270746a30722ead0aa2194db420196315a9b3dcbc60d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=9ckyeh5m9jfb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 31 Jan 2024 13:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 13:42:45 GMT

GET
H3 200 widget-webpushModule.2f1311514d2416d3d6d9.js Show response
widget.user.com/ 13 KB
6 KB 17ms
16ms Script
application/javascript 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-webpushModule.2f1311514d2416d3d6d9.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d026c377dae351eeb868de58af2e64ebf22c483dbc4121ee663ba5a04d5185a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 06:03:33 GMT
server: cloudflare
x-amz-request-id: CRJYD0CN8V2H6EMA
age: 5781
etag: W/"22b76e545f75ad49b323f37e3da5f6d0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 84e26133f8fe994e-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dfo/mT9C25sMXbs9Sca5fqJ/OD8DkptTq1EUvO8BTLdDkVCjfIaBV6lYZwoWqTGtN9s6Wsdqk1C1suUKZMvDaw==

GET
H3 200 cMdu2oPdnxul50W3Lldz5YdDNV28UFvY.jpg
media.user.com/avatars/ Frame 122F 2 KB
2 KB 18ms
17ms Image
image/jpeg 2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/avatars/cMdu2oPdnxul50W3Lldz5YdDNV28UFvY.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46fc5ad46cd6e244fad8b3a48f5b80c0c243bcdab9cfbb16e06a83bc56c62bac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:45 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 9EZ3XMDJHM2SVH2R
age: 1217
cf-polished: origSize=2516
alt-svc: h3=":443"; ma=86400
content-length: 2163
x-amz-id-2: IaggeYC81D2hOIgH0EgP+TYD6q1RDZHf9oEFOrnZl++Q0KPy57nT4JFeMCGk1E/Ut47eOw5ZHSlpMvYeR1SvRA==
cf-bgj: imgq:100,h2pri
last-modified: Wed, 17 Nov 2021 02:36:21 GMT
server: cloudflare
etag: "d9704b6fd7ea6fb9a9724019f38fe1ed"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84e261341922994e-FRA

GET
H3

200

user-logo-square-1.jpg
media.user.com/uploads/1t1nnm-userengage-support/
Redirect Chain

https://eu.user.com/media/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg

8 KB
8 KB

50ms
50ms

Image
image/jpeg

2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
Protocol: H3
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 835bd339a94d1155e76137e9ba606f587a1c04f70311b7331df0b83937c5d973

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:45 GMT
x-amz-version-id: null
cf-cache-status: REVALIDATED
x-amz-request-id: X9MNFDGV6FEX8B8Y
cf-polished: origSize=9717
alt-svc: h3=":443"; ma=86400
content-length: 8284
x-amz-id-2: gXSuAioOvcePz6OSv6qHApWjV99ZZ9TkdW1VO/dLPYOs4+JMz0DvXWdEDvi6qIKpjXgcbl1JpP4=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 18 Nov 2021 07:50:38 GMT
server: cloudflare
etag: "559614145db411818f6ddab01cabcfb3"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 84e26134998d994e-FRA

Redirect headers

location: https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
content-length: 0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4e0138c8a6efc49d5aef63e7d71c139f09aa9a65b31111fc6e60f41e1fe2ead

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

ff4d00-0-0.png
media.user.com/old-media/uploads/6238/
Redirect Chain

https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png
https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png

70 B
454 B

24ms
24ms

Image
image/webp

2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
Protocol: H3
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3685d91003825bb30d7c466ce88382cefee36e2253955b5a570f9a27b0ada0bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:47 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 3KKY9YQW1E23KQ2X
age: 627
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ff4d00-0-0.webp"
alt-svc: h3=":443"; ma=86400
content-length: 70
x-amz-id-2: mOxXYZoZsmrDFQiJoRcg60560WNy5t3lMyG7lyC6LyX1RRYwXwH5zhSdQEiA37H2ShNGucBxNP1GkbBrzfgCIQ==
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Dec 2021 10:43:20 GMT
server: cloudflare
etag: "9591c410148e6883727c5339fd1c02cd"
vary: Accept
content-type: image/webp
accept-ranges: bytes
cf-ray: 84e26141adc5994e-FRA

Redirect headers

location: https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
content-length: 0

GET
H3

200

ff4d00-0-0.png
media.user.com/old-media/uploads/6238/
Redirect Chain

https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png
https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png

70 B
454 B

23ms
23ms

Image
image/webp

2606:4700:10::6816:30fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
Protocol: H3
Server: 2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3685d91003825bb30d7c466ce88382cefee36e2253955b5a570f9a27b0ada0bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 13:42:47 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 3KKY9YQW1E23KQ2X
age: 627
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ff4d00-0-0.webp"
alt-svc: h3=":443"; ma=86400
content-length: 70
x-amz-id-2: mOxXYZoZsmrDFQiJoRcg60560WNy5t3lMyG7lyC6LyX1RRYwXwH5zhSdQEiA37H2ShNGucBxNP1GkbBrzfgCIQ==
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Dec 2021 10:43:20 GMT
server: cloudflare
etag: "9591c410148e6883727c5339fd1c02cd"
vary: Accept
content-type: image/webp
accept-ranges: bytes
cf-ray: 84e26143ffe9994e-FRA

Redirect headers

location: https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
content-length: 0

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 22:24:20	Name: _GRECAPTCHA Value: 09AEqpVBnmPQub_IZidIE-unWGZc2dNEV0_RIZMkbcOM7HE7AAp-Y-7Bs2Mh7KrhsuU6dUzF2vsvzFHnh6UY7ADFs
app.user.com/	1970-01-21 02:49:18	Name: csrftoken Value: mW7U3F6wHvt6gM2CgJeZSf9y9aXB1dKL
app.user.com/	1970-01-20 18:25:18	Name: sessionid Value: ei6m4yourolzbxkb637rxzeggsdkrz2a
.user.com/	1970-01-20 20:14:44	Name: _gcl_au Value: 1.1.1502167047.1706708565
.user.com/	1970-01-21 03:41:08	Name: _ga_P39TDMK54G Value: GS1.1.1706708564.1.0.1706708564.0.0.0
.user.com/	1970-01-21 03:41:08	Name: _ga_2065MFPQH5 Value: GS1.1.1706708564.1.0.1706708564.0.0.0
.user.com/	1970-01-21 03:41:08	Name: _ga Value: GA1.2.852458495.1706708565
.user.com/	1970-01-20 18:06:34	Name: _gid Value: GA1.2.2110558269.1706708565
.user.com/	1970-01-20 18:05:08	Name: _gat_UA-100960632-1 Value: 1
.user.com/	1970-01-21 03:41:08	Name: _ga_X19GWGFGFC Value: GS1.2.1706708564.1.0.1706708564.60.0.0
.user.com/	1970-01-21 03:41:08	Name: _ueuuid Value: -9nIV_ZiySNzoXH4
.user.com/	1970-01-21 02:50:44	Name: __ca__chat Value: ra63yfb35ue7

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://register-static.user.com/static/bundles/register.42baa2c13cf8f15c5c4b.js(Line 83) Message: WebSocket connection to 'wss://app.user.com/ws/notifier/' failed: Error during WebSocket handshake: Unexpected response code: 404

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.user.com
app.userengage.com
burdamedia.user.com
eu.user.com
fonts.gstatic.com
media.user.com
region1.analytics.google.com
region1.google-analytics.com
register-static.user.com
static.cloudflareinsights.com
stats.g.doubleclick.net
support.user.com
widget.user.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
2001:4860:4802:32::36
2606:4700:10::6816:30fd
2606:4700:10::6816:31fd
2606:4700::6810:3865
2a00:1450:4001:801::2003
2a00:1450:4001:811::2008
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c0c::9b
51.77.134.128
030f7fa22bba9e4834ce68ce502f78520d0c5eaee401d7ff5654de7dc6494086
087ad01ffaf62e7b8ecee1bd1e1ea770399c8fc82900d1e7db134e5baf825c0f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ef629211f79c3de01794cf294dd988b6ab7bf7a8c7c3d58e3f24440038531b2
25606f56d89470768333065f9f9d8efcfe9b46dadece2af3420f5b8f05c7da6b
32af5ac50322fa8f7ce91691386676595732d6bcb7e5f90070afeeda98420666
3685d91003825bb30d7c466ce88382cefee36e2253955b5a570f9a27b0ada0bd
398116f5ddbc086d8e563650da65b1c8c628d48f293be0317e6f5b5cfdd7bfc5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f9251758f3656a3d54c1ef83ee5a92ad0bd9005c757119856eeacacc0c6b1f6
44263f5ea78e533c298e76ee7ac1c2b3b9f8a795da29ee5b8128d7da5bd1299e
45f3e73f5b5d8f1accdba00c41a0ac3c0a6fdeee2f7e7d7f517296e8161188bc
46a17dbb8eaac0ee5dfc23e1ab58b100062c8a791a134701945a858e0a98b03b
46fc5ad46cd6e244fad8b3a48f5b80c0c243bcdab9cfbb16e06a83bc56c62bac
4a34c36eba1fc5d92f556851778a8695936a52b8a63445aaee9863b2fc6b04e8
4c74c957b6c91181561064e2b60eb5f3e9fccb4e2d28f98cabd6023c557f490d
4e76f53ab3944fa6b24a671f438de2d4ea0ebc4a252cd8b4ae410c7626713e26
5323b169dbd28eb5b59d68445117d5d12c0151f2d5328f66862493c81d24e26d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
655a6b93bbbdaf4181c8971f4b9b1ff69f8d80fcaa0662789ab4400aa7b960be
73a5985263dff1cb346774769bc5ed04581d07890751b76341fa494b50b1dd42
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7c2477b48cc513613b65e438b2dd63f8ef9eda733d946b3fc0b91c583f3116e0
835bd339a94d1155e76137e9ba606f587a1c04f70311b7331df0b83937c5d973
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308
904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093
90b4a05a42e37f0e9c9edb4f2f29a5e46ee6d04dd2ea7e4ca29565cb9346d4ae
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d
9ed88386aa88d633d73d721c092c4312820d45517879c4777b7f1f0c7948d696
a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9
b1fd38fc3eedf82b1a61a1225d6469833f5a2775db377bf69d8b77e47e8c7250
bd0d5465701018227e5d21b1c2f3f7e7413357a7a67522f88dcbd88fef088c13
c4f2265817d9e309f73eba8b8aa84176ed785564c118aaf12a44a357f9f1aa67
c518d4a6aa0478e851ceed03b160fe582f7f22bd92c74a44b8bd48188654b9b3
c885e6fb5f0e5e48b769b2be53ad58f33c09f0861179872907f13f975eb6991c
d026c377dae351eeb868de58af2e64ebf22c483dbc4121ee663ba5a04d5185a4
d281835cbc324b82153f8044403d360505836fc94336ad0ce80ab37f340567a9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e0138c8a6efc49d5aef63e7d71c139f09aa9a65b31111fc6e60f41e1fe2ead
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
faacfdc82ae5c12b644b270746a30722ead0aa2194db420196315a9b3dcbc60d
fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad

app.user.com Open in urlscan Pro 2606:4700:10::6816:30fd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

93 %HTTPS

92 %IPv6

9 Domains

18 Subdomains

12 IPs

4 Countries

2510 kBTransfer

6363 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.user.com Open in urlscan Pro
2606:4700:10::6816:30fd Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

93 %
HTTPS

92 %
IPv6

9
Domains

18
Subdomains

12
IPs

4
Countries

2510 kB
Transfer

6363 kB
Size

12
Cookies

56 HTTP transactions
1 data transactions