userscloud.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://userscloud.com/tw5traue8wap
Submission: On October 25 via manual (October 25th 2023, 2:06:15 am UTC) from PL — Scanned from CH

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 71 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is userscloud.com. The Cisco Umbrella rank of the primary domain is 921961.
TLS certificate: Issued by E1 on September 1st 2023. Valid for: 3 months.

This is the only time userscloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2011	15169 (GOOGLE) (GOOGLE)
6	172.64.97.14 172.64.97.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.245.86.27 18.245.86.27	16509 (AMAZON-02) (AMAZON-02)
5	104.21.80.206 104.21.80.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:4001:82b::200d	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20e... 2600:9000:20eb:7600:19:5116:63c0:21	16509 (AMAZON-02) (AMAZON-02)
71	18

13 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

userscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.97.14 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.245.86.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-27.fra60.r.cloudfront.net

rerpartmentm.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.21.80.206 (None, )

ASN13335 (CLOUDFLARENET, US)

twrencesprin.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200d (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:7600:19:5116:63c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1f7vr2umogk27.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	google.com 4 redirects docs.google.com — Cisco Umbrella Rank: 141 apis.google.com — Cisco Umbrella Rank: 125 play.google.com — Cisco Umbrella Rank: 37 accounts.google.com — Cisco Umbrella Rank: 32	230 KB
13	userscloud.com userscloud.com — Cisco Umbrella Rank: 921961	268 KB
7	rerpartmentm.info rerpartmentm.info	9 KB
6	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 25650	302 KB
5	twrencesprin.info twrencesprin.info	2 KB
4	gstatic.com www.gstatic.com ssl.gstatic.com	969 KB
3	cloudfront.net d1f7vr2umogk27.cloudfront.net	2 KB
3	googleapis.com content.googleapis.com — Cisco Umbrella Rank: 2269	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	253 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 508
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	91 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	7 KB
71	13

	Domain	Requested by
13	userscloud.com	userscloud.com static.cloudflareinsights.com
9	docs.google.com	userscloud.com docs.google.com www.gstatic.com
8	play.google.com	www.gstatic.com
7	rerpartmentm.info	userscloud.com
6	accounts.google.com	4 redirects
6	pogothere.xyz	userscloud.com
5	twrencesprin.info
4	apis.google.com	docs.google.com apis.google.com content.googleapis.com
3	d1f7vr2umogk27.cloudfront.net	rerpartmentm.info
3	content.googleapis.com	apis.google.com
3	www.gstatic.com	docs.google.com www.gstatic.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.facebook.com
1	csp.withgoogle.com	userscloud.com
1	ssl.gstatic.com	www.gstatic.com
1	www.googletagmanager.com	userscloud.com
1	static.cloudflareinsights.com	userscloud.com
71	17

This site contains no links.

Subject Issuer	Validity	Valid
userscloud.com E1	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
rerpartmentm.info Amazon RSA 2048 M01	`2023-10-12` - `2024-11-09`	a year	crt.sh
twrencesprin.info E1	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2023-11-01`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://userscloud.com/tw5traue8wap
Frame ID: D4EB6E48739AA3F1036D1B04BF8B6E2E
Requests: 34 HTTP requests in this frame

Frame: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true
Frame ID: 28A502D8593DD51F8F53BAF0873AEA9E
Requests: 22 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__
Frame ID: CC05384E33695C1A3DB62FAFBB31208C
Requests: 6 HTTP requests in this frame

Frame: https://rerpartmentm.info/YW1scWgADw8cVwBQDlcdEwFRVFonSF43DFALWwcaUxgBHg8KX1tfCw0CGRUOEwICBUYPCBhUWicdCBsyLAw5Bj42PiUhCxYnCjouM1s+FjJEXyomMAk8NDVQJiQLKCQxBCEZJCdUVDAAUSA4NR8TJAAzKy8KXQk6IywLMisoPy9DBywkBCQkBzhUBS0NPxQpPw4uPhglIg4+HSovPAMYKiQkAzYRDTw9CFk0JD4dJSs8ORYuGSNJQyotXgAoKgwBDhcuVC8mIAsOKjk0TVMrODldJjooGSUHBjU5DiQJVCQfNCI4OV0mPD8kIAQGJSUOGBkcIyk4XTRCAAcoX1xdOyE9Ky8oLBtGLVA8AjAsCTkuMBgCC1w0MQdcVQE6IDcHMAEwLjsIKiwLBiQ8BwEHFiBQXRwlIFQqOSIDKicUGg4AOxhJLjdZSUMqIwQpJS1SWRoVLVk0CjQMVT89RFkzXhg0LVJYNiEQBTwgIxsNOBsgIzklVTMvKVQKEA8sIQogTgseAx8YXB8mHDIIXQcgEhsdLh8
Frame ID: A66EEFD26E31BEFEC2F27EEBA2CC779D
Requests: 2 HTTP requests in this frame

Frame: https://rerpartmentm.info/eERaaWkZJjkEVhl5OE8cCihnTFs+YWgvDUkibR8bSjE3Bg4Tdm1HChQrLw0PCis0HUcWIS5MWz4KDD4vDicgOFs8Ix8/KgEBEypZTAAAPwUeFj0zEzs8LQo+ERI5KitNHAMDGksUHCQhPwULUC0sMxU6OBwLFz8RHBIMDlk8MzImLBIFCi0sTAI5Hig0AQsFASo8KS0+AnE5KCgqChQOURwGaygHOgExLj8vIxcoKBQgFThZNxI9MD0uARwtLC8gCDseKiAVHjw5Bh8NHi11Yg04MAYOMVkxAT9YLzMVEjMeLXViLDEsMAI+WCEMHFk7HBVqEQMuEXczPjopDyghDwoDJCshDx8/UUACDxkrGykYOj4+dBIwWSogCxEeXXYYKjsLIQ0hKywIHDAuIhVqLi4+Ai08WEARDz0wMwUcBjsidR8kLkgdbC0oCBMYASciEjZZLB11DAo6D3VtPwVJExgEPCsAMj8/MjMyIjggDj08BRAgGFsnMAMxXS9eLikGBwh5PQQKTx4CJg4qPTEnUBEr
Frame ID: 227E9EB6BC2DC2B7484E898A1BF43D05
Requests: 2 HTTP requests in this frame

Frame: https://rerpartmentm.info/ajlVUUwLWzY8cwsEN3c5GFVodH4sHGcXKFtfYic+WEw4PisBC2J/LwZWIDUqGFY7JWIEXCF0fiwLMDsCIW8vFBYyegQpCA0MNB0hBXMGJhoQYBQbLz1tPmUUHVYaEg0kaAFjBV94PhcFMwsiOx8SDRo0BCxdEmB8Hlg9MioyajkgDSxBBh0mP3QBORlPCxcbfV5rETgZDWoXPSglehsHDyxjJhggKHENOBkebhcLKiEKHBUcK2M+CzQ4cBRjBQ1uFwMUIGoXEhQdf2MeGTxfFAk8B3gDAAgICwcrFB1/YxgKDWwXCXkTeD82Gw9+MRsYK10/MiskcgA7YQVXDQN1L3UvBy0vCTEnFjJdBRAEWwwUOjs9XBIyFi9vJnR+KHY5YCoraDkoDVpJMxg2EmwNJgpcdBMAFj16A3R+KH8QNgghbWwVCjwNIzIrJwEWYgJfeAMABA9ubRgaK2thMiskcgQSPxJsFDktCAsDYhgde2w0HSB0EwV1G3gUdyYZVjshcShtNGQdGWwlYxw
Frame ID: ED6A10120B9019007F56196F8A10FA40
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Userscloud

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

94 %
HTTPS

82 %
IPv6

13
Domains

17
Subdomains

18
IPs

3
Countries

1879 kB
Transfer

4167 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyymWew54UANYUZZqcpqqdcot8dqR32JJh-LoQV_wBeJP35geyS9JmLVcN0qDI90koRmmv-22Q HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxN2pESTrBogL-pzRWuzIZK_IGV3lDEDL5Y7ljNco_nlJQElq7MomYjrOPLFlm24Vlj1Bh1MA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1627238499%3A1698199570701948&theme=glif

Request Chain 56

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyz8e171HgiqQNzIzkz2zZho4BwLdjN3s9Bu4AMDyn1-AMBeq3Le_CMFVFiZN2yzsl4lvAiofg HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxHY5vFPH5CD_WLb00j8KmFB8qIxqaTrnK9Gw4CAuo23ldj_EcsEKjkf_UqIktixGVf14J9ig&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1309185581%3A1698199570788934&theme=glif

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request tw5traue8wap Show response
userscloud.com/ 461 KB
101 KB 236ms
143ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/tw5traue8wap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8e4a848d90a917020b4a71278f84d797fd1ff3cb87a0d0adc68c87e89613461

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81b6e60baea30404-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 02:06:09 GMT
expires: Tue, 24 Oct 2023 02:06:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFPwgY3jqBYI5Jls4r1EqFAEfttrVG0cDk25jOIBsyRlxmIOBdBWw%2FtPdOtOLreud6RNck8XWQSM01%2BN54w%2FYUGmMQ1PUH%2BkRqZ5K8rCtlEXOBA9Pwh%2F8%2BwKHdSmRa3L7VXIrIwKxtK%2BrrPdNw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 font-awesome.min.css
userscloud.com/uc/vendor/ 23 KB
6 KB 44ms
43ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/tw5traue8wap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1346245
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:50:50 GMT
server: cloudflare
etag: W/"5ff0965a-5c79"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ND2nSmbDDpwVfRD2umd86cAVy%2BqTuxhF%2FPfSUmG2GEdyw%2B0KdQR2RfGjcepMfrY7ru8TG%2BoFSRZrVCqN%2B8fZu%2F9Re85X5%2BR2r1mvKbTvYlYTbCd5JtSAoKJa6SipPcgMd9nRoN5Kri02HqrqLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 81b6e60caf380404-FRA
access-control-allow-headers: X-Requested-With
expires: Wed, 08 Nov 2023 12:08:44 GMT

GET
H2 200 bootstrap.css
userscloud.com/css/vendor/ 110 KB
20 KB 48ms
47ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/vendor/bootstrap.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/tw5traue8wap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 741752
cf-polished: origSize=113031
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:12:22 GMT
server: cloudflare
etag: W/"591db9d6-1b987"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDe43hSc%2BgC6ccfmEoXgISYc9iLkBt1RehaNlOKWmF7jCWNkjjSduKLAI8aq63VOmxiGEin5At2i%2FlFWcgQ0Kq0fFskHURrj5%2Bl4X7CQZNmp1LUMOu7DLquiWUTUHiozIb2vBo1fPgJpyQYgPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 81b6e60caf390404-FRA
access-control-allow-headers: X-Requested-With
expires: Wed, 15 Nov 2023 12:03:37 GMT

GET
H2 200 essentials.css
userscloud.com/css/app/ 46 KB
8 KB 45ms
44ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/essentials.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/tw5traue8wap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1346270
cf-polished: origSize=47095
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:13:10 GMT
server: cloudflare
etag: W/"591dba06-b7f7"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ursh%2B4qnyGV0ZxCSXDfrIXP3QyqL%2BDuYvxmasDuYS7wsxUHTR9lSeNLl1VfCXoxUDW9t%2Fayd6LvJOZNGTXzW7KOzz%2BeK%2FzprOhGGMK9xM4AzAgVpyHDOGtdDPe%2BvDGlplTzc6UUUhTelB5CAXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 81b6e60caf3a0404-FRA
access-control-allow-headers: X-Requested-With
expires: Wed, 08 Nov 2023 12:08:19 GMT

GET
H2 200 layout.min.css
userscloud.com/css/app/ 6 KB
2 KB 47ms
46ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/layout.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/tw5traue8wap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1346245
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:52:04 GMT
server: cloudflare
etag: W/"5ff096a4-17d9"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GY5DGVfTiU5V1q4RP62GCm4zRIJRlSzSNSX%2BxikOyevnLDqwJZh4X53tXuTaDFxg6dE7glgJcXaXkMAXsMmiRur6j2NIn5Oq0L67e%2FFsfFLQIYLXtI0PjAwm73I9neszd92Um18HDjv5OhcUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 81b6e60caf3c0404-FRA
access-control-allow-headers: X-Requested-With
expires: Wed, 08 Nov 2023 12:08:44 GMT

GET
H2 200 navbar.css
userscloud.com/css/app/ 21 KB
4 KB 46ms
45ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/navbar.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/tw5traue8wap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1379905
cf-polished: origSize=21572
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:14:54 GMT
server: cloudflare
etag: W/"591dba6e-5444"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfyxRy3Ea%2BmxX7dMmzaGNEXoQWQSf98o4QBeBaNj4tECRO6nMj2RYjBUXJNFxMlTJ3VhINFX7OvJk84HtH00cQthOzOcQjjj59MsEWen8f09wNXsgYEdwL5lAyD2%2FGH6uck%2BnzSINLGbWsqveA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 81b6e60caf3d0404-FRA
access-control-allow-headers: X-Requested-With
expires: Wed, 08 Nov 2023 02:47:44 GMT

GET
H3 200 logo_s.jpg
userscloud.com/images/ 2 KB
2 KB 41ms
41ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://userscloud.com/images/logo_s.jpg
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/tw5traue8wap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2232280
alt-svc: h3=":443"; ma=86400
content-length: 1624
last-modified: Thu, 17 Dec 2020 16:14:49 GMT
server: cloudflare
etag: "5fdb83f9-658"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dchQVBHtFNo49wTNMy%2F7v13YoQ2SgGaS5RpXvxTcpewNSlQmuCPZHe4TCFZNgxPAyNi6peOjAzM4FxckGG8Eghefl5%2B24tORCyemQzHYMUxCZh9Cg5BymyD7JJ7T1BvbErs07Crga8q492NszQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 81b6e60cff4918d7-FRA
access-control-allow-headers: X-Requested-With
priority: u=3,i
expires: Sun, 29 Oct 2023 06:01:29 GMT

GET
H2 200 gview Show response
docs.google.com/ Frame 28A5 9 KB
4 KB 321ms
259ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true

Requested by

Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

acc87fce9e7ed71066a70abd270ba0734b024b3dc440876a7b00e750b3c82d15

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-okZGwfejXPtee-78sJvcKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-okZGwfejXPtee-78sJvcKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
date: Wed, 25 Oct 2023 02:06:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rocket-loader.min.js Show response
userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 36ms
35ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/tw5traue8wap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Oct 2023 18:17:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6532c42f-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKgZDfCgnk8i1qJ%2BicXFBMmndlYy8y9fCYddzezdP2cMfWJa8PdpWHzeiN%2F2Y5%2BC5ZcS0fd99V11ob60qG0OitF4orsPNhILqPuz0je9ZJ0GvSnptqKe9DQcePR%2BwLj5U7VZhv1XERoo8qld1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 81b6e60d1f4e18d7-FRA
expires: Fri, 27 Oct 2023 02:06:09 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 145ms
66ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://userscloud.com/
Origin: https://userscloud.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 81b6e60d9f279238-FRA

GET
H3 200 fontawesome-webfont.woff2
userscloud.com/uc/fonts/ 55 KB
56 KB 42ms
42ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: userscloud.com
URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://userscloud.com/uc/vendor/font-awesome.min.css
Origin: https://userscloud.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155254
alt-svc: h3=":443"; ma=86400
content-length: 56780
last-modified: Mon, 14 Dec 2020 20:14:38 GMT
server: cloudflare
etag: "5fd7c7ae-ddcc"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2B3dCmXSCoDiuMNgPLrzO2Xxrul%2B8rLPLnWCTOqwcJj8jWUXgcvkZlRNe4H%2Fls%2BH8B%2FvRX1d5n%2BN7G9joxLDHrgfT8LDDMA0xu7gEeCaw0sOLo8X0uaS6WWpuZlR9WurmCH%2Fhoyy9awibeNQOA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 81b6e60d3f6718d7-FRA
access-control-allow-headers: X-Requested-With
priority: u=0,i=?0
expires: Wed, 22 Nov 2023 06:58:35 GMT

GET
H3 200 jquery.nicescroll.js Show response
userscloud.com/assets/vendor/core/ 72 KB
19 KB 89ms
89ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/vendor/core/jquery.nicescroll.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc9042d6e57da51821acd007645a5269b176f61c9d35146966f971edba08396

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/tw5traue8wap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 669093
cf-polished: origSize=115828
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 19 Jul 2023 07:57:30 GMT
server: cloudflare
etag: W/"64b7976a-1c474"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2UDW6xXnP2XSNe9wSANJ%2Bf7fRLglIouvROqPtUc2Vr80UPCZOOhiCv7d1G3gUOUB9tY%2FDNRgS4ijlVbyiBCOGsnfZ0YUuWNZWerLgvlmZFCb6l7%2FETipzm3G1gFWWJcRzNE%2BlfpxzcTXPq6SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 81b6e60d5f7218d7-FRA
access-control-allow-headers: X-Requested-With
priority: u=1,i=?0
expires: Thu, 16 Nov 2023 08:14:36 GMT

GET
H3 200 bootstrap.js Show response
userscloud.com/assets/vendor/core/ 45 KB
12 KB 91ms
90ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/vendor/core/bootstrap.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 567795e373535ee36eaa0805687b1ba40b46c192cba6c56d83767f320bf14c2c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/tw5traue8wap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 669093
cf-polished: origSize=67546
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 19 Jul 2023 07:57:21 GMT
server: cloudflare
etag: W/"64b79761-107da"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hpqh0KqJYJHJuyHwHqADEFwazMplifwnZRLIwJr6%2Fgwatvsup55fH%2FtJjYBQM79FL09%2BwIEj4CXuPuHpeYLGom%2BQBXdTny9aaeprmt4iPg0mMM0fXzJl00jLJzxHmiOPHpeqRiM2qirD5hU8JA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 81b6e60d5f7318d7-FRA
access-control-allow-headers: X-Requested-With
priority: u=1,i=?0
expires: Thu, 16 Nov 2023 08:14:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 88ms
37ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M73M877RTL

Requested by

Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94a31fa8323ddb1c7e4c85b668780bc2778f288de43143b476c6ea7528c3e42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93022
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 02:06:09 GMT

GET
H3 200 jquery.min.js Show response
userscloud.com/assets/library/jquery/ 91 KB
34 KB 90ms
89ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/library/jquery/jquery.min.js?v=v2.0.0-rc8&sv=v0.0.1.2
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/tw5traue8wap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2231810
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 25 May 2014 12:12:31 GMT
server: cloudflare
etag: W/"5381de2f-16b88"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pj4VRh%2FfUheAzjVpciUHg0bPHNFw%2Fn8cpEbUMy8eaFFj%2BWdRKlseVgmYUYhyOj8HY8XoZzZ2WsyByrbHPvENKX6ZKNCMKyPiVH8lXhX%2B60ZM4vDuxSb2AUUNpzvR%2FgqqyKYjESRyPrQmXWPcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 81b6e60d5f7618d7-FRA
access-control-allow-headers: X-Requested-With
priority: u=1,i=?0
expires: Sun, 29 Oct 2023 06:09:19 GMT

GET
H2 200 rs=AC2dHMJqaN5GgpkDMIWPpwlwhS6Zs1eleA
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.MDzWJslY5F8.L.W.O/d=0/ Frame 28A5 422 KB
423 KB 74ms
22ms Stylesheet
text/css 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.MDzWJslY5F8.L.W.O/d=0/rs=AC2dHMJqaN5GgpkDMIWPpwlwhS6Zs1eleA

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

858be7e30120552c4ec02bf160519aab3017234dbc89c9b0c8642df6e2ec7175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 05:38:05 GMT
x-content-type-options: nosniff
age: 73684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 432343
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 01:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Oct 2024 05:38:05 GMT

GET
H2 200 thumb
docs.google.com/viewerng/ Frame 28A5 25 KB
26 KB 79ms
78ms Image
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.google.com/viewerng/thumb?ds=AON1mFy7EO4nsIF7GgZ6_WLjf5_H0ByCzyMbI7A7U_IRlFD7HA-jfGXFGb_SyRcUPxpJ0F-g0jbocZYLtzVZAdvk9TW3c3jrUrTRecqwM3wepQGTyh6vA09GT9zt96s-XYu96Q3IxJfqTHAiU33tP1UzGFzZbBcGHJjxE0-NFr4RF1mTBcK1QN7rRMgdpz6QAv-XF_Q0CqPng5vSLUEVI5GAdG-L7HYL5tBIrR1FNBLBcrYSdZ8PRYuTs50NbOQut8OlT_PVRELQplJXfOgATXIMPJSkzDkNFs8KcZaVIYka0RttMFPKsLFRORrEz_IO3EhobZOFvXiLKR1E4aSM0sy8Jf6fxb2wiye2xtz6wTjaCogoSOetjww%3D&ck=lantern&authuser&w=800&webp=true&p=proj

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7a4520fdf8720501b4e8aa68407c42973a4e894f6d4d2d69df5a0dfa63a42d8e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kQjfZa3pP7jcgjb17ZseMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:09 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-kQjfZa3pP7jcgjb17ZseMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Wed, 25 Oct 2023 02:06:09 GMT

GET
H2 200 m=main Show response
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/ Frame 28A5 1 MB
463 KB 171ms
120ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38bb8de9189003e6eddb162ebb55813c5bd57abd7cafee24c67fcda29b0cc1a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 21:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 474093
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 07:02:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 21:01:24 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ Frame 28A5 18 KB
7 KB 82ms
30ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c91768ddd242fe465fd233dc5166c4810ae9f8740d3b1ac389cffd283503bd1e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 02:06:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7115
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "bbaa33c2b5cbc5af"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:06:09 GMT

POST
H2 404 cspreport
docs.google.com/ Frame 28A5 141 B
347 B 147ms
147ms Other
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/cspreport

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zPp2LHIO-Tl-DaXZjTFeqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: script-src 'report-sample' 'nonce-zPp2LHIO-Tl-DaXZjTFeqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 02:06:09 GMT
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Wed, 25 Oct 2023 02:06:09 GMT

POST
H2 404 cspreport
docs.google.com/ Frame 28A5 141 B
595 B 146ms
146ms Other
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/cspreport

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a, script-src 'report-sample' 'nonce-tMkYjkBMRjkdjplLzIlNQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a, script-src 'report-sample' 'nonce-tMkYjkBMRjkdjplLzIlNQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 02:06:09 GMT
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Wed, 25 Oct 2023 02:06:09 GMT

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ Frame 28A5 99 KB
35 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ab2705651388b99d1cfe39b77b34ed19d24c49759803695b4e117261b7296d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 01:19:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35048
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:47:15 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 02:09:35 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 80ms
28ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 25 Oct 2023 02:06:10 GMT
expires: Wed, 25 Oct 2023 02:06:10 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 50ms
29ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 25 Oct 2023 02:06:10 GMT
expires: Wed, 25 Oct 2023 02:06:10 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/ Frame 28A5 316 KB
108 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfa3bceb249c735a7936c072cc3937fc8c8169c8f58c9f1fdcadf5f7d43d471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110385
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 09:55:05 GMT

POST
H3 200 log Show response
play.google.com/ Frame 28A5 131 B
155 B 102ms
53ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 02:06:10 GMT

GET
H2 200 v-sprite54.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 28A5 113 KB
48 KB 76ms
22ms Image
image/svg+xml 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite54.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.MDzWJslY5F8.L.W.O/d=0/rs=AC2dHMJqaN5GgpkDMIWPpwlwhS6Zs1eleA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64db3530653f3c614e2ef2daa616a5ab601c0cd3201b01f8b7842a0e666cbde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49026
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 18:18:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Fri, 18 Oct 2024 10:28:03 GMT

GET
H3 200 meta Show response
docs.google.com/viewerng/ Frame 28A5 36 B
85 B 48ms
47ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/meta?id=ACFrOgBgnELt-PXPqyn6BDn5rWTd09QsksONP95aHvUo0FTtH169A1THCAdsf3c2LpyjF4Py_sTTBaWU-KKWGyDn2FH4w_1G9PQ-TXlv2HnQtquS7z1oXmFxJ9UXs7PQFvJJ2NsKyYnsBgtb06H_

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

450f6ca98d98ad460909a056162d17b1e267d3251c1a4150d79c879d2fcc3304

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7b2y1HSxxGx1OlUIX_xJVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 02:06:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-7b2y1HSxxGx1OlUIX_xJVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
content-encoding: gzip
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame 28A5 131 B
155 B 107ms
58ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 02:06:10 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame CC05 382 B
1 KB 88ms
30ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83446b47c017ee3f2c61ecb05f2b6034f74b40af4d9ec7a2de9f767dc2322092

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-ABJ9JZYEnIy6xXB7-zxF6g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 273
content-security-policy: script-src 'nonce-ABJ9JZYEnIy6xXB7-zxF6g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 02:06:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 24 Oct 2023 06:08:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 28A5 25 KB
25 KB 94ms
93ms XHR
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/img?id=ACFrOgBgnELt-PXPqyn6BDn5rWTd09QsksONP95aHvUo0FTtH169A1THCAdsf3c2LpyjF4Py_sTTBaWU-KKWGyDn2FH4w_1G9PQ-TXlv2HnQtquS7z1oXmFxJ9UXs7PQFvJJ2NsKyYnsBgtb06H_&page=0&w=800&webp=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7a4520fdf8720501b4e8aa68407c42973a4e894f6d4d2d69df5a0dfa63a42d8e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hO9nL26LVgqWYGGHJh_jPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 02:06:10 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-hO9nL26LVgqWYGGHJh_jPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 28A5 3 KB
1 KB 92ms
91ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/presspage?id=ACFrOgBgnELt-PXPqyn6BDn5rWTd09QsksONP95aHvUo0FTtH169A1THCAdsf3c2LpyjF4Py_sTTBaWU-KKWGyDn2FH4w_1G9PQ-TXlv2HnQtquS7z1oXmFxJ9UXs7PQFvJJ2NsKyYnsBgtb06H_&page=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cdd2c1b6dde1ddb4f587bcf798840bb4c9b9f800333281e6779afa089ae11bbf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bUGzCLRb3k3pm3f25Rzk4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 02:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-bUGzCLRb3k3pm3f25Rzk4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 28A5 20 KB
20 KB 82ms
82ms XHR
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ddf2b4d09ace7738578ae795b7bb3458021f9bc4942beb74477db69fc2ac4fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D3LqxVuID3p3Jd39B7AcDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 02:06:10 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-D3LqxVuID3p3Jd39B7AcDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 28A5 2 KB
683 B 56ms
56ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3bbebc35323fe67072612fa89e324b4d8c7ebdcd809f845a01bc5172e3dd72eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UND9F6ur7tAjmRFB9qe1lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 02:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-UND9F6ur7tAjmRFB9qe1lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 apiserving
csp.withgoogle.com/csp/ Frame CC05 0
0 101ms
43ms Other
text/html 2a00:1450:4001:803::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/apiserving
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://content.googleapis.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame CC05 18 KB
7 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b093037c5b94003859b96af6b27c8ba17832cfc8943b7511b905b571e78723

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 02:06:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7116
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "23edfa0f3c3c3329"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 02:06:10 GMT

GET
BLOB 200
OK b9e2b62b-02b3-4b7d-911b-7f496dd1f9f6
https://docs.google.com/ Frame 28A5 20 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/b9e2b62b-02b3-4b7d-911b-7f496dd1f9f6
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ddf2b4d09ace7738578ae795b7bb3458021f9bc4942beb74477db69fc2ac4fc

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 20452
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 28A5 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 33ms
32ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 25 Oct 2023 02:06:10 GMT
expires: Wed, 25 Oct 2023 02:06:10 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 28A5 131 B
155 B 53ms
51ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 02:06:10 GMT

GET
BLOB 200
OK 9b00c50f-ce76-408f-8f91-38c7b07333f3
https://docs.google.com/ Frame 28A5 25 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/9b00c50f-ce76-408f-8f91-38c7b07333f3
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a4520fdf8720501b4e8aa68407c42973a4e894f6d4d2d69df5a0dfa63a42d8e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 25942
Content-Type: image/png

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/ Frame CC05 77 KB
27 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f867efe89de2acc7f60da32733292e8c8ea157c6e64dd7a7434c6eb4955475f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27761
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 09:55:06 GMT

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 98ms
36ms Fetch
binary/octet-stream 172.64.97.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.97.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 191
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 25 Oct 2023 02:02:59 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfwaCX3yTJ9yOj1BAdsPJaYTwH7QLIBwcktcoTvYj%2BQF9xqO1Nzrcnv7qgrIxmPetDFOz9aa0NXjeSGLM6mZPtVyxaBnWpeWR0lPrqdRUUnDSLTAlvHeR9f5Mgg%2Fec%2BA"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 81b6e613be32924f-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 24 B
350 B 197ms
135ms Fetch
text/plain 172.64.97.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.97.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 906d4945ce7e031fceb77d51b9790e92fa751b6beab3f2cfadb62ccfe1f7d876

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BiekHFsD%2F1%2FVnyXAbHyMj7ALw6QBWcKH7Np2Xz14Zx33U1B44L4nVJwOwMIxU8UdbNe%2BypXBa%2BQQgfi1cZx0MqEZ1MxuZIZeyeWptkaC9XooF8ai1v%2Bsw5KPMIPK6zQS"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 81b6e613ce33924f-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
rerpartmentm.info/ 0
539 B 191ms
118ms XHR
text/plain 18.245.86.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rerpartmentm.info/utx?cb=9yG5a2xhBFy4&top=userscloud.com&tid=600304
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-27.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 02:06:10 GMT
via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: dIukfPD7WWJqtGnRfv_iN7KbmgrWipB2RK-QgXOFbZXPiTU9Rlw1Yw==

GET
H2 200 YW1scWgADw8cVwBQDlcdEwFRVFonSF43DFALWwcaUxgBHg8KX1tfCw0CGRUOEwICBUYPCBhUWicdCBsyLAw5Bj42PiUhCxYnCjouM1s+FjJEXyomMAk8NDVQJiQLKCQxBCEZJCdUVDAAUSA4NR8TJAAzKy8KXQk6IywLMisoPy9DBywkBCQkBzhUBS0NPxQpPw4uP... Show response
rerpartmentm.info/ Frame A66E 3 KB
2 KB 147ms
118ms Document
text/html 18.245.86.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rerpartmentm.info/YW1scWgADw8cVwBQDlcdEwFRVFonSF43DFALWwcaUxgBHg8KX1tfCw0CGRUOEwICBUYPCBhUWicdCBsyLAw5Bj42PiUhCxYnCjouM1s+FjJEXyomMAk8NDVQJiQLKCQxBCEZJCdUVDAAUSA4NR8TJAAzKy8KXQk6IywLMisoPy9DBywkBCQkBzhUBS0NPxQpPw4uPhglIg4+HSovPAMYKiQkAzYRDTw9CFk0JD4dJSs8ORYuGSNJQyotXgAoKgwBDhcuVC8mIAsOKjk0TVMrODldJjooGSUHBjU5DiQJVCQfNCI4OV0mPD8kIAQGJSUOGBkcIyk4XTRCAAcoX1xdOyE9Ky8oLBtGLVA8AjAsCTkuMBgCC1w0MQdcVQE6IDcHMAEwLjsIKiwLBiQ8BwEHFiBQXRwlIFQqOSIDKicUGg4AOxhJLjdZSUMqIwQpJS1SWRoVLVk0CjQMVT89RFkzXhg0LVJYNiEQBTwgIxsNOBsgIzklVTMvKVQKEA8sIQogTgseAx8YXB8mHDIIXQcgEhsdLh8
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-27.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 890daf078ef97fd1e219387038df504f418bb59a66d0909b61699e92eaae9422

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1238
content-type: text/html
date: Wed, 25 Oct 2023 02:06:10 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-cf-id: kpXyek895k0V50al-kcdNNOoBxewXY86b-LJZpfYMOhhbYZCmjzTJQ==
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 84ms
82ms Fetch
binary/octet-stream 172.64.97.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.97.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 191
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 25 Oct 2023 02:02:59 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeSu%2FflEB7ZzBwbzThbS%2FjsNauyqKH3gWtRM2h%2F7I7VrGFGYp6QW5YA25KR1Cbx99mveyBRSVPCXXKC4Jjt87ChDz96%2FfRhL0huh6Li%2B5mcinEqmZhBnmfh6HPgCuhjr"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 81b6e613ce35924f-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
371 B 137ms
135ms Fetch
text/plain 172.64.97.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.97.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 440d3c955b969a920a70b46a0a493e01a19aa1c4c60375d25ef5f826676ca21b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BeE6s1G%2BZnJOjo9cJRE4VwS%2Bmb9N0ecHREGx5TBhR4mAGieJIhksX%2BQFqttAQw71hZ5lyTLLLat0L1c7G9dic8IDPxidmbPqNWCFqsN2TbaGkbUt%2FdHFh48qi%2BFhY1P"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 81b6e613ce34924f-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
rerpartmentm.info/ 0
537 B 140ms
125ms XHR
text/plain 18.245.86.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rerpartmentm.info/utx?cb=lS1JMssqlHmr&top=userscloud.com&tid=708052
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-27.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 02:06:10 GMT
via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: cmqkE6Hv7_iS9mW8IZQW9wvC0Re4ggu3Go8bVIRXMKyg6sQ-eoQFYg==

GET
H2 200 MjMyIjggDj08BRAgGFsnMAMxXS9eLikGBwh5PQQKTx4CJg4qPTEnUBEr Show response
rerpartmentm.info/eERaaWkZJjkEVhl5OE8cCihnTFs+YWgvDUkibR8bSjE3Bg4Tdm1HChQrLw0PCis0HUcWIS5MWz4KDD4vDicgOFs8Ix8/KgEBEypZTAAAPwUeFj0zEzs8LQo+ERI5KitNHAMDGksUHCQhPwULUC0sMxU6OBwLFz8RHBIMDlk8MzImLBIFCi0... Frame 227E 3 KB
2 KB 127ms
124ms Document
text/html 18.245.86.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rerpartmentm.info/eERaaWkZJjkEVhl5OE8cCihnTFs+YWgvDUkibR8bSjE3Bg4Tdm1HChQrLw0PCis0HUcWIS5MWz4KDD4vDicgOFs8Ix8/KgEBEypZTAAAPwUeFj0zEzs8LQo+ERI5KitNHAMDGksUHCQhPwULUC0sMxU6OBwLFz8RHBIMDlk8MzImLBIFCi0sTAI5Hig0AQsFASo8KS0+AnE5KCgqChQOURwGaygHOgExLj8vIxcoKBQgFThZNxI9MD0uARwtLC8gCDseKiAVHjw5Bh8NHi11Yg04MAYOMVkxAT9YLzMVEjMeLXViLDEsMAI+WCEMHFk7HBVqEQMuEXczPjopDyghDwoDJCshDx8/UUACDxkrGykYOj4+dBIwWSogCxEeXXYYKjsLIQ0hKywIHDAuIhVqLi4+Ai08WEARDz0wMwUcBjsidR8kLkgdbC0oCBMYASciEjZZLB11DAo6D3VtPwVJExgEPCsAMj8/MjMyIjggDj08BRAgGFsnMAMxXS9eLikGBwh5PQQKTx4CJg4qPTEnUBEr
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-27.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: c13071dd54bbca3461598834cbffe824b9c79bd269e79502e59a16fde7e486fd

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1238
content-type: text/html
date: Wed, 25 Oct 2023 02:06:10 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-cf-id: 9Ou9EC64xopNTWji_VxzqLKZJNHs7vlzJW5ppaOlyQWBreRLLZAZig==
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 62ms
61ms Fetch
binary/octet-stream 172.64.97.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.97.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 191
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 25 Oct 2023 02:02:59 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STodqMRhDWXdXFIigrT5ZO%2FVlOsrI%2BWtRdlmWiMoTAMhPo6y%2FvmDVgzKsS7bKgMxULHuc3RfXyPXEoVxhGvPzrnHyW5d%2BQH2GC53qfi92Gwwyd6%2B99zV1uQ3vECssTBH"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 81b6e613ee45924f-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
357 B 206ms
206ms Fetch
text/plain 172.64.97.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.97.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f7dad8e9fa4d24ea60d2e1e4483882a47bad0a9464f6721cc5d5aed93270916

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qU%2Bx2I1%2BaIIOVLXmoVYewM1JjD9kmdsadGCIDagAJsD%2Fu5jMfBGh7Zs3U%2BFH3O%2BZ4MCpq5SWM75ykJtYI8FRJoVyeRbWbnUvNe7Uz1n1%2FOj0egoxUx99AxWl2NC%2FaDNb"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 81b6e613ee46924f-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
rerpartmentm.info/ 0
537 B 206ms
206ms XHR
text/plain 18.245.86.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rerpartmentm.info/utx?cb=ezQGwEQVCP0X&top=userscloud.com&tid=816973
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-27.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 02:06:10 GMT
via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: fbiC3YpQtJC6v2Jbr7npIIXd9fbUUykxXfI15OdUt3m3NVE0iIqWmw==

GET
H2 200 MiskcgA7YQVXDQN1L3UvBy0vCTEnFjJdBRAEWwwUOjs9XBIyFi9vJnR+KHY5YCoraDkoDVpJMxg2EmwNJgpcdBMAFj16A3R+KH8QNgghbWwVCjwNIzIrJwEWYgJfeAMABA9ubRgaK2thMiskcgQSPxJsFDktCAsDYhgde2w0HSB0EwV1G3gUdyYZVjshcShtNGQdG... Show response
rerpartmentm.info/ajlVUUwLWzY8cwsEN3c5GFVodH4sHGcXKFtfYic+WEw4PisBC2J/LwZWIDUqGFY7JWIEXCF0fiwLMDsCIW8vFBYyegQpCA0MNB0hBXMGJhoQYBQbLz1tPmUUHVYaEg0kaAFjBV94PhcFMwsiOx8SDRo0BCxdEmB8Hlg9MioyajkgDSxBBh0... Frame ED6A 3 KB
2 KB 213ms
213ms Document
text/html 18.245.86.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rerpartmentm.info/ajlVUUwLWzY8cwsEN3c5GFVodH4sHGcXKFtfYic+WEw4PisBC2J/LwZWIDUqGFY7JWIEXCF0fiwLMDsCIW8vFBYyegQpCA0MNB0hBXMGJhoQYBQbLz1tPmUUHVYaEg0kaAFjBV94PhcFMwsiOx8SDRo0BCxdEmB8Hlg9MioyajkgDSxBBh0mP3QBORlPCxcbfV5rETgZDWoXPSglehsHDyxjJhggKHENOBkebhcLKiEKHBUcK2M+CzQ4cBRjBQ1uFwMUIGoXEhQdf2MeGTxfFAk8B3gDAAgICwcrFB1/YxgKDWwXCXkTeD82Gw9+MRsYK10/MiskcgA7YQVXDQN1L3UvBy0vCTEnFjJdBRAEWwwUOjs9XBIyFi9vJnR+KHY5YCoraDkoDVpJMxg2EmwNJgpcdBMAFj16A3R+KH8QNgghbWwVCjwNIzIrJwEWYgJfeAMABA9ubRgaK2thMiskcgQSPxJsFDktCAsDYhgde2w0HSB0EwV1G3gUdyYZVjshcShtNGQdGWwlYxw
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-27.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e20b8c71dad593bd74d819a44a7e6afbf5606f9460d2599ca0e15e97955a9d80

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1233
content-type: text/html
date: Wed, 25 Oct 2023 02:06:10 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
x-amz-cf-id: z4a1RjSh_xTOK5do6ulPOf1VaErhD4FzOl_O9YOTjpeByy1vkmSOkQ==
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront

GET
H2 204 cHJxMlVfTRJBaBM2OEsMQDg2cBQmJxJnNjgwQGAvITMCfgJDAVdGPBRPRwJlQ0JFFCUZFkwDcwMGEEYgA09AFDweFB4PcwZPQBxmRFxCBntAVAQPZFYGAVMyTUNXQiEEHkwDY0lKQAtsRUVBBmBE
twrencesprin.info/ 0
251 B 198ms
125ms Image
text/plain 104.21.80.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twrencesprin.info/cHJxMlVfTRJBaBM2OEsMQDg2cBQmJxJnNjgwQGAvITMCfgJDAVdGPBRPRwJlQ0JFFCUZFkwDcwMGEEYgA09AFDweFB4PcwZPQBxmRFxCBntAVAQPZFYGAVMyTUNXQiEEHkwDY0lKQAtsRUVBBmBE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iejZ6HMtfNeIRgL62pDLiBFyNlWIM5f40o9WTmkFIudV%2FPfqaPE9cPeG%2BUrc0DkmZjNZg5vEBJwSZnJUtBMCgscKPzAIrbxrUH1UMM7llNmbDw97xjp8ilbG%2BTUhhXr6TOk5NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 81b6e6147aa139ee-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 190ms
127ms Image
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyymWew54UANYUZZqcpqqdcot8dqR32JJh-LoQV_wBeJP35geyS9JmLVcN0...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxN2pESTrBogL-pzRWuzIZK_IGV3lDEDL5Y7ljNco_nlJQElq7MomYjrOPLFlm24Vlj1Bh1MA&passiv...

0
0

44ms
44ms

Image
text/html

2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxN2pESTrBogL-pzRWuzIZK_IGV3lDEDL5Y7ljNco_nlJQElq7MomYjrOPLFlm24Vlj1Bh1MA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1627238499%3A1698199570701948&theme=glif
Protocol: H3
Server: 2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 25 Oct 2023 02:06:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jxe4fMoLvLYSea1CQks8Vw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxN2pESTrBogL-pzRWuzIZK_IGV3lDEDL5Y7ljNco_nlJQElq7MomYjrOPLFlm24Vlj1Bh1MA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1627238499%3A1698199570701948&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyz8e171HgiqQNzIzkz2zZho4BwLdjN3s9Bu4AMDyn1-AMBeq3Le_CM...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxHY5vFPH5CD_WLb00j8KmFB8qIxqaTrnK9Gw4CAuo23ldj_EcsEKjkf_UqIktixGVf14J9ig&passi...

0
0

48ms
48ms

Image
text/html

2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxHY5vFPH5CD_WLb00j8KmFB8qIxqaTrnK9Gw4CAuo23ldj_EcsEKjkf_UqIktixGVf14J9ig&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1309185581%3A1698199570788934&theme=glif
Protocol: H3
Server: 2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 25 Oct 2023 02:06:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-7CeZy3vOPxZPT8PgxuCwBA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 407
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxHY5vFPH5CD_WLb00j8KmFB8qIxqaTrnK9Gw4CAuo23ldj_EcsEKjkf_UqIktixGVf14J9ig&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1309185581%3A1698199570788934&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 SxoDOD8wKRUvJVw4Kw5VTXx6Wl1IajIDDEd+e0wbDi02HxtHfWQDBhwjf0weR31sWkZMfGxZTg9xc0wcCi0lV1lcPDYeBEd9dFNQS3V7X19KeXJc
twrencesprin.info/amh6TEJFVxk/fw4+KD4bMjI5FRRTMisZAAI/ 0
255 B 193ms
120ms Image
text/plain 104.21.80.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twrencesprin.info/amh6TEJFVxk/fw4+KD4bMjI5FRRTMisZAAI/SxoDOD8wKRUvJVw4Kw5VTXx6Wl1IajIDDEd+e0wbDi02HxtHfWQDBhwjf0weR31sWkZMfGxZTg9xc0wcCi0lV1lcPDYeBEd9dFNQS3V7X19KeXJc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJds2lzY5F1eIe93H%2Fa4rdY%2BX79HMqOaVocGwUODlsuYdZkCH462s0Ngw%2BGrYWnxkawu%2BDGpR8zAtzXhnzidS5TsHXVAuxLOCh%2Fv0iOc0oYFuG6idoj%2BO102yhlxrwYNv0T%2Fvg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 81b6e6147aa239ee-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 204 USAzEClKZWUBOgM4fkB4TmxySHdCY3NEfUc
twrencesprin.info/cU53VENecRQnfiYLB2QiHBwEMRYzLSJmL1R8MQAFPxwWOnI/FhsZZQUnE2l7QHhOY3BXPh4wfkN3USc3EDoCJ35AaB46JR5zUSJ+QGBHenVBYERyNkx/ 0
398 B 192ms
120ms Image
text/plain 104.21.80.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twrencesprin.info/cU53VENecRQnfiYLB2QiHBwEMRYzLSJmL1R8MQAFPxwWOnI/FhsZZQUnE2l7QHhOY3BXPh4wfkN3USc3EDoCJ35AaB46JR5zUSJ+QGBHenVBYERyNkx/USAzEClKZWUBOgM4fkB4TmxySHdCY3NEfUc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sj%2FBfGxnfC1yfTSlvJl8yTC%2B1nTCeUn%2BjBk4WKcPzvgOov2%2BJ%2FbiFl1qdhCrYG2nM9uEUtp%2BNyF2LJjJJ0W4T2vqie16LMlWlPFoWkUbaZujtXAQnGePPP7Yrkx60yqGSHMJLw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 81b6e6147aa339ee-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame CC05 0
172 B 151ms
150ms XHR
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 02:06:10 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame CC05 0
47 B 161ms
161ms XHR
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 02:06:10 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 93ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M73M877RTL&gtm=45je3an0v9128152764&_p=938759125&cid=22979321.1698199571&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1698199570&sct=1&seg=0&dl=https%3A%2F%2Fuserscloud.com%2Ftw5traue8wap&dt=Userscloud&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M73M877RTL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 02:06:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userscloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
userscloud.com/cdn-cgi/ 0
140 B 41ms
40ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://userscloud.com/tw5traue8wap
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://userscloud.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 81b6e6146b3f18d7-FRA

GET
H2 200 TH5GWDhMfkYHfEd8UwUOTH5GQSUHekITfytpRAY0X3hfE3-5ZLQZGIAw7E1QnADhTBApcf0EYf19pRAZkAiQCWyBMfjUTflkgH10pTH5GUSkKJxkfaVt8FV4+BiETE34vdE8YfEd4RQ51R3tEE35ZPxdQLRslUwQKXH9BGH9fagMLfQ Show response
d1f7vr2umogk27.cloudfront.net/pdjZMaUwVWSIPcwJfKFR6RgZ/WXhQXD8GIgYLPiMhLF98Ah0MTDwrIlBCNg1xRBAgCCIRC2oMIhULfU8tElRxXWoCRiMCcRlBNQoiBEIoGylQQy1UIRlMJQUgFxN+L3lYBmlbfF5BJQcoGUE/ Frame A66E 1 KB
1 KB 247ms
175ms Script
text/plain 2600:9000:20eb:7600:19:5116:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1f7vr2umogk27.cloudfront.net/pdjZMaUwVWSIPcwJfKFR6RgZ/WXhQXD8GIgYLPiMhLF98Ah0MTDwrIlBCNg1xRBAgCCIRC2oMIhULfU8tElRxXWoCRiMCcRlBNQoiBEIoGylQQy1UIRlMJQUgFxN+L3lYBmlbfF5BJQcoGUE/TH5GWDhMfkYHfEd8UwUOTH5GQSUHekITfytpRAY0X3hfE3-5ZLQZGIAw7E1QnADhTBApcf0EYf19pRAZkAiQCWyBMfjUTflkgH10pTH5GUSkKJxkfaVt8FV4+BiETE34vdE8YfEd4RQ51R3tEE35ZPxdQLRslUwQKXH9BGH9fagMLfQ
Requested by: Host: rerpartmentm.info
URL: https://rerpartmentm.info/YW1scWgADw8cVwBQDlcdEwFRVFonSF43DFALWwcaUxgBHg8KX1tfCw0CGRUOEwICBUYPCBhUWicdCBsyLAw5Bj42PiUhCxYnCjouM1s+FjJEXyomMAk8NDVQJiQLKCQxBCEZJCdUVDAAUSA4NR8TJAAzKy8KXQk6IywLMisoPy9DBywkBCQkBzhUBS0NPxQpPw4uPhglIg4+HSovPAMYKiQkAzYRDTw9CFk0JD4dJSs8ORYuGSNJQyotXgAoKgwBDhcuVC8mIAsOKjk0TVMrODldJjooGSUHBjU5DiQJVCQfNCI4OV0mPD8kIAQGJSUOGBkcIyk4XTRCAAcoX1xdOyE9Ky8oLBtGLVA8AjAsCTkuMBgCC1w0MQdcVQE6IDcHMAEwLjsIKiwLBiQ8BwEHFiBQXRwlIFQqOSIDKicUGg4AOxhJLjdZSUMqIwQpJS1SWRoVLVk0CjQMVT89RFkzXhg0LVJYNiEQBTwgIxsNOBsgIzklVTMvKVQKEA8sIQogTgseAx8YXB8mHDIIXQcgEhsdLh8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7600:19:5116:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1d1a5049cd6d6238726fe09fb62d4e255dc06379b0a88755a0887292ec74d5ae

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rerpartmentm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
content-encoding: gzip
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 769
x-amz-cf-id: sKPsnzIZXlG1c9Bm851sJICqzHveEsJA8MfdHuY4Gs2nhU6MHQI9sg==

GET
H2 200 NVWFvczQ2DgEVCyEIC04DZVlfRgZzCxwcWiVcCB5XYjs3PFMHGAQ9DTwOSQdOMVxdVVg0DwhOEjAPDE4FcwALEQlhRxsDWz5cAARNNg8dB1AnBEkGVWgMAAldOQ0OVgYTVEFDEWdRRwRdOwUABEdwU18dQHBTX0IEe1FKQHZwU18EXTtXW1YHF0RdQ0xjVU-ZWBmU... Show response
d1f7vr2umogk27.cloudfront.net/ Frame 227E 595 B
726 B 249ms
182ms Script
text/plain 2600:9000:20eb:7600:19:5116:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1f7vr2umogk27.cloudfront.net/NVWFvczQ2DgEVCyEIC04DZVlfRgZzCxwcWiVcCB5XYjs3PFMHGAQ9DTwOSQdOMVxdVVg0DwhOEjAPDE4FcwALEQlhRxsDWz5cAARNNg8dB1AnBEkGVWgMAAldOQ0OVgYTVEFDEWdRRwRdOwUABEdwU18dQHBTX0IEe1FKQHZwU18EXTtXW1YHF0RdQ0xjVU-ZWBmUAHwNYMBYKEV88FUpBcmBSWF0HY0RdQxw+CRseWHBTLFYGZQ0GGFFwU18UUTYKAFoRZ1EMG0Y6DApWBhNZVl0Ee1VcSw17Vl1WBmUSDhVVJwhKQXJgUlhdB2NHGk4F
Requested by: Host: rerpartmentm.info
URL: https://rerpartmentm.info/eERaaWkZJjkEVhl5OE8cCihnTFs+YWgvDUkibR8bSjE3Bg4Tdm1HChQrLw0PCis0HUcWIS5MWz4KDD4vDicgOFs8Ix8/KgEBEypZTAAAPwUeFj0zEzs8LQo+ERI5KitNHAMDGksUHCQhPwULUC0sMxU6OBwLFz8RHBIMDlk8MzImLBIFCi0sTAI5Hig0AQsFASo8KS0+AnE5KCgqChQOURwGaygHOgExLj8vIxcoKBQgFThZNxI9MD0uARwtLC8gCDseKiAVHjw5Bh8NHi11Yg04MAYOMVkxAT9YLzMVEjMeLXViLDEsMAI+WCEMHFk7HBVqEQMuEXczPjopDyghDwoDJCshDx8/UUACDxkrGykYOj4+dBIwWSogCxEeXXYYKjsLIQ0hKywIHDAuIhVqLi4+Ai08WEARDz0wMwUcBjsidR8kLkgdbC0oCBMYASciEjZZLB11DAo6D3VtPwVJExgEPCsAMj8/MjMyIjggDj08BRAgGFsnMAMxXS9eLikGBwh5PQQKTx4CJg4qPTEnUBEr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7600:19:5116:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d390df3d229bed942e92c513882e8c424be3478a74f93aed278431577f53b2de

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rerpartmentm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
content-encoding: gzip
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 450
x-amz-cf-id: B32qWRr9zt-R767eeNGWAMfUn3FLP0r5Dx0JQcSP7gCjLSx6PmugtQ==

GET
H2 200 2ejNKVzEZXCQxDg5aLmoJSwVzYAJcWTk4XwoOCANQT2I5AkFIY2wjSx4OeHFdG10tahcfXSlqAFxSLjUMThU+J14RDiUgSBldOCNVCFZsIlBHXiUtWBZfK3IDPAZkZxRIA2IgWBRXJSBCXwF6OUVfAXpmAVQDb2RzXwF6IFgUBX5yAjgWeGdJTAdjcgNKUj-onXR9... Show response
d1f7vr2umogk27.cloudfront.net/ Frame ED6A 574 B
719 B 178ms
177ms Script
text/plain 2600:9000:20eb:7600:19:5116:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1f7vr2umogk27.cloudfront.net/2ejNKVzEZXCQxDg5aLmoJSwVzYAJcWTk4XwoOCANQT2I5AkFIY2wjSx4OeHFdG10tahcfXSlqAFxSLjUMThU+J14RDiUgSBldOCNVCFZsIlBHXiUtWBZfK3IDPAZkZxRIA2IgWBRXJSBCXwF6OUVfAXpmAVQDb2RzXwF6IFgUBX5yAjgWeGdJTAdjcgNKUj-onXR9ELzVaE0dvZXdPAH15AkwWeGcZEVs+Ol1fAQlyA0pfIzxUXwF6MFQZWCV+FEgDKT9DFV4vcgM8C3N5AVQHeW8IVAR4cgNKQCsxUAhab2V3TwB9eQJMFT9qAA
Requested by: Host: rerpartmentm.info
URL: https://rerpartmentm.info/ajlVUUwLWzY8cwsEN3c5GFVodH4sHGcXKFtfYic+WEw4PisBC2J/LwZWIDUqGFY7JWIEXCF0fiwLMDsCIW8vFBYyegQpCA0MNB0hBXMGJhoQYBQbLz1tPmUUHVYaEg0kaAFjBV94PhcFMwsiOx8SDRo0BCxdEmB8Hlg9MioyajkgDSxBBh0mP3QBORlPCxcbfV5rETgZDWoXPSglehsHDyxjJhggKHENOBkebhcLKiEKHBUcK2M+CzQ4cBRjBQ1uFwMUIGoXEhQdf2MeGTxfFAk8B3gDAAgICwcrFB1/YxgKDWwXCXkTeD82Gw9+MRsYK10/MiskcgA7YQVXDQN1L3UvBy0vCTEnFjJdBRAEWwwUOjs9XBIyFi9vJnR+KHY5YCoraDkoDVpJMxg2EmwNJgpcdBMAFj16A3R+KH8QNgghbWwVCjwNIzIrJwEWYgJfeAMABA9ubRgaK2thMiskcgQSPxJsFDktCAsDYhgde2w0HSB0EwV1G3gUdyYZVjshcShtNGQdGWwlYxw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7600:19:5116:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7fc8219a423e758bd6c8ec2d08cb1ed416d128652a521045b2e92625ba88eb70

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rerpartmentm.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
content-encoding: gzip
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 445
x-amz-cf-id: Vb_Vgpe0mn1tKGwqnbmaQ-hO231cMoLi6avXkhQ8n5TdyMAg_sH-dw==

GET
H2 204 cAcHBDUHFC5vB34rIH5lJjwfAAAtIz5aAwoqE1sGHkIAUDRyUkQJY39QUkk5K1lFHyM7BQBMI3JXRAlhaQ0aXz9yVEQJYWkSSQh+fFBaCmRhVFJMbX5QQAxmfFZHAGZ+XUANaXdCAEkxKFlFHyA7EBgEYXldTAhpdlFDCWh5VQ
twrencesprin.info/UE9kdDl/ 0
250 B 118ms
118ms Image
text/plain 104.21.80.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twrencesprin.info/UE9kdDl/cAcHBDUHFC5vB34rIH5lJjwfAAAtIz5aAwoqE1sGHkIAUDRyUkQJY39QUkk5K1lFHyM7BQBMI3JXRAlhaQ0aXz9yVEQJYWkSSQh+fFBaCmRhVFJMbX5QQAxmfFZHAGZ+XUANaXdCAEkxKFlFHyA7EBgEYXldTAhpdlFDCWh5VQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.80.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:06:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1MivEqj%2FlmyM0Zp5vQWtUw0kJ58GUUKQ%2B2u8G2nlZMPRfWR9OpLuCd4EAVXzy6KcRlVWnu0bLJBVwBpGmgcJaqFMYkmdbVynvqIJ7DUCw8klarmMEYgPtOWX0C7Q3BV1MZopg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 81b6e615fb7439ee-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 popunder.gif
twrencesprin.info/ 35 B
536 B 30ms
30ms Image
image/gif 104.21.80.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twrencesprin.info/popunder.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.80.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Wed, 25 Oct 2023 02:06:10 GMT
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 17:18:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 118035
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zB27DEY3tItcl5tzHudrIO7e3lhg1Rzc%2FfK5wEVq08Vea4bh3NABaSpPbLiXIlGX6JKuyFPj77PZhOyYThCRW7t%2F7uaS3%2FFToKb1jpw4pxwvPpnZAPq46IJAKVB%2B4TvrjuoAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 81b6e61689b618cf-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 multi Show response
rerpartmentm.info/ 3 KB
2 KB 222ms
222ms XHR
text/plain 18.245.86.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rerpartmentm.info/multi?cs=ZmpTeG9RX2dAWFNfY0xZVlxmQVo&abt=0&red=1&sm=76&k=userscloud%20free%20cloud%20storage%20unlimited&v=1.0.60.3&sts=0&prn=0&emb=0&tid=708052&rxy=1600_1200&u=1445632396194498&agec=1698199570&fs=1&mbkb=709.2198581560284&ref=https%3A%2F%2Fuserscloud.com%2Ftw5traue8wap&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&tzd=2&uloc=&if=0&_xIuo=1698199570988&crc=1
Requested by: Host: userscloud.com
URL: https://userscloud.com/tw5traue8wap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-27.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: aaf509143438ce64fd8d26434bc110497243e0d32727487dc991dc97a52e44b8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 02:06:11 GMT
content-encoding: gzip
via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA60-P6
x-cache: Miss from cloudfront
content-type: text/plain
access-control-allow-origin: https://userscloud.com
p3p: CP="NID DSP ALL COR"
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-length: 1549
x-amz-cf-id: j9hU_bxpYUKKZ1BoQNuPTnBAaSsKCQeCamTUnm-YgSdExEdkSOQxTg==

POST
H3 200 log Show response
play.google.com/ Frame 28A5 131 B
155 B 53ms
52ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.qIedz9eKaWk.O/d=1/rs=AC2dHMI8gTyRhcRWlGR-_uaqUlpg-bETmw/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 25 Oct 2023 02:06:13 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 02:06:13 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 30ms
29ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 25 Oct 2023 02:06:13 GMT
expires: Wed, 25 Oct 2023 02:06:13 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.userscloud.com/	1969-12-31 23:59:59	Name: lang Value: german
.google.com/	1970-01-20 20:06:50	Name: NID Value: 511=JYZo9z28pycsnspALQQGRuC8AXbe3huFUIgq59T6HNoG7weKs3uiNYvOTKr7ATMtozyMTJckwr0JJt7-qpWMU-2TYLDCfnqyImdAzDU1BEm89DvW5GLPEKwtHrJTiSjoZ-NMbRgmCUYp3V4yK8mvKD-QzcdUUISAOl2tlKOz8-s
.userscloud.com/	1970-01-21 01:19:19	Name: _ga Value: GA1.1.22979321.1698199571
.userscloud.com/	1970-01-21 01:19:19	Name: _ga_M73M877RTL Value: GS1.1.1698199570.1.0.1698199570.0.0.0
pogothere.xyz/	1970-01-21 00:21:43	Name: csu Value: 1445632396194498@1@1698199570

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-okZGwfejXPtee-78sJvcKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://docs.google.com/gview?url=https://u0249.userscloud.com/cgi-bin/dl.cgi/6owxjt2k5bas5l3i4ca4nfswdlkeqdewbdjphc66cavwqvjjjx5q3tq/tw5traue8wap.pdf&embedded=true(Line 8) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-okZGwfejXPtee-78sJvcKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
network	error	URL: https://docs.google.com/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://docs.google.com/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxN2pESTrBogL-pzRWuzIZK_IGV3lDEDL5Y7ljNco_nlJQElq7MomYjrOPLFlm24Vlj1Bh1MA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1627238499%3A1698199570701948&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyxHY5vFPH5CD_WLb00j8KmFB8qIxqaTrnK9Gw4CAuo23ldj_EcsEKjkf_UqIktixGVf14J9ig&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1309185581%3A1698199570788934&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
content.googleapis.com
csp.withgoogle.com
d1f7vr2umogk27.cloudfront.net
docs.google.com
play.google.com
pogothere.xyz
region1.google-analytics.com
rerpartmentm.info
ssl.gstatic.com
static.cloudflareinsights.com
twrencesprin.info
userscloud.com
www.facebook.com
www.googletagmanager.com
www.gstatic.com
104.21.80.206
172.64.97.14
18.245.86.27
2001:4860:4802:34::36
2600:9000:20eb:7600:19:5116:63c0:21
2606:4700::6810:3965
2a00:1450:4001:800::2003
2a00:1450:4001:803::2011
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:811::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200d
2a00:1450:4001:831::200e
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3121::3
1d1a5049cd6d6238726fe09fb62d4e255dc06379b0a88755a0887292ec74d5ae
2dfa3bceb249c735a7936c072cc3937fc8c8169c8f58c9f1fdcadf5f7d43d471
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4
38bb8de9189003e6eddb162ebb55813c5bd57abd7cafee24c67fcda29b0cc1a0
3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf
3bbebc35323fe67072612fa89e324b4d8c7ebdcd809f845a01bc5172e3dd72eb
440d3c955b969a920a70b46a0a493e01a19aa1c4c60375d25ef5f826676ca21b
450f6ca98d98ad460909a056162d17b1e267d3251c1a4150d79c879d2fcc3304
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
567795e373535ee36eaa0805687b1ba40b46c192cba6c56d83767f320bf14c2c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816
7a4520fdf8720501b4e8aa68407c42973a4e894f6d4d2d69df5a0dfa63a42d8e
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977
7fc8219a423e758bd6c8ec2d08cb1ed416d128652a521045b2e92625ba88eb70
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83446b47c017ee3f2c61ecb05f2b6034f74b40af4d9ec7a2de9f767dc2322092
858be7e30120552c4ec02bf160519aab3017234dbc89c9b0c8642df6e2ec7175
890daf078ef97fd1e219387038df504f418bb59a66d0909b61699e92eaae9422
8ab2705651388b99d1cfe39b77b34ed19d24c49759803695b4e117261b7296d6
8ddf2b4d09ace7738578ae795b7bb3458021f9bc4942beb74477db69fc2ac4fc
8f7dad8e9fa4d24ea60d2e1e4483882a47bad0a9464f6721cc5d5aed93270916
906d4945ce7e031fceb77d51b9790e92fa751b6beab3f2cfadb62ccfe1f7d876
94a31fa8323ddb1c7e4c85b668780bc2778f288de43143b476c6ea7528c3e42a
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aaf509143438ce64fd8d26434bc110497243e0d32727487dc991dc97a52e44b8
acc87fce9e7ed71066a70abd270ba0734b024b3dc440876a7b00e750b3c82d15
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8e4a848d90a917020b4a71278f84d797fd1ff3cb87a0d0adc68c87e89613461
c13071dd54bbca3461598834cbffe824b9c79bd269e79502e59a16fde7e486fd
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137
c91768ddd242fe465fd233dc5166c4810ae9f8740d3b1ac389cffd283503bd1e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdd2c1b6dde1ddb4f587bcf798840bb4c9b9f800333281e6779afa089ae11bbf
d390df3d229bed942e92c513882e8c424be3478a74f93aed278431577f53b2de
d64db3530653f3c614e2ef2daa616a5ab601c0cd3201b01f8b7842a0e666cbde
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc
dcc9042d6e57da51821acd007645a5269b176f61c9d35146966f971edba08396
e20b8c71dad593bd74d819a44a7e6afbf5606f9460d2599ca0e15e97955a9d80
e3b093037c5b94003859b96af6b27c8ba17832cfc8943b7511b905b571e78723
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f867efe89de2acc7f60da32733292e8c8ea157c6e64dd7a7434c6eb4955475f1

userscloud.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

71 Requests

94 %HTTPS

82 %IPv6

13 Domains

17 Subdomains

18 IPs

3 Countries

1879 kBTransfer

4167 kBSize

5 Cookies

0 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

userscloud.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

94 %
HTTPS

82 %
IPv6

13
Domains

17
Subdomains

18
IPs

3
Countries

1879 kB
Transfer

4167 kB
Size

5
Cookies

71 HTTP transactions
1 data transactions