urlscan.io logo urlscan.io
SecurityTrails logo

app.user.com Open in urlscan Pro
2606:4700:10::6816:225c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://saracens.user.com/
Effective URL: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Submission: On December 14 via manual from GB — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 48 HTTP transactions. The main IP is 2606:4700:10::6816:225c, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.user.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2021. Valid for: a year.
This is the only time app.user.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    51.91.31.155 (France)

ASN16276 (OVH, FR)
PTR: ns3151945.ip-51-91-31.eu
saracens.user.com
eu.user.com
22    2606:4700:10::6816:225c (United States)

ASN13335 (CLOUDFLARENET, US)
app.user.com
support.user.com
widget.user.com
media.user.com
6    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:10::6816:235c (United States)

ASN13335 (CLOUDFLARENET, US)
support.user.com
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    51.77.134.128 (France)

ASN16276 (OVH, FR)
PTR: ns3137052.ip-51-77-134.eu
app.userengage.com
Domain Requested by
10 app.user.com app.user.com
6 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com app.user.com
www.gstatic.com
www.google.com
5 widget.user.com support.user.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 support.user.com app.user.com
support.user.com
4 media.user.com
3 www.googletagmanager.com app.user.com
www.googletagmanager.com
2 fonts.gstatic.com www.google.com
2 saracens.user.com 2 redirects
1 app.userengage.com 1 redirects
1 eu.user.com 1 redirects
1 www.google.fr app.user.com
1 stats.g.doubleclick.net www.google-analytics.com
48 14

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-13 -
2022-07-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Frame ID: 6040F550CF13B9BFB5D07AE2D7C22C30
Requests: 33 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=eh5xors9gzlp
Frame ID: 54E6329209E8FCD2F25E7A6712F8B3C0
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=normal&cb=fpcy1za5nmj1
Frame ID: 41E896C4B35BD97D651E59A8CD7D6851
Requests: 3 HTTP requests in this frame

Frame: https://media.user.com/avatars/G3ZmyzFXjrtNsT7PNXTvo4yDdFOPC9Vk.jpg
Frame ID: 1BDD39A890EF09AE716C6A9A541678DF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

User.com | Login - User.com

Page URL History Show full URLs

  1. http://saracens.user.com/ HTTP 301
    https://saracens.user.com/ HTTP 302
    https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/ Page URL

Page Statistics

48
Requests

96 %
HTTPS

82 %
IPv6

8
Domains

14
Subdomains

9
IPs

4
Countries

2006 kB
Transfer

5102 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://saracens.user.com/ HTTP 301
    https://saracens.user.com/ HTTP 302
    https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://eu.user.com/media/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg HTTP 301
  • https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
Request Chain 46
  • https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png HTTP 301
  • https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.user.com/accounts/login/
Redirect Chain
  • http://saracens.user.com/
  • https://saracens.user.com/
  • https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f92f8cbab3fc60931d9f139b23d0eb5e0ddb984f06b98518cf3f5b9acbea36a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

date
Tue, 14 Dec 2021 13:21:29 GMT
content-type
text/html; charset=utf-8
expires
Tue, 14 Dec 2021 13:21:29 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
vary
Cookie, Accept-Language, Origin
x-frame-options
DENY
content-language
en-us
x-content-type-options
nosniff
referrer-policy
same-origin
ue-backend
register
ue-node
node16
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6bd7bc50cb11599b-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server
nginx
date
Tue, 14 Dec 2021 13:21:29 GMT
content-type
text/html; charset=utf-8
content-length
0
location
https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
x-frame-options
DENY
vary
Cookie, Origin
x-content-type-options
nosniff
referrer-policy
same-origin
ue-backend
tenants
ue-node
apinode4
/
app.user.com/jsi18n/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.user.com/jsi18n/
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c72942c566e907d892ed337f47c5a8c5c737aeb6242a16a79fb3ee3fe481ee11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
content-encoding
br
referrer-policy
same-origin
cf-cache-status
DYNAMIC
content-type
text/javascript; charset="utf-8"
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-language
en-us
ue-backend
register
vary
Accept-Language, Cookie, Origin
ue-node
register-node1
cf-ray
6bd7bc522f01599b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-content-type-options
nosniff
main.a2e28f7f491e675cd9d1.css
app.user.com/static/bundles/ 		792 KB
330 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.user.com/static/bundles/main.a2e28f7f491e675cd9d1.css
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb752f15400278cb9c30cbc037bad718a37d44818e4df1f4e37b7c865dee4e0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:29 GMT
content-encoding
br
cf-cache-status
HIT
age
102646
cf-polished
origSize=923699
ue-backend
register
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Dec 2021 10:34:01 GMT
server
cloudflare
etag
W/"61b08a19-e1833"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
ue-node
node7
cf-ray
6bd7bc522f09599b-MXP
expires
Wed, 12 Jan 2022 08:50:43 GMT
widget.js
support.user.com/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.user.com/widget.js
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9827970afe1b4450447c674d067c9d89ca4cbf53a2e6236b3e69fe71f99a54d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:29 GMT
content-encoding
br
cf-cache-status
HIT
age
75398
ue-backend
widget
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 25 Nov 2021 07:10:54 GMT
server
cloudflare
etag
W/"619f36fe-2541d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
ue-node
widget2
cf-ray
6bd7bc523f34599b-MXP
cf-bgj
minify
register.8b9a286934298c2c19e4.css
app.user.com/static/bundles/ 		383 KB
265 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.user.com/static/bundles/register.8b9a286934298c2c19e4.css
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8664750d53294ba33a53d874c420f57a4e9829c5b03641c9af32ca19d8faf507

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:29 GMT
content-encoding
br
cf-cache-status
HIT
age
102646
cf-polished
origSize=402355
ue-backend
register
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Dec 2021 10:34:01 GMT
server
cloudflare
etag
W/"61b08a19-623b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
ue-node
node16
cf-ray
6bd7bc522f10599b-MXP
expires
Wed, 12 Jan 2022 08:50:43 GMT
logo-black-normal.svg
app.user.com/static/img/usercom/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.user.com/static/img/usercom/logo-black-normal.svg
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1fd38fc3eedf82b1a61a1225d6469833f5a2775db377bf69d8b77e47e8c7250

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
content-encoding
br
cf-cache-status
HIT
age
91115
ue-backend
register
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 13 Jul 2021 13:33:17 GMT
server
cloudflare
etag
W/"60ed961d-1691"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
ue-node
register-node2
cf-ray
6bd7bc539fb25a37-MXP
expires
Wed, 12 Jan 2022 12:02:55 GMT
api.js
www.google.com/recaptcha/ 		884 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a32b4ca1e34bfa24a5b8930556e6b7a0e2a8bb813a30b3e29c1224025b63a32b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Tue, 14 Dec 2021 13:21:30 GMT
gogle-register%402x.png
app.user.com/static/img/brands/google/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.user.com/static/img/brands/google/gogle-register%402x.png
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5323b169dbd28eb5b59d68445117d5d12c0151f2d5328f66862493c81d24e26d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
cf-cache-status
HIT
age
102646
cf-polished
status=cannot_optimize
ue-backend
register
cf-bgj
imgq:100,h2pri
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 13 Jul 2021 13:33:17 GMT
server
cloudflare
etag
W/"60ed961d-1d16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
ue-node
register-node1
cf-ray
6bd7bc539fb75a37-MXP
expires
Wed, 12 Jan 2022 08:50:44 GMT
main.2929b0941bce14cf202e.js
app.user.com/static/bundles/ 		452 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.user.com/static/bundles/main.2929b0941bce14cf202e.js
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d78463cf4723de521f395d5d92c12f024f1e9a54d7f51c54f5707f2e48290a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
content-encoding
br
cf-cache-status
HIT
age
102646
cf-polished
origSize=464464
ue-backend
register
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Dec 2021 10:34:01 GMT
server
cloudflare
etag
W/"61b08a19-71650"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
ue-node
node7
cf-ray
6bd7bc536f295a37-MXP
expires
Wed, 12 Jan 2022 08:50:44 GMT
register.108ea992805e5bde7950.js
app.user.com/static/bundles/ 		1 MB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.user.com/static/bundles/register.108ea992805e5bde7950.js
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1863f071d57d05e1a2cc6e94e4afc669e2ce88c059cd9f5d4e9b3c286cda28b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
content-encoding
br
cf-cache-status
HIT
age
102646
cf-polished
origSize=1126165
ue-backend
register
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Dec 2021 10:34:01 GMT
server
cloudflare
etag
W/"61b08a19-112f15"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
ue-node
node6
cf-ray
6bd7bc539fad5a37-MXP
expires
Wed, 12 Jan 2022 08:50:44 GMT
gtm.js
www.googletagmanager.com/ 		250 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa6e0f96a2c84345ec05c19f4ea9f84bdb92f7ab0476786d3d1858a82e56835c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63865
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Dec 2021 13:21:30 GMT
DMSans-Medium.woff2
app.user.com/static/fonts/dmsans/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.user.com/static/fonts/dmsans/DMSans-Medium.woff2
Requested by
Host: app.user.com
URL: https://app.user.com/static/bundles/main.a2e28f7f491e675cd9d1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
087ad01ffaf62e7b8ecee1bd1e1ea770399c8fc82900d1e7db134e5baf825c0f

Request headers

Referer
https://app.user.com/static/bundles/main.a2e28f7f491e675cd9d1.css
Origin
https://app.user.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
cf-cache-status
HIT
age
83907
ue-backend
register
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29880
accept-ranges
bytes
last-modified
Thu, 09 Sep 2021 08:17:59 GMT
server
cloudflare
etag
"6139c337-74b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=2592000
ue-node
register-node2
cf-ray
6bd7bc539fc75a37-MXP
expires
Wed, 12 Jan 2022 14:03:03 GMT
DMSans-Regular.woff2
app.user.com/static/fonts/dmsans/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.user.com/static/fonts/dmsans/DMSans-Regular.woff2
Requested by
Host: app.user.com
URL: https://app.user.com/static/bundles/main.a2e28f7f491e675cd9d1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308

Request headers

Referer
https://app.user.com/static/bundles/main.a2e28f7f491e675cd9d1.css
Origin
https://app.user.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
cf-cache-status
HIT
age
83907
ue-backend
register
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29948
accept-ranges
bytes
last-modified
Thu, 09 Sep 2021 08:17:59 GMT
server
cloudflare
etag
"6139c337-74fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=2592000
ue-node
node16
cf-ray
6bd7bc539fcc5a37-MXP
expires
Wed, 12 Jan 2022 14:03:03 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ 		348 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8942298c544bc1e56a4b9e5bfb7b6cab33a5f263ac58b82aecaf123e2c145f9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://app.user.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 10:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138898
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 05:02:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 14 Dec 2022 10:44:12 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6396
date
Tue, 14 Dec 2021 11:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 14 Dec 2021 13:34:54 GMT
js
www.googletagmanager.com/gtag/ 		164 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b76477c99b2b45f0c86a3c4e91228223381e63c4eb76915ae5531e1ce0d2ded8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61888
x-xss-protection
0
expires
Tue, 14 Dec 2021 13:21:30 GMT
js
www.googletagmanager.com/gtag/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
718234eb0579c11106768470e0f25aabdd8db0bf0bb680e782a5453b8c840491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61862
x-xss-protection
0
expires
Tue, 14 Dec 2021 13:21:30 GMT
widget-app.6f96bc1c74a3477f7424.js
widget.user.com/ 		92 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-app.6f96bc1c74a3477f7424.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab32c69525b48c0351b06e0201998e0ba25f6e418a6d30106fde65139e354bd3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Nov 2021 07:10:54 GMT
server
cloudflare
age
3463
etag
W/"619f36fe-17007"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
ue-backend
widget
ue-node
widget1
cf-ray
6bd7bc569c6c599b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
anchor
www.google.com/recaptcha/api2/ Frame 54E6 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=eh5xors9gzlp
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
71e5d21306f2d95b87d285272c40301a5bb47ae155e0cd2cc905547a1efdab3f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7GeQOFU9LQt8onr11TyFQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 14 Dec 2021 13:21:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-7GeQOFU9LQt8onr11TyFQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20337
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
anchor
www.google.com/recaptcha/api2/ Frame 41E8 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=normal&cb=fpcy1za5nmj1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0683fde7e2c1a18951d0f021fb41e7e1272f0db3c3ccc09bad1e5ea14901fcd6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LqSFJj/EG+qd3bZBr/2oJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-security-policy
script-src 'report-sample' 'nonce-LqSFJj/EG+qd3bZBr/2oJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
content-encoding
gzip
date
Tue, 14 Dec 2021 13:21:30 GMT
expires
Tue, 14 Dec 2021 13:21:30 GMT
cache-control
private, max-age=0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1026
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js
www.google-analytics.com/gtm/ 		108 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-W9RLSSW&t=gtm6&cid=1290449156.1639488091
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d61c57bde3f660da118a57c4735e5c7f57eba44360ad3762b1ecf8e90580422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39338
x-xss-protection
0
expires
Tue, 14 Dec 2021 13:21:30 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2065MFPQH5&gtm=2oec10&_p=1909554874&sr=1600x1200&ul=en-us&cid=1290449156.1639488091&_s=1&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fsaracens.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&sid=1639488090&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 13:21:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.user.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P39TDMK54G&gtm=2oec10&_p=1909554874&sr=1600x1200&ul=en-us&cid=1290449156.1639488091&_s=1&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fsaracens.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&sid=1639488090&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 13:21:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.user.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
support.user.com/api/v2/user-chatping/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://support.user.com/api/v2/user-chatping/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:235c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-requested-with
Origin
https://app.user.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Dec 2021 13:21:31 GMT
content-type
text/html; charset=utf-8
vary
Origin
access-control-allow-credentials
true
access-control-allow-origin
https://app.user.com
access-control-allow-headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age
86400
ue-backend
tenants
ue-node
apinode4
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6bd7bc57cc1659ef-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
widget-actionsStore.6f96bc1c74a3477f7424.js
widget.user.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-actionsStore.6f96bc1c74a3477f7424.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Nov 2021 07:10:54 GMT
server
cloudflare
age
4145
etag
W/"619f36fe-1469"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
ue-backend
widget
ue-node
widget1
cf-ray
6bd7bc5749a65a37-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
support.user.com/api/v2/user-chatping/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://support.user.com/api/v2/user-chatping/
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74961fc41ae2f2e10769248c941a08007e65a55ab55f3e5170f1dadf55d6a5da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
X-Requested-With
XMLHttpRequest
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Dec 2021 13:21:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
ue-backend
tenants
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
same-origin
allow
POST, OPTIONS
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie, Origin
content-type
application/json
access-control-allow-origin
https://app.user.com
access-control-allow-credentials
true
ue-node
apinode2
cf-ray
6bd7bc592e715a37-MXP
styles__ltr.css
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame 41E8 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=normal&cb=fpcy1za5nmj1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24065
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 05:02:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 14 Dec 2022 11:54:53 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame 41E8 		348 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=normal&cb=fpcy1za5nmj1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8942298c544bc1e56a4b9e5bfb7b6cab33a5f263ac58b82aecaf123e2c145f9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 10:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138898
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 05:02:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 14 Dec 2022 10:44:12 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame 54E6 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=eh5xors9gzlp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24065
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 05:02:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 14 Dec 2022 11:54:53 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame 54E6 		348 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=eh5xors9gzlp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8942298c544bc1e56a4b9e5bfb7b6cab33a5f263ac58b82aecaf123e2c145f9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 10:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138898
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 05:02:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 14 Dec 2022 10:44:12 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1909554874&t=pageview&_s=1&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fsaracens.user.com%2F&ul=en-us&de=UTF-8&dt=User.com%20%7C%20Login%20-%20User.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAAC~&jid=2002988428&gjid=835391495&cid=1290449156.1639488091&tid=UA-100960632-1&_gid=1615903178.1639488091&_r=1&gtm=2wgc105SBSNG9&cd12=&cd3=1290449156.1639488091&z=926051165
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 13:21:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.user.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-100960632-1&cid=1290449156.1639488091&jid=2002988428&gjid=835391495&_gid=1615903178.1639488091&_u=aGDACEACRAAAAC~&z=2134187890
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 14 Dec 2021 13:21:30 GMT
content-type
text/plain
access-control-allow-origin
https://app.user.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-100960632-1&cid=1290449156.1639488091&jid=2002988428&_u=aGDACEACRAAAAC~&z=2095535459
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 13:21:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-100960632-1&cid=1290449156.1639488091&jid=2002988428&_u=aGDACEACRAAAAC~&z=2095535459
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//saracens.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 13:21:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 54E6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 03:05:30 GMT
x-content-type-options
nosniff
age
555361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 15 Dec 2021 03:05:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 54E6 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=eh5xors9gzlp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:05 GMT
x-content-type-options
nosniff
age
7406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Dec 2022 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 54E6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=eh5xors9gzlp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 06:37:08 GMT
x-content-type-options
nosniff
age
369863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 10 Dec 2022 06:37:08 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 54E6 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=eh5xors9gzlp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2a337c6cc0cb114b85cdb50d103a5a85d403acd211e8d8483dde969bb733c4c8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=eh5xors9gzlp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 14 Dec 2021 13:21:31 GMT
reload
www.google.com/recaptcha/api2/ Frame 54E6 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
261309ceffc979001b24208e04e874770fcce7345e4fdc032904411d72f6e697
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=eh5xors9gzlp
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 14 Dec 2021 13:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16755
x-xss-protection
1; mode=block
expires
Tue, 14 Dec 2021 13:21:31 GMT
/
support.user.com/api/webpush/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://support.user.com/api/webpush/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:235c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-requested-with
Origin
https://app.user.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 14 Dec 2021 13:21:31 GMT
content-type
text/html; charset=utf-8
vary
Origin
access-control-allow-credentials
true
access-control-allow-origin
https://app.user.com
access-control-allow-headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age
86400
ue-backend
tenants
ue-node
apinode4
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6bd7bc5afc9d59ef-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
support.user.com/api/webpush/ 		1 KB
917 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://support.user.com/api/webpush/
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8ab247afd9eec35ab1a0446618acf3d5a3037a970beb8a058ef0d4ca76993b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
X-Requested-With
XMLHttpRequest
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Dec 2021 13:21:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
ue-backend
tenants
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
same-origin
allow
POST, OPTIONS
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie, Origin
content-type
application/json
access-control-allow-origin
https://app.user.com
access-control-allow-credentials
true
ue-node
apinode1
cf-ray
6bd7bc5bee015a37-MXP
widget-chatStore.6f96bc1c74a3477f7424.js
widget.user.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-chatStore.6f96bc1c74a3477f7424.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
559dcc6534d186ac36874cfd100ad8a8f90d37426726a2cdf841a3693190cec2

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Nov 2021 07:10:54 GMT
server
cloudflare
age
1619
etag
W/"619f36fe-310c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
ue-backend
widget
ue-node
widget1
cf-ray
6bd7bc5aea995a37-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
widget-launcherModule.6f96bc1c74a3477f7424.js
widget.user.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-launcherModule.6f96bc1c74a3477f7424.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6e241574659bb6199759491dae281945963c66eb0e5ec697a6ab322c1510026

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Nov 2021 07:10:54 GMT
server
cloudflare
age
476
etag
W/"619f36fe-3127"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
ue-backend
widget
ue-node
widget1
cf-ray
6bd7bc5aeaa15a37-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
G3ZmyzFXjrtNsT7PNXTvo4yDdFOPC9Vk.jpg
media.user.com/avatars/ Frame 1BDD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.user.com/avatars/G3ZmyzFXjrtNsT7PNXTvo4yDdFOPC9Vk.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fb5f77e6152d0fc6ec16f1485caa258752fa76d50f388692d9be5e68f9e8966

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:31 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
KC57PMFWJV66K0HH
cf-polished
origSize=2869, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2624
x-amz-id-2
PXWmp4taOP69T14Y3KhL7LxfhI55qS2iPdG7VYhxWTIssn/rfkCCGjyDRX4ZqEh1WSaCTzOJvgY=
last-modified
Thu, 18 Nov 2021 09:13:17 GMT
server
cloudflare
etag
"71f3fc07df4ba38e4c19f0a4a2c8e7c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
6bd7bc5b89e3599b-MXP
cf-bgj
imgq:100,h2pri
widget-webpushModule.6f96bc1c74a3477f7424.js
widget.user.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-webpushModule.6f96bc1c74a3477f7424.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ea7ce1e931e4a36837547d8345a25dedb0787fcebc2618e4d5ab7632a3a4c7e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Nov 2021 07:10:54 GMT
server
cloudflare
age
2828
etag
W/"619f36fe-350c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
ue-backend
widget
ue-node
widget2
cf-ray
6bd7bc5d19225a37-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
xsUbgaj0NFXqsoNYaYXoSwGdAs11AO60.png
media.user.com/avatars/ Frame 1BDD 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.user.com/avatars/xsUbgaj0NFXqsoNYaYXoSwGdAs11AO60.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e32f1bc2eabf6fd4debc83efb6f541f88cc06bc337369887f652f2e55750a5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:31 GMT
cf-cache-status
HIT
age
6250
cf-polished
origFmt=png, origSize=17708
cf-ray
6bd7bc5d8a4c5a37-MXP
content-disposition
inline; filename="xsUbgaj0NFXqsoNYaYXoSwGdAs11AO60.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10664
x-amz-id-2
oOCupXEbP5gIlSyANA7geFK1u4P4yWcrQNxxRW3qobuuNx4xYYI6uYBJ5vcTbffW4vh7vOwUZ/0=
last-modified
Wed, 17 Nov 2021 05:19:13 GMT
server
cloudflare
etag
"de9577ada5c4f0271442f3e2662812f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
J6MV50PVXNSVXMJF
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri
user-logo-square-1.jpg
media.user.com/uploads/1t1nnm-userengage-support/
Redirect Chain
  • https://eu.user.com/media/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
  • https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
Protocol
H3
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6edfd25429478d698a018807461c27cf992cd8399343c6382b826f0a5d19663c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:32 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
358EJ1HJAT0KQR5T
cf-polished
origFmt=jpeg, origSize=9717
content-disposition
inline; filename="user-logo-square-1.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2880
x-amz-id-2
lLd33V7Ug0R9LtSzsZvJNiIknf3t1OQhGqTyuBZ6bKfvFRdNS8wjbIcFHkx29xsQwYP5zfZa3dI=
last-modified
Thu, 18 Nov 2021 07:50:38 GMT
server
cloudflare
etag
"559614145db411818f6ddab01cabcfb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
accept-ranges
bytes
cf-ray
6bd7bc5f2e745a37-MXP
cf-bgj
imgq:100,h2pri

Redirect headers

location
https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
content-length
0
ff4d00-0-0.png
media.user.com/old-media/uploads/6238/
Redirect Chain
  • https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png
  • https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
34 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
Protocol
H3
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 13:21:33 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
2BT5QTB8809A57DV
cf-polished
origFmt=png, origSize=95
content-disposition
inline; filename="ff4d00-0-0.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34
x-amz-id-2
hUY2CeEV+q2ov9gXjURAyM2R9VQbq56G1d8QQYpyFbAdKM3/+iBILB6/YYtglP0ashJyi6tD5WM=
last-modified
Fri, 03 Dec 2021 10:43:20 GMT
server
cloudflare
etag
"9591c410148e6883727c5339fd1c02cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
accept-ranges
bytes
cf-ray
6bd7bc6808135a37-MXP
cf-bgj
imgq:100,h2pri

Redirect headers

location
http://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
content-length
0

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer object| django function| pluralidx function| gettext function| ngettext function| gettext_noop function| pgettext function| npgettext function| interpolate function| get_format string| WSS_NOTIFIER object| civchat object| webpackChunkusercom_widget object| regeneratorRuntime function| parcelRequire object| UE function| userengage object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| setImmediate function| clearImmediate object| ue object| recaptcha object| WS object| closure_lm_80656 object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| UsercomInstance object| google_optimize

11 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABBMTcNr5TVn_Vtp8p1UnYK-3YRBWfUcGbrVqkWl8ClMrEex2JwWeI-iC8ax5nQteqguCu8c_BtzapuKd1vLMr0
app.user.com/ Name: csrftoken
Value: vHjOKC41X1A1FR628YCeQo4MfjaMfLBJlrAO0uw6n1ob7maM2C63fWBR7wRADvX7
app.user.com/ Name: sessionid
Value: 57ug26o1pa4r5nnvs6pouwsw08mubi67
.user.com/ Name: _gcl_au
Value: 1.1.1296625346.1639488090
.user.com/ Name: _gid
Value: GA1.2.1615903178.1639488091
.user.com/ Name: _ga
Value: GA1.2.1290449156.1639488091
.user.com/ Name: _gat_UA-100960632-1
Value: 1
.user.com/ Name: _ga_2065MFPQH5
Value: GS1.1.1639488090.1.0.1639488091.0
.user.com/ Name: _ga_P39TDMK54G
Value: GS1.1.1639488090.1.0.1639488091.0
.user.com/ Name: _ueuuid
Value: Fgvv3Zsc3oIhhtXo
.user.com/ Name: __ca__chat
Value: nzyhr4cfqtrr

2 Console Messages

Source Level URL
Text
network error URL: https://app.user.com/static/bundles/register.108ea992805e5bde7950.js(Line 83)
Message:
WebSocket connection to 'wss://app.user.com/ws/notifier/' failed: Error during WebSocket handshake: Unexpected response code: 403
network error
Message:
A bad HTTP response code (404) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.user.com
app.userengage.com
eu.user.com
fonts.gstatic.com
media.user.com
saracens.user.com
stats.g.doubleclick.net
support.user.com
widget.user.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.gstatic.com
2606:4700:10::6816:225c
2606:4700:10::6816:235c
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c06::9a
51.77.134.128
51.91.31.155
04d78463cf4723de521f395d5d92c12f024f1e9a54d7f51c54f5707f2e48290a
0683fde7e2c1a18951d0f021fb41e7e1272f0db3c3ccc09bad1e5ea14901fcd6
087ad01ffaf62e7b8ecee1bd1e1ea770399c8fc82900d1e7db134e5baf825c0f
0d61c57bde3f660da118a57c4735e5c7f57eba44360ad3762b1ecf8e90580422
0ea7ce1e931e4a36837547d8345a25dedb0787fcebc2618e4d5ab7632a3a4c7e
15e32f1bc2eabf6fd4debc83efb6f541f88cc06bc337369887f652f2e55750a5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
261309ceffc979001b24208e04e874770fcce7345e4fdc032904411d72f6e697
2a337c6cc0cb114b85cdb50d103a5a85d403acd211e8d8483dde969bb733c4c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4f92f8cbab3fc60931d9f139b23d0eb5e0ddb984f06b98518cf3f5b9acbea36a
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
5323b169dbd28eb5b59d68445117d5d12c0151f2d5328f66862493c81d24e26d
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
559dcc6534d186ac36874cfd100ad8a8f90d37426726a2cdf841a3693190cec2
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6edfd25429478d698a018807461c27cf992cd8399343c6382b826f0a5d19663c
718234eb0579c11106768470e0f25aabdd8db0bf0bb680e782a5453b8c840491
71e5d21306f2d95b87d285272c40301a5bb47ae155e0cd2cc905547a1efdab3f
74961fc41ae2f2e10769248c941a08007e65a55ab55f3e5170f1dadf55d6a5da
7fb5f77e6152d0fc6ec16f1485caa258752fa76d50f388692d9be5e68f9e8966
86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308
8664750d53294ba33a53d874c420f57a4e9829c5b03641c9af32ca19d8faf507
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8942298c544bc1e56a4b9e5bfb7b6cab33a5f263ac58b82aecaf123e2c145f9b
8fb752f15400278cb9c30cbc037bad718a37d44818e4df1f4e37b7c865dee4e0
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a32b4ca1e34bfa24a5b8930556e6b7a0e2a8bb813a30b3e29c1224025b63a32b
a9827970afe1b4450447c674d067c9d89ca4cbf53a2e6236b3e69fe71f99a54d
ab32c69525b48c0351b06e0201998e0ba25f6e418a6d30106fde65139e354bd3
b1fd38fc3eedf82b1a61a1225d6469833f5a2775db377bf69d8b77e47e8c7250
b76477c99b2b45f0c86a3c4e91228223381e63c4eb76915ae5531e1ce0d2ded8
c72942c566e907d892ed337f47c5a8c5c737aeb6242a16a79fb3ee3fe481ee11
d1863f071d57d05e1a2cc6e94e4afc669e2ce88c059cd9f5d4e9b3c286cda28b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e241574659bb6199759491dae281945963c66eb0e5ec697a6ab322c1510026
e8ab247afd9eec35ab1a0446618acf3d5a3037a970beb8a058ef0d4ca76993b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa6e0f96a2c84345ec05c19f4ea9f84bdb92f7ab0476786d3d1858a82e56835c