app.user.com Open in urlscan Pro
172.67.38.130 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://burda.user.com/emails/show/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__;!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6W...
Effective URL:
https://app.user.com/accounts/login/
Submission: On June 19 via manual (June 19th 2024, 4:43:41 pm UTC) from US — Scanned from DE

Summary HTTP 88 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 88 HTTP transactions. The main IP is 172.67.38.130, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.user.com.
TLS certificate: Issued by WE1 on June 10th 2024. Valid for: 3 months.

This is the only time app.user.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 61	172.67.38.130 172.67.38.130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
6	49.13.202.2 49.13.202.2	24940 (HETZNER-AS) (HETZNER-AS)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
4	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
2	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
2 2	51.77.134.128 51.77.134.128	16276 (OVH) (OVH)
88	14

61 172.67.38.130 (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

burda.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
support.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sentry.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
register-static.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 49.13.202.2 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.202.13.49.clients.your-server.de

app-analytics.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.77.134.128 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3137052.ip-51-77-134.eu

eu.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.userengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	user.com 8 redirects burda.user.com support.user.com widget.user.com — Cisco Umbrella Rank: 146849 app-analytics.user.com sentry.user.com app.user.com register-static.user.com media.user.com — Cisco Umbrella Rank: 218491 eu.user.com	2 MB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355	21 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	409 KB
5	google.com www.google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 3125	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 8088	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	397 B
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1073	7 KB
1	userengage.com 1 redirects app.userengage.com	125 B
1	gstatic.com www.gstatic.com	206 KB
88	9

	Domain	Requested by
22	burda.user.com	4 redirects burda.user.com
12	register-static.user.com	app.user.com register-static.user.com
9	widget.user.com	burda.user.com support.user.com app.user.com
8	www.googletagmanager.com	burda.user.com www.googletagmanager.com www.google-analytics.com app.user.com
6	app-analytics.user.com	burda.user.com app-analytics.user.com
6	support.user.com	2 redirects support.user.com
5	sentry.user.com	burda.user.com
4	app.user.com	1 redirects burda.user.com app.user.com static.cloudflareinsights.com
4	www.google.com	burda.user.com app.user.com www.gstatic.com
4	region1.google-analytics.com	www.googletagmanager.com burda.user.com
4	www.google-analytics.com	www.googletagmanager.com burda.user.com www.google-analytics.com
3	media.user.com
2	www.google.de	burda.user.com
2	stats.g.doubleclick.net	burda.user.com www.googletagmanager.com
2	static.cloudflareinsights.com	burda.user.com app.user.com
1	app.userengage.com	1 redirects
1	eu.user.com	1 redirects
1	www.gstatic.com	www.google.com
1	region1.analytics.google.com	burda.user.com
88	19

This site contains links to these domains. Also see Links.

Domain
user.com

Subject Issuer	Validity	Valid
user.com WE1	`2024-06-10` - `2024-09-08`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
app-analytics.user.com R3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.de WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://app.user.com/accounts/login/
Frame ID: E850334B6BA2E99DE8CA090DA773022D
Requests: 84 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=invisible&cb=jtklc9clag1d
Frame ID: CED9365BE031AB1494E62885D8C0CCAC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=normal&cb=kyvh7p8lxuy
Frame ID: 48409F985F4BCB875760202F9B510838
Requests: 1 HTTP requests in this frame

Frame: https://media.user.com/avatars/Screenshot_20220720-102953_Instagram_iqIdW02.jpg
Frame ID: 05352ADE0B7B7B33E76D087A41939530
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

User.com | Login - User.com

Page URL History Show full URLs

https://burda.user.com/emails/show/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__;!!PMqkKg!NG... HTTP 301
https://burda.user.com/emails/show/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!... HTTP 301
https://burda.user.com/show/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__;!!PMqkKg!NGMpVxJfR... HTTP 301
https://burda.user.com/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__;!!PMqkKg!NGMpVxJfR2S2_H... HTTP 302
https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR... Page URL
https://app.user.com/?next=https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/507... HTTP 302
https://app.user.com/accounts/login/ Page URL

Detected technologies

Django (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

88
Requests

95 %
HTTPS

43 %
IPv6

9
Domains

19
Subdomains

14
IPs

4
Countries

3082 kB
Transfer

10509 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://user.com/en/?utm_source=app.user.com&utm_medium=client_webpush

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://burda.user.com/emails/show/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__;!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$ HTTP 301
https://burda.user.com/emails/show/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/ HTTP 301
https://burda.user.com/show/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__;!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/ HTTP 301
https://burda.user.com/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__;!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/ HTTP 302
https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/ Page URL
https://app.user.com/?next=https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%253B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/ HTTP 302
https://app.user.com/accounts/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://burda.user.com/emails/show/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__;!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$ HTTP 301
https://burda.user.com/emails/show/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/ HTTP 301
https://burda.user.com/show/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__;!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/ HTTP 301
https://burda.user.com/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__;!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/ HTTP 302
https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/

Request Chain 7

https://support.user.com/widget.js HTTP 301
https://widget.user.com/widget.js

Request Chain 46

https://support.user.com/widget.js HTTP 301
https://widget.user.com/widget.js

Request Chain 85

https://eu.user.com/media/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg HTTP 301
https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg

Request Chain 87

https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png HTTP 301
https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png

88 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Redirect Chain

https://burda.user.com/emails/show/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__;!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$
https://burda.user.com/emails/show/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
https://burda.user.com/show/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__;!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
https://burda.user.com/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__;!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/

2 KB
1 KB

41ms
40ms

Document
text/html

172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bbca26273b10187582b2db74e1f83f7278874ce2f7d8cbe5a6bf9f4a0ac95b6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8964fa9a6fdc3a94-FRA
content-encoding: br
content-type: text/html
date: Wed, 19 Jun 2024 16:43:35 GMT
last-modified: Wed, 19 Jun 2024 08:56:16 GMT
server: cloudflare
ue-backend: usertenant
ue-node: usertenant4
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8964fa9a1f6f3a94-FRA
content-type: text/html; charset=utf-8
date: Wed, 19 Jun 2024 16:43:35 GMT
location: /v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
referrer-policy: same-origin
server: cloudflare
ue-backend: tenants
ue-node: apinode75
vary: Cookie, Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 index-D6w3KwHv.js Show response
burda.user.com/v2/assets/ 1 MB
422 KB 62ms
62ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://burda.user.com/v2/assets/index-D6w3KwHv.js
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 811150801cf81a07619bb2fefe78a813f702b17e54e540de16987c153b9b9b15

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Origin: https://burda.user.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 08:56:16 GMT
server: cloudflare
etag: W/"66729d30-178272"
vary: Accept-Encoding
content-type: application/javascript
ue-backend: usertenant
ue-node: usertenant1
cf-ray: 8964fa9aa8823a94-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 vue-B6f7j3Sw.js Show response
burda.user.com/v2/assets/ 177 KB
65 KB 165ms
164ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://burda.user.com/v2/assets/vue-B6f7j3Sw.js
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 066a301357677534f08f06ae14a13f202b671dea3adb29a3b581a5b32431bf90

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Origin: https://burda.user.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 05:51:07 GMT
server: cloudflare
etag: W/"667271cb-2c321"
vary: Accept-Encoding
content-type: application/javascript
ue-backend: usertenant
ue-node: usertenant3
cf-ray: 8964fa9aa88a3a94-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 element-LqzgBQYx.js Show response
burda.user.com/v2/assets/ 783 KB
253 KB 176ms
176ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://burda.user.com/v2/assets/element-LqzgBQYx.js
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8989e559774bbc98dc37f114863687f7941f78723321942e2360b825ff24e977

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Origin: https://burda.user.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 05:51:05 GMT
server: cloudflare
etag: W/"667271c9-c3c2a"
vary: Accept-Encoding
content-type: application/javascript
ue-backend: usertenant
ue-node: usertenant5
cf-ray: 8964fa9aa88d3a94-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 lodash-BQ3AEK3g.js Show response
burda.user.com/v2/assets/ 26 KB
9 KB 189ms
188ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://burda.user.com/v2/assets/lodash-BQ3AEK3g.js
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a949eacb0cc55752feae34e4f58242c4a79270984bea194b1d0388bfe3b27600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Origin: https://burda.user.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 05:51:07 GMT
server: cloudflare
etag: W/"667271cb-6710"
vary: Accept-Encoding
content-type: application/javascript
ue-backend: usertenant
ue-node: usertenant2
cf-ray: 8964fa9aa88f3a94-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sentry-C8SreLH5.js Show response
burda.user.com/v2/assets/ 118 KB
39 KB 191ms
191ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d4a753075e9b63ae42e2ad2b1f12bded82b1780ae995afb6aaca8cf74d474c1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Origin: https://burda.user.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 05:51:07 GMT
server: cloudflare
etag: W/"667271cb-1d9d1"
vary: Accept-Encoding
content-type: application/javascript
ue-backend: usertenant
ue-node: usertenant5
cf-ray: 8964fa9aa8923a94-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 index-DA02yzH9.css
burda.user.com/v2/assets/ 715 KB
115 KB 193ms
192ms Stylesheet
text/css 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://burda.user.com/v2/assets/index-DA02yzH9.css
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a327d69088c6d807ab445af175657ee88f4da7a196e14f7ad507fb87d7cd81bd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Origin: https://burda.user.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 05:51:06 GMT
server: cloudflare
etag: W/"667271ca-b2a4e"
vary: Accept-Encoding
content-type: text/css
ue-backend: usertenant
ue-node: usertenant2
cf-ray: 8964fa9aa8943a94-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

widget.js Show response
widget.user.com/
Redirect Chain

https://support.user.com/widget.js
https://widget.user.com/widget.js

149 KB
51 KB

148ms
138ms

Script
application/javascript

172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget.js
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Protocol: H3
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77704139ceaad478f61a8822e965617aa7bcb286251d0b5baa0ad9007736282f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://burda.user.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Jun 2024 07:54:09 GMT
server: cloudflare
x-amz-request-id: 7PQ1V9HK0RNWB170
age: 217
etag: W/"b630c9c08aaaa3caad689be2d91c7472"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8964fa9b08fc3a94-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: aQ5gvka7w5A9cY7MXDjU9fk6nH1iFKrVJ8I+uJJIrApgQiX41eDcX6aD+wfiMsitaB9ZezQ/53AsTp2EfzqyLQ==

Redirect headers

date: Wed, 19 Jun 2024 16:43:35 GMT
cf-cache-status: HIT
server: cloudflare
age: 37902
vary: Accept-Encoding
location: https://widget.user.com/widget.js
cache-control: max-age=3600
cf-ray: 8964fa9ad8b83a94-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 81ms
61ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Origin: https://burda.user.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8964fa9aeecea06a-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 404 KB
113 KB 73ms
51ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Requested by

Host: burda.user.com
URL: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9af31bba437bc8090ea66e088521ea240537666a9ebe6c2cc37e1ca4ffe21f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115447
x-xss-protection: 0
last-modified: Wed, 19 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Jun 2024 16:43:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
100 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

421d8475aed2dcee9b1fba000b3f8850e2807b7a8c085d28c1875b509fb16b86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102630
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jun 2024 16:43:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
98 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e71bcbfb0e533c2c2c7433855273cd42f87c4e787fe2ca874be246a4910a12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99967
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jun 2024 16:43:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 38ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Jun 2024 16:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 868
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 19 Jun 2024 18:29:07 GMT

GET
H2 200 array.js Show response
app-analytics.user.com/static/ 117 KB
117 KB 41ms
14ms Script
text/javascript 49.13.202.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app-analytics.user.com/static/array.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.202.2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.202.13.49.clients.your-server.de

Software

Caddy, Unit/1.31.1 /

Resource Hash

5080d7532ac9818b775f9b964c4f94fda41ad4366fc98e59d6e86cb3a23d6a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Wed, 24 Jan 2024 07:53:32 GMT
server: Caddy, Unit/1.31.1
etag: "65b0c1fc-1d321"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=60, public
alt-svc: h3=":443"; ma=2592000
content-length: 119585

POST
H3 200 / Show response
sentry.user.com/api/42/envelope/ 2 B
265 B 122ms
94ms Fetch
application/json 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.user.com/api/42/envelope/?sentry_key=2d24c064c01aa2e829cb62d5db063b91&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.114.0
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
cf-ray: 8964fa9c7aca9201-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H3 200 / Show response
burda.user.com/v2/ 2 KB
955 B 47ms
47ms Fetch
text/html 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://burda.user.com/v2/?version=1
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca0d05ea66295fb7373bb22c3e848990ba00564fa639a4cfce8250e8a91540a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 19 Jun 2024 08:56:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
ue-backend: usertenant
ue-node: usertenant4
cf-ray: 8964fa9c5ae63a94-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 404-wD2RqYcv.js Show response
burda.user.com/v2/assets/ 748 B
627 B 87ms
87ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://burda.user.com/v2/assets/404-wD2RqYcv.js
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/assets/index-D6w3KwHv.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ec5e3b4386d656415945b6e20b9eceb4cadf85baeca6211b5875b9fce1ceb2e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://burda.user.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 05:51:02 GMT
server: cloudflare
etag: W/"667271c6-2ec"
vary: Accept-Encoding
content-type: application/javascript
ue-backend: usertenant
ue-node: usertenant4
cf-ray: 8964fa9c5aea3a94-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 206 notification.ogg
burda.user.com/v2/ 13 KB
14 KB 95ms
95ms Media
audio/ogg 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://burda.user.com/v2/notification.ogg
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b3527a4af4a7bdb95af65dfc565ded65feefaa2d000af4cadca670fffd302d5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 08:56:08 GMT
server: cloudflare
etag: "66729d28-357c"
vary: Accept-Encoding
content-type: audio/ogg
ue-backend: usertenant
Content-Range: bytes 0-13691/13692
ue-node: usertenant4
cf-ray: 8964fa9cbb9f3a94-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 13692

GET
H3 200 widget-app.14f9f1d4672eb06559c5.js Show response
widget.user.com/ 92 KB
18 KB 24ms
24ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-app.14f9f1d4672eb06559c5.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 030f7fa22bba9e4834ce68ce502f78520d0c5eaee401d7ff5654de7dc6494086

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Jun 2024 07:54:09 GMT
server: cloudflare
x-amz-request-id: 6JHNH8X3QVTQK129
age: 1853
etag: W/"f294a3ea881ab4414e2e49f086355597"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8964fa9cbba23a94-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2kdXvnSBciAj0faSQEisqbml1ob7fWNYHBxvZrp1V8FJj8m2hx6+b952awOK+h8fCUF0wLNBfBaa8T5n/nRm/g==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
222 B 15ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=281627663&t=pageview&_s=1&dl=https%3A%2F%2Fburda.user.com%2Fv2%2Fy7ciiahxnf1r%2FYkdBZzj2y9qo5grx9D08b7Qpvx5%2F50767051%2F__%253B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ%24%2F&ul=de-de&de=UTF-8&dt=User.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAEK~&jid=831263531&gjid=676617746&cid=668164711.1718815416&tid=UA-100960632-1&_gid=810479406.1718815416&_r=1&_slc=1&gtm=45He46h0n815SBSNG9v76971330za200&cd12=&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&cd3=668164711.1718815416&npa=1&z=2115766775

Requested by

Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

4e76f53ab3944fa6b24a671f438de2d4ea0ebc4a252cd8b4ae410c7626713e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 16:43:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://burda.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
app-analytics.user.com/e/ 13 B
190 B 16ms
15ms XHR
application/json 49.13.202.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app-analytics.user.com/e/?ip=1&_=1718815415804&ver=1.101.0

Requested by

Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.202.2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.202.13.49.clients.your-server.de

Software

Caddy, Unit/1.31.1 /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
server: Caddy, Unit/1.31.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://burda.user.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
alt-svc: h3=":443"; ma=2592000

POST
H2 200 / Show response
app-analytics.user.com/decide/ 374 B
413 B 18ms
18ms XHR
application/json 49.13.202.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app-analytics.user.com/decide/?v=3&ip=1&_=1718815415806&ver=1.101.0

Requested by

Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.202.2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.202.13.49.clients.your-server.de

Software

Caddy, Unit/1.31.1 /

Resource Hash

b7b52d0d52c69620247edc1f169666223d3c872dcc15c3acb87012f8606cc6cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
server: Caddy, Unit/1.31.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://burda.user.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
alt-svc: h3=":443"; ma=2592000

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 38ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P39TDMK54G&gtm=45je46h0v883336927z876971330za200zb76971330&_p=1718815415477&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=668164711.1718815416&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718815415&sct=1&seg=0&dl=https%3A%2F%2Fburda.user.com%2Fv2%2Fy7ciiahxnf1r%2FYkdBZzj2y9qo5grx9D08b7Qpvx5%2F50767051%2F__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ%24%2F&dt=User.com&en=page_view&_fv=1&_ss=1&tfd=795&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 16:43:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://burda.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 20ms
16ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2065MFPQH5&gtm=45je46h0v876245972z876971330za200zb76971330&_p=1718815415477&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=668164711.1718815416&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718815415&sct=1&seg=0&dl=https%3A%2F%2Fburda.user.com%2Fv2%2Fy7ciiahxnf1r%2FYkdBZzj2y9qo5grx9D08b7Qpvx5%2F50767051%2F__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ%24%2F&dt=User.com&en=page_view&_fv=1&_ss=1&tfd=813&_z=fetch
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 16:43:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://burda.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 60ms
18ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-100960632-1&cid=668164711.1718815416&jid=831263531&gjid=676617746&_gid=810479406.1718815416&npa=1&_u=YGBACEAABAAAACAEK~&z=1755510754

Requested by

Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jun 2024 16:43:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://burda.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 299 KB
98 KB 42ms
42ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X19GWGFGFC&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b9257a56100043c12ef26d1d74de17c214f31cb662d91ebf9d91c645a9a720d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100038
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jun 2024 16:43:35 GMT

GET
H3 200 widget-actionsStore.14f9f1d4672eb06559c5.js Show response
widget.user.com/ 5 KB
2 KB 43ms
43ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-actionsStore.14f9f1d4672eb06559c5.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Jun 2024 07:54:09 GMT
server: cloudflare
x-amz-request-id: ZJGKEDBV37N7WW50
age: 1898
etag: W/"0d051876f932526893b9cf6305e9ce28"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8964fa9d2c5a3a94-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iuARH1wxf3YZVjGNL/FA9z2U1YdcTPoAJkoZ+OiV7AoiaC3c9SdMlC/5i2zqw1to9h6r1QsKY2A=

GET
H3 403 / Show response
burda.user.com/clients/api/v3/team-members/current_agent/ 58 B
264 B 113ms
112ms XHR
application/json 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://burda.user.com/clients/api/v3/team-members/current_agent/

Requested by

Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbff0849bc109eee7f9b7b1fe12e40fc8add21823b2f1fb600b37f620cbd7862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
baggage: sentry-environment=production,sentry-release=2024-06-19-6f5d7cbd,sentry-public_key=2d24c064c01aa2e829cb62d5db063b91,sentry-trace_id=03725e4c5cf6482c990642a426e4616f,sentry-sample_rate=0.75,sentry-transaction=%2F404,sentry-sampled=true
sentry-trace: 03725e4c5cf6482c990642a426e4616f-b95dfa7f520b53c9-1
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
vary: Cookie, Origin
allow: GET, HEAD, OPTIONS
content-type: application/json
ue-backend: tenants
x-frame-options: DENY
ue-node: apinode68
cf-ray: 8964fa9d3c703a94-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 / Show response
burda.user.com/clients/api/v3/agent-groups/ 58 B
264 B 54ms
53ms XHR
application/json 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://burda.user.com/clients/api/v3/agent-groups/?active=true

Requested by

Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbff0849bc109eee7f9b7b1fe12e40fc8add21823b2f1fb600b37f620cbd7862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
baggage: sentry-environment=production,sentry-release=2024-06-19-6f5d7cbd,sentry-public_key=2d24c064c01aa2e829cb62d5db063b91,sentry-trace_id=03725e4c5cf6482c990642a426e4616f,sentry-sample_rate=0.75,sentry-transaction=%2F404,sentry-sampled=true
sentry-trace: 03725e4c5cf6482c990642a426e4616f-b4d397bfc7b78a9c-1
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
vary: Cookie, Origin
allow: GET, HEAD, OPTIONS
content-type: application/json
ue-backend: tenants
x-frame-options: DENY
ue-node: apinode75
cf-ray: 8964fa9d3c733a94-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 135ms
46ms Image
image/gif 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100960632-1&cid=668164711.1718815416&jid=831263531&npa=1&_u=YGBACEAABAAAACAEK~&z=322303143

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 16:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 137ms
49ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100960632-1&cid=668164711.1718815416&jid=831263531&npa=1&_u=YGBACEAABAAAACAEK~&z=322303143

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 16:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
sentry.user.com/api/42/envelope/ 2 B
229 B 48ms
48ms Fetch
application/json 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.user.com/api/42/envelope/?sentry_key=2d24c064c01aa2e829cb62d5db063b91&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.114.0
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
cf-ray: 8964fa9d9c039201-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

POST
H3 200 / Show response
sentry.user.com/api/42/envelope/ 41 B
269 B 83ms
83ms Fetch
application/json 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.user.com/api/42/envelope/?sentry_key=2d24c064c01aa2e829cb62d5db063b91&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.114.0
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1104a4c5b65090087151d72f6a94c3e8276076dbd6167cf14e9c9398ca882d4a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
cf-ray: 8964fa9d9c059201-FRA
alt-svc: h3=":443"; ma=86400
content-length: 41

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 22ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-X19GWGFGFC&gtm=45je46h0v9165106096za200&_p=1718815415477&_gaz=1&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=668164711.1718815416&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fburda.user.com%2Fv2%2Fy7ciiahxnf1r%2FYkdBZzj2y9qo5grx9D08b7Qpvx5%2F50767051%2F__%253B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ%24%2F&dt=User.com&sid=1718815415&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_3=668164711.1718815416&tfd=949&_z=fetch
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 16:43:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://burda.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
48 B 19ms
18ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X19GWGFGFC&cid=668164711.1718815416&gtm=45je46h0v9165106096za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X19GWGFGFC&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 16:43:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://burda.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 73ms
48ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X19GWGFGFC&cid=668164711.1718815416&gtm=45je46h0v9165106096za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1&frm=0&z=1296211026

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 16:43:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 / Show response
burda.user.com/clients/api/v3/team-members/current_app/ 58 B
264 B 80ms
80ms XHR
application/json 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://burda.user.com/clients/api/v3/team-members/current_app/

Requested by

Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbff0849bc109eee7f9b7b1fe12e40fc8add21823b2f1fb600b37f620cbd7862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
baggage: sentry-environment=production,sentry-release=2024-06-19-6f5d7cbd,sentry-public_key=2d24c064c01aa2e829cb62d5db063b91,sentry-trace_id=03725e4c5cf6482c990642a426e4616f,sentry-sample_rate=0.75,sentry-transaction=%2F404,sentry-sampled=true
sentry-trace: 03725e4c5cf6482c990642a426e4616f-93720d83e062035d-1
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
vary: Cookie, Origin
allow: GET, HEAD, OPTIONS
content-type: application/json
ue-backend: tenants
x-frame-options: DENY
ue-node: apinode100
cf-ray: 8964fa9dfd673a94-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 204 rum Show response
burda.user.com/cdn-cgi/ 0
141 B 17ms
17ms XHR
text/plain 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://burda.user.com/cdn-cgi/rum?

Requested by

Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
baggage: sentry-environment=production,sentry-release=2024-06-19-6f5d7cbd,sentry-public_key=2d24c064c01aa2e829cb62d5db063b91,sentry-trace_id=03725e4c5cf6482c990642a426e4616f,sentry-sample_rate=0.75,sentry-transaction=%2F404,sentry-sampled=true
sentry-trace: 03725e4c5cf6482c990642a426e4616f-a676793c5557f0b9-1
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://burda.user.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8964fa9e6df03a94-FRA

GET
H3 200 favicon-32x32.png
burda.user.com/v2/ 970 B
1 KB 85ms
85ms Other
image/png 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://burda.user.com/v2/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 08:56:08 GMT
server: cloudflare
etag: "66729d28-3ca"
vary: Accept-Encoding
content-type: image/png
ue-backend: usertenant
ue-node: usertenant1
accept-ranges: bytes
cf-ray: 8964fa9e6df33a94-FRA
content-length: 970
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
burda.user.com/v2/ 2 KB
0 0ms
0ms Fetch
text/html 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://burda.user.com/v2/?version=1
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca0d05ea66295fb7373bb22c3e848990ba00564fa639a4cfce8250e8a91540a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 19 Jun 2024 08:56:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
ue-backend: usertenant
ue-node: usertenant4
cf-ray: 8964fa9c5ae63a94-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 /
burda.user.com/api/v3/logout/ 58 B
263 B 54ms
53ms XHR
application/json 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://burda.user.com/api/v3/logout/

Requested by

Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%3B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
baggage: sentry-environment=production,sentry-release=2024-06-19-6f5d7cbd,sentry-public_key=2d24c064c01aa2e829cb62d5db063b91,sentry-trace_id=06164d3ce1894905aa670629efe1b7b2,sentry-sample_rate=0.75,sentry-transaction=logout,sentry-sampled=true
sentry-trace: 06164d3ce1894905aa670629efe1b7b2-93cd12b48d8251d4-1
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
vary: Cookie, Origin
allow: GET, HEAD, OPTIONS
content-type: application/json
ue-backend: tenants
x-frame-options: DENY
ue-node: apinode3
cf-ray: 8964fa9e7e193a94-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 /
sentry.user.com/api/42/envelope/ 2 B
229 B 35ms
35ms Fetch
application/json 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.user.com/api/42/envelope/?sentry_key=2d24c064c01aa2e829cb62d5db063b91&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.114.0
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
cf-ray: 8964fa9e7cf19201-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

POST
H3 200 /
sentry.user.com/api/42/envelope/ 2 B
229 B 37ms
37ms Fetch
application/json 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.user.com/api/42/envelope/?sentry_key=2d24c064c01aa2e829cb62d5db063b91&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.114.0
Requested by: Host: burda.user.com
URL: https://burda.user.com/v2/assets/sentry-C8SreLH5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://burda.user.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
cf-ray: 8964fa9e7cf49201-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H3 200 favicon-32x32.png
burda.user.com/v2/ 970 B
0 67ms
67ms Other
image/png 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://burda.user.com/v2/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://burda.user.com/v2/logout
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 08:56:08 GMT
server: cloudflare
etag: "66729d28-3ca"
vary: Accept-Encoding
content-type: image/png
ue-backend: usertenant
ue-node: usertenant1
accept-ranges: bytes
cf-ray: 8964fa9e6df33a94-FRA
content-length: 970
alt-svc: h3=":443"; ma=86400

GET
H3

200

Primary Request / Show response
app.user.com/accounts/login/
Redirect Chain

https://app.user.com/?next=https://burda.user.com/v2/y7ciiahxnf1r/YkdBZzj2y9qo5grx9D08b7Qpvx5/50767051/__%253B!!PMqkKg!NGMpVxJfR2S2_HG5IoM_6WEQdRzcK-U6FqZPAE30Yrkr4QlomgM04rYN2u1BqJ2cxgUTD2VJUBx8cQ$/
https://app.user.com/accounts/login/

8 KB
3 KB

92ms
92ms

Document
text/html

172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.user.com/accounts/login/

Requested by

Host: burda.user.com
URL: https://burda.user.com/v2/assets/index-D6w3KwHv.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

525c81d55933099cf83bc85d250c8712085b6e574a84f8f13362631d6b700d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
cf-cache-status: DYNAMIC
cf-ray: 8964faa0282c3a94-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 19 Jun 2024 16:43:36 GMT
expires: Wed, 19 Jun 2024 16:43:36 GMT
referrer-policy: same-origin
server: cloudflare
ue-backend: wsgi-register
ue-node: uwsgi-register6
vary: Cookie, Accept-Language, origin
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8964fa9f5f2b3a94-FRA
content-language: en-us
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 19 Jun 2024 16:43:36 GMT
location: /accounts/login/
referrer-policy: same-origin
server: cloudflare
ue-backend: wsgi-register
ue-node: uwsgi-register10
vary: Accept-Language, Cookie, origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 / Show response
app.user.com/jsi18n/ 3 KB
1 KB 70ms
70ms Script
text/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.user.com/jsi18n/

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25606f56d89470768333065f9f9d8efcfe9b46dadece2af3420f5b8f05c7da6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://app.user.com/accounts/login/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: DENY
vary: Accept-Language, Cookie, origin
content-language: en-us
content-type: text/javascript; charset="utf-8"
ue-backend: wsgi-register
ue-node: uwsgi-register3
cf-ray: 8964faa0c9403a94-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.c681fc982e8a0f8cffa2.css
register-static.user.com/static/bundles/ 792 KB
330 KB 72ms
56ms Stylesheet
text/css 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/bundles/main.c681fc982e8a0f8cffa2.css
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ef629211f79c3de01794cf294dd988b6ab7bf7a8c7c3d58e3f24440038531b2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: V7PYMBW5DJE7YD1F
age: 44933
cf-polished: origSize=923898
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ZlImi7LIN0urY8JaGUT3bOxZChjWDl0PBxUQlXRjJnYOMlVU2t0p6LtvenrQR+yC6483fjiyMY4FQGaELJL2frjZgfDYIN62geP6/iXSyLM=
cf-bgj: minify
last-modified: Wed, 12 Jun 2024 05:53:16 GMT
server: cloudflare
etag: W/"4a5449e2ee2834089b79fed0961f9496"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=432000
cf-ray: 8964faa0e9613a94-FRA

GET
H3

200

widget.js Show response
widget.user.com/
Redirect Chain

https://support.user.com/widget.js
https://widget.user.com/widget.js

149 KB
0

0ms
0ms

Script
application/javascript

172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget.js
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/
Protocol: H3
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77704139ceaad478f61a8822e965617aa7bcb286251d0b5baa0ad9007736282f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Jun 2024 07:54:09 GMT
server: cloudflare
x-amz-request-id: 7PQ1V9HK0RNWB170
age: 217
etag: W/"b630c9c08aaaa3caad689be2d91c7472"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8964fa9b08fc3a94-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: aQ5gvka7w5A9cY7MXDjU9fk6nH1iFKrVJ8I+uJJIrApgQiX41eDcX6aD+wfiMsitaB9ZezQ/53AsTp2EfzqyLQ==

Redirect headers

date: Wed, 19 Jun 2024 16:43:36 GMT
cf-cache-status: HIT
server: cloudflare
age: 37903
vary: Accept-Encoding
location: https://widget.user.com/widget.js
cache-control: max-age=3600
cf-ray: 8964faa0c9423a94-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 register.92aed9cb853a27e9eaec.css
register-static.user.com/static/bundles/ 384 KB
266 KB 63ms
47ms Stylesheet
text/css 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/bundles/register.92aed9cb853a27e9eaec.css
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a17dbb8eaac0ee5dfc23e1ab58b100062c8a791a134701945a858e0a98b03b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 18J2HPHZRBFQ5CNK
age: 33855
cf-polished: origSize=403722
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xm8NwWzpegp8/k0nVPF4jF1DJhN5v9ODgkC/TY0i2vHqgdB9uGWK5e4aqBv2KyXfVVH0ZaSmdBY=
cf-bgj: minify
last-modified: Wed, 12 Jun 2024 05:53:16 GMT
server: cloudflare
etag: W/"bdc9b32bf30edfa72aa28fb23151febd"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=432000
cf-ray: 8964faa0e9663a94-FRA

GET
H3 200 logo-black-normal.svg
register-static.user.com/static/img/usercom/ 6 KB
2 KB 89ms
74ms Image
image/svg+xml 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register-static.user.com/static/img/usercom/logo-black-normal.svg
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1fd38fc3eedf82b1a61a1225d6469833f5a2775db377bf69d8b77e47e8c7250

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Feb 2022 07:35:57 GMT
server: cloudflare
x-amz-request-id: 18JBDKEEB7FNF6TF
age: 17381
etag: W/"3338f831a349558bc7d70acf65ae8b44"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=432000
cf-ray: 8964faa0e9633a94-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 8ADKDEjSrqP9piREEvIqA7bd9Apme61iD3HUMvVgYB0niPKZJ+Z4QwKa6EFuySvWjAAmMwCKPT8=

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
974 B 19ms
19ms Script
text/javascript 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f4.1e100.net

Software

GSE /

Resource Hash

fbd9b29117eabcc3309b0b9955005321138d9c23d707e6ec3ec80237d681ef52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 19 Jun 2024 16:43:36 GMT

GET
H3 200 gogle-register%402x.png
register-static.user.com/static/img/brands/google/ 508 B
890 B 36ms
34ms Image
image/webp 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register-static.user.com/static/img/brands/google/gogle-register%402x.png
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b57b6466c0c6d8912655fe336614e3df0865c0d9fce6fe598bc5edf9a4868a4d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
cf-cache-status: HIT
x-amz-request-id: 5J899QJ0QN3BYABK
age: 21629
cf-polished: origFmt=png, origSize=7446
content-disposition: inline; filename="gogle-register%402x.webp"
alt-svc: h3=":443"; ma=86400
content-length: 508
x-amz-id-2: ERbdX7QJKnruCF1rG7gQ/rq038MIWeGohxpbRq7cQS8fbaNP4Uyx4mmGWiFlpjF4p+1bSNddLII=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 01 Feb 2022 07:35:57 GMT
server: cloudflare
etag: "b6f49555c27bc50bde81836f4feb1155"
vary: Accept
content-type: image/webp
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 8964faa0f9743a94-FRA

GET
H3 200 msft-register%402x.png
register-static.user.com/static/img/brands/microsoft/ 212 B
628 B 30ms
29ms Image
image/webp 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register-static.user.com/static/img/brands/microsoft/msft-register%402x.png
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b859cf506d1449e8552a3ed5943718d17cd83c1945432b6603c70c5951a5195b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
cf-cache-status: HIT
x-amz-request-id: VS6NCGWS3C5Q16Z5
age: 17381
cf-polished: origFmt=png, origSize=548
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="msft-register%402x.webp"
alt-svc: h3=":443"; ma=86400
content-length: 212
x-amz-id-2: tFB0dyNwb9HZvYE4L0zs2sc0ziYKgHKO7TAjMOfJmTRE8Pda3LLv7Xxz6pm7V1QVqZeSPmT98notn41PK+ustg==
cf-bgj: imgq:100,h2pri
last-modified: Wed, 14 Feb 2024 07:10:12 GMT
server: cloudflare
etag: "894ba14c9d92e3b13501ecad14974b14"
vary: Accept
content-type: image/webp
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 8964faa139cc3a94-FRA

GET
H3 200 main.fbaab6aed2d700bc7804.js Show response
register-static.user.com/static/bundles/ 452 KB
145 KB 40ms
39ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/bundles/main.fbaab6aed2d700bc7804.js
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d34e1e9eea965163cc2ac92861a0f59281ca59f525ce0d4611f58b3691e65f44

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: V7PWZGN8C7SP4YAJ
age: 35131
cf-polished: origSize=464464
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0PNX4nY8FFvq8fjTtVb2A7C/vlEBsCBW13OR62v6mOpGmLio7d1PohdYm+bRU8geHE0sm/cDISlEJ07nw7Qn5w==
cf-bgj: minify
last-modified: Wed, 12 Jun 2024 05:53:17 GMT
server: cloudflare
etag: W/"fb0519fdbb889ca0516ab7eb2860db8e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 8964faa16a343a94-FRA

GET
H3 200 register.545d6ca2e8b5dd45a457.js Show response
register-static.user.com/static/bundles/ 1 MB
423 KB 45ms
45ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/bundles/register.545d6ca2e8b5dd45a457.js
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bbe0a410465096e8fc4cd77af845f08b042bd6c079829ee039a5ee4ee1aa295

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: VS6G2S4W3SG93D83
age: 17381
cf-polished: origSize=1413404
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 8+Yxrhmw3HcxNn0Oo61K53vBgG9/mhroR1ku5qQs1FWQzJdXxnC+MX9sNrC5rBNfBDwA+qAWKRFoS5acu9UP9w==
cf-bgj: minify
last-modified: Wed, 12 Jun 2024 05:53:17 GMT
server: cloudflare
etag: W/"4efef7d68bbbdf4ac5342bed871a98f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 8964faa17a373a94-FRA

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
0 0ms
0ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://app.user.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8964fa9aeecea06a-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 404 KB
0 2ms
2ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9af31bba437bc8090ea66e088521ea240537666a9ebe6c2cc37e1ca4ffe21f4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
last-modified: Wed, 19 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 115447
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jun 2024 16:43:35 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/ 518 KB
206 KB 45ms
10ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d865eecf3e86c11ab224434aecb84384c87cd8e52f5f0d5fb2f9b5291eab8578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://app.user.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 13:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210217
x-xss-protection: 0
last-modified: Mon, 10 Jun 2024 16:44:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jun 2025 13:37:47 GMT

GET
H3 200 DMSans-Medium.woff2
register-static.user.com/static/fonts/dmsans/ 29 KB
30 KB 146ms
126ms Font
application/octet-stream 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/fonts/dmsans/DMSans-Medium.woff2
Requested by: Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.c681fc982e8a0f8cffa2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 087ad01ffaf62e7b8ecee1bd1e1ea770399c8fc82900d1e7db134e5baf825c0f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://register-static.user.com/static/bundles/main.c681fc982e8a0f8cffa2.css
Origin: https://app.user.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
cf-cache-status: HIT
x-amz-request-id: T342YMGNSS2ZWR2C
age: 21797
alt-svc: h3=":443"; ma=86400
content-length: 29880
x-amz-id-2: UZEhMsY6USRkepaEMTZ+BY2XUgr65EDxrwBkkh7+FlUXLysSbf+hr7cLK7/p2aWnxZ+yt+6qtos=
last-modified: Tue, 01 Feb 2022 07:35:56 GMT
server: cloudflare
etag: "d940ea16273447cce854f545842768fe"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 8964faa1b8dd3a6a-FRA

GET
H3 200 DMSans-Regular.woff2
register-static.user.com/static/fonts/dmsans/ 29 KB
30 KB 171ms
151ms Font
application/octet-stream 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/fonts/dmsans/DMSans-Regular.woff2
Requested by: Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.c681fc982e8a0f8cffa2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://register-static.user.com/static/bundles/main.c681fc982e8a0f8cffa2.css
Origin: https://app.user.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
cf-cache-status: HIT
x-amz-request-id: 5EHQGC811RWA0KR3
age: 21797
alt-svc: h3=":443"; ma=86400
content-length: 29948
x-amz-id-2: gtR8LlDba7ZGrvNa7uO3vSzuoQ1eJBiC8LymKFk1eLNKHV82saKui5Wm99fz2op9OYXbv9ZIo9E=
last-modified: Tue, 01 Feb 2022 07:35:56 GMT
server: cloudflare
etag: "7795a419ed60bbfac7070ea410eeae6a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 8964faa1b8df3a6a-FRA

GET
H3 200 fa-solid-900.woff2
register-static.user.com/static/fonts/ 63 KB
63 KB 179ms
160ms Font
application/octet-stream 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/fonts/fa-solid-900.woff2
Requested by: Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.c681fc982e8a0f8cffa2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://register-static.user.com/static/bundles/main.c681fc982e8a0f8cffa2.css
Origin: https://app.user.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
cf-cache-status: HIT
x-amz-request-id: T34EWRBMWJ6RG1XC
age: 21797
alt-svc: h3=":443"; ma=86400
content-length: 64428
x-amz-id-2: Rf0oaSoMkhtuqsmTweSj5fSNDEdd7XE9XRhkG0VlxX7zi4a1egeBexXsR6Q/DJKwftmpi7Le/TU=
last-modified: Tue, 01 Feb 2022 07:35:55 GMT
server: cloudflare
etag: "c4fc4e6d5fcf0af616e6cd6f884b72e9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 8964faa1b8e23a6a-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
0 0ms
0ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

421d8475aed2dcee9b1fba000b3f8850e2807b7a8c085d28c1875b509fb16b86

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102630
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jun 2024 16:43:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
0 1ms
1ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e71bcbfb0e533c2c2c7433855273cd42f87c4e787fe2ca874be246a4910a12b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99967
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jun 2024 16:43:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 3ms
3ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 868
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 19 Jun 2024 18:29:07 GMT

GET
H2 200 array.js Show response
app-analytics.user.com/static/ 117 KB
20 B 13ms
8ms Script
text/javascript 49.13.202.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app-analytics.user.com/static/array.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.202.2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.202.13.49.clients.your-server.de

Software

Caddy, Unit/1.31.1 /

Resource Hash

5080d7532ac9818b775f9b964c4f94fda41ad4366fc98e59d6e86cb3a23d6a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Wed, 24 Jan 2024 07:53:32 GMT
server: Caddy, Unit/1.31.1
etag: "65b0c1fc-1d321"
vary: Cookie
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=60, public
alt-svc: h3=":443"; ma=2592000
content-length: 119585

GET
H3 200 widget-app.14f9f1d4672eb06559c5.js Show response
widget.user.com/ 92 KB
0 0ms
0ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-app.14f9f1d4672eb06559c5.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 030f7fa22bba9e4834ce68ce502f78520d0c5eaee401d7ff5654de7dc6494086

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Jun 2024 07:54:09 GMT
server: cloudflare
x-amz-request-id: 6JHNH8X3QVTQK129
age: 1853
etag: W/"f294a3ea881ab4414e2e49f086355597"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8964fa9cbba23a94-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2kdXvnSBciAj0faSQEisqbml1ob7fWNYHBxvZrp1V8FJj8m2hx6+b952awOK+h8fCUF0wLNBfBaa8T5n/nRm/g==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 14ms
14ms XHR
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=703427828&t=pageview&_s=1&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F&ul=de-de&de=UTF-8&dt=User.com%20%7C%20Login%20-%20User.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QCCACEABBAAAACAEK~&jid=&gjid=&cid=668164711.1718815416&tid=UA-100960632-1&_gid=810479406.1718815416&_slc=1&gtm=45He46h0n815SBSNG9v76971330za200&cd12=&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&cd3=668164711.1718815416&npa=1&z=1547294324

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

372eb37a96c06d92d7b293623f3fdb3c0eb477d183865cd71433dbe8f00431a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 16:43:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
app-analytics.user.com/e/ 13 B
68 B 12ms
12ms XHR
application/json 49.13.202.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app-analytics.user.com/e/?ip=1&_=1718815416697&ver=1.101.0

Requested by

Host: app-analytics.user.com
URL: https://app-analytics.user.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.202.2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.202.13.49.clients.your-server.de

Software

Caddy, Unit/1.31.1 /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
server: Caddy, Unit/1.31.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://app.user.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
alt-svc: h3=":443"; ma=2592000

POST
H2 200 / Show response
app-analytics.user.com/decide/ 374 B
413 B 17ms
16ms XHR
application/json 49.13.202.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://app-analytics.user.com/decide/?v=3&ip=1&_=1718815416697&ver=1.101.0

Requested by

Host: app-analytics.user.com
URL: https://app-analytics.user.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

49.13.202.2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.202.13.49.clients.your-server.de

Software

Caddy, Unit/1.31.1 /

Resource Hash

b7b52d0d52c69620247edc1f169666223d3c872dcc15c3acb87012f8606cc6cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
referrer-policy: same-origin
x-content-type-options: nosniff
server: Caddy, Unit/1.31.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://app.user.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
alt-svc: h3=":443"; ma=2592000

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame CED9 0
0 47ms
34ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=invisible&cb=jtklc9clag1d

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dNobNPl4uby-gcJ-YEJ90Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dNobNPl4uby-gcJ-YEJ90Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jun 2024 16:43:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 4840 0
0 32ms
20ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=TqxSU0dsOd2Q9IbI7CpFnJLD&size=normal&cb=kyvh7p8lxuy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TqxSU0dsOd2Q9IbI7CpFnJLD/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_xP5IFDVw1jAuRXbACz-pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_xP5IFDVw1jAuRXbACz-pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jun 2024 16:43:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 15ms
15ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2065MFPQH5&gtm=45je46h0v876245972z876971330za200zb76971330&_p=1718815416454&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=668164711.1718815416&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718815415&sct=1&seg=1&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F&dt=User.com%20%7C%20Login%20-%20User.com&en=page_view&tfd=619&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 16:43:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 15ms
15ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P39TDMK54G&gtm=45je46h0v883336927z876971330za200zb76971330&_p=1718815416454&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=668164711.1718815416&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718815415&sct=1&seg=1&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F&dt=User.com%20%7C%20Login%20-%20User.com&en=page_view&tfd=621&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 16:43:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 299 KB
0 0ms
0ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X19GWGFGFC&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b9257a56100043c12ef26d1d74de17c214f31cb662d91ebf9d91c645a9a720d6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100038
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jun 2024 16:43:35 GMT

GET
H3 200 widget-actionsStore.14f9f1d4672eb06559c5.js Show response
widget.user.com/ 5 KB
0 1ms
1ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-actionsStore.14f9f1d4672eb06559c5.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Jun 2024 07:54:09 GMT
server: cloudflare
x-amz-request-id: ZJGKEDBV37N7WW50
age: 1898
etag: W/"0d051876f932526893b9cf6305e9ce28"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8964fa9d2c5a3a94-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iuARH1wxf3YZVjGNL/FA9z2U1YdcTPoAJkoZ+OiV7AoiaC3c9SdMlC/5i2zqw1to9h6r1QsKY2A=

POST
H3 200 / Show response
support.user.com/api/v2/user-chatping/ 5 KB
2 KB 176ms
175ms Fetch
application/json 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.user.com/api/v2/user-chatping/

Requested by

Host: support.user.com
URL: https://support.user.com/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

631c5a37d1bfb7512d02c3a3d69ff70e6d35fe3bddb5621310ac423a4c74de77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ue-backend: tenants
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
vary: Cookie, Origin
allow: POST, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: https://app.user.com
access-control-allow-credentials: true
ue-node: apinode44
cf-ray: 8964faa39d773a94-FRA

OPTIONS
H3 200 /
support.user.com/api/v2/user-chatping/ Frame 0
0 113ms
112ms Preflight
text/html 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.user.com/api/v2/user-chatping/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://app.user.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://app.user.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8964faa2ea733a6a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 19 Jun 2024 16:43:36 GMT
server: cloudflare
ue-backend: tenants
ue-node: apinode1
vary: Origin

POST
H3 204 rum Show response
app.user.com/cdn-cgi/ 0
140 B 17ms
17ms XHR
text/plain 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.user.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://app.user.com/accounts/login/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://app.user.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8964faa3ee0c3a94-FRA

GET
H3 200 favicon.ico
register-static.user.com/static/img/favicon/ 1 KB
716 B 24ms
23ms Other
image/vnd.microsoft.icon 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/img/favicon/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0361a928acd5b35b5cffb34286ff6d71c132fdc0d4b33c22d94419bd8f7cb786

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Feb 2022 07:35:59 GMT
server: cloudflare
x-amz-request-id: M69X08RC109BWZJ6
age: 21622
etag: W/"4838288cccb7029ebc9d4bb058ca28d4"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
cache-control: max-age=432000
cf-ray: 8964faa3ee103a94-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: DOSoixjwtXZGPJugQR27P/W6EK4QPtETp4wC/hiCjnkgQXD4++fZqNZJp0KO5V94CD254oTy4T9jo3TIEjuDZXB9TB2egkx89i7L8BYyYDw=

GET
H3 200 favicon-32x32.png
register-static.user.com/static/img/favicon/ 562 B
965 B 21ms
21ms Other
image/webp 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/img/favicon/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53bcf7741fb5ff7ead61449060f8ebb72026151f24fb1d09bad8604ea1e3536a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:36 GMT
cf-cache-status: HIT
x-amz-request-id: AVSXZD1H4NM8PWA6
age: 17377
cf-polished: origFmt=png, origSize=1680
content-disposition: inline; filename="favicon-32x32.webp"
alt-svc: h3=":443"; ma=86400
content-length: 562
x-amz-id-2: GjB/EZYburbRdLl2pikYE0bqDk5vl2Sar/adih6jKxt78/yTUbvJTLGf/LaSarytc7iowGNaZHI+4nnvVnHOFO+qItdXGtG+wGNV6BsOdGI=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 01 Feb 2022 07:36:00 GMT
server: cloudflare
etag: "dd99f0c31c031eedf31330af98748542"
vary: Accept
content-type: image/webp
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 8964faa41e433a94-FRA

POST
H3 200 / Show response
support.user.com/api/webpush/ 1 KB
792 B 61ms
61ms Fetch
application/json 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.user.com/api/webpush/

Requested by

Host: support.user.com
URL: https://support.user.com/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c518d4a6aa0478e851ceed03b160fe582f7f22bd92c74a44b8bd48188654b9b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ue-backend: tenants
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
vary: Cookie, Origin
allow: POST, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: https://app.user.com
access-control-allow-credentials: true
ue-node: apinode3
cf-ray: 8964faa50fbd3a94-FRA

GET
H3 200 widget-chatStore.14f9f1d4672eb06559c5.js Show response
widget.user.com/ 12 KB
4 KB 24ms
24ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-chatStore.14f9f1d4672eb06559c5.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45bccabe5b26fddab7f57ea4ba645fdad4dcf14ca7737f13f6c6d064fbb865ed

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Jun 2024 07:54:09 GMT
server: cloudflare
x-amz-request-id: VSQH30TE5TR3KG5S
age: 1843
etag: W/"bcffd715d3c9f7d67499c2550c07c36d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8964faa4bf4b3a94-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xnMlgxRXYPy6YPtLy6ZtF6vcfeS9s82pmfHF3shQJUtIiNLLeyFeYIW7gPK4KShhEhRG7D+AQXA=

GET
H3 200 widget-launcherModule.14f9f1d4672eb06559c5.js Show response
widget.user.com/ 12 KB
5 KB 26ms
26ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-launcherModule.14f9f1d4672eb06559c5.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90b4a05a42e37f0e9c9edb4f2f29a5e46ee6d04dd2ea7e4ca29565cb9346d4ae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Jun 2024 07:54:09 GMT
server: cloudflare
x-amz-request-id: ZW64QM9XAQYAFWP2
age: 1403
etag: W/"c910a153db19745fd01517e1bdb7c810"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8964faa4bf4f3a94-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5nkqZD1Xe5adH1wqQNrjosYFmQUZslA9BpB1V4Q4v8XqxGHUSKpFzBCeVKwxkVrLdcBkpSd6PYpv8p1tPt6/pmshfiBQzCMI4Uu5z9ITh3Q=

OPTIONS
H3 200 /
support.user.com/api/webpush/ Frame 0
0 51ms
51ms Preflight
text/html 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.user.com/api/webpush/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://app.user.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://app.user.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8964faa4bd503a6a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 19 Jun 2024 16:43:37 GMT
server: cloudflare
ue-backend: tenants
ue-node: apinode13
vary: Origin

GET
H3 200 Screenshot_20220720-102953_Instagram_iqIdW02.jpg
media.user.com/avatars/ Frame 0535 3 KB
3 KB 39ms
25ms Image
image/jpeg 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/avatars/Screenshot_20220720-102953_Instagram_iqIdW02.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c0d0b40ef7be46b2bb46c4f1bba328ff1bc6d41111d41b9018699d7977dc13

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:37 GMT
x-amz-version-id: KqQymXZhnrvIStCIv.8RdKAAMbbaT2tJ
cf-cache-status: HIT
x-amz-request-id: V7PV56Q4TYCSGJNT
age: 38332
cf-polished: origSize=2952
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 2760
x-amz-id-2: 2A5ne8MfcRZcHrJNC/JxJA1qnzayyJNGIKY3uiJCgZaQRpBJ6SjAz9pWohRjQo91MovLPlkUU1akBKBjx0jo0g==
cf-bgj: imgq:100,h2pri
last-modified: Fri, 22 Jul 2022 09:53:34 GMT
server: cloudflare
etag: "aeccb440cc9865c4b15c49d54cf4a125"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8964faa5683e3a94-FRA

GET
H3 200 widget-webpushModule.14f9f1d4672eb06559c5.js Show response
widget.user.com/ 13 KB
6 KB 25ms
25ms Script
application/javascript 172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-webpushModule.14f9f1d4672eb06559c5.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d026c377dae351eeb868de58af2e64ebf22c483dbc4121ee663ba5a04d5185a4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 16:43:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Jun 2024 07:54:09 GMT
server: cloudflare
x-amz-request-id: XHDTHWE4W8F5RTPS
age: 4776
etag: W/"22b76e545f75ad49b323f37e3da5f6d0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8964faa588623a94-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pj1LHdTr1fygLHuujDnfzgPPS1V81Vmw5eMX9h7YmkXaMvsU48inbVHtNVEBInOyzQas3mrnkUloVfW7Q9YC34QQn9T6Cs63LTB0UMGGm/U=

GET
H3

200

user-logo-square-1.jpg
media.user.com/uploads/1t1nnm-userengage-support/
Redirect Chain

https://eu.user.com/media/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg

8 KB
8 KB

54ms
54ms

Image
image/jpeg

172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
Protocol: H3
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 835bd339a94d1155e76137e9ba606f587a1c04f70311b7331df0b83937c5d973

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 19 Jun 2024 16:43:37 GMT
x-amz-version-id: null
cf-cache-status: REVALIDATED
x-amz-request-id: 1AANGFD1GSERVW1H
cf-polished: origSize=9717
alt-svc: h3=":443"; ma=86400
content-length: 8284
x-amz-id-2: AbhjPRVUKQBoFq7n3YOB4+frNuWuyawgZlDlrNz/oIAFWDJGkhjncTmi6PqhesY2zVzqHGeBWsA=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 18 Nov 2021 07:50:38 GMT
server: cloudflare
etag: "559614145db411818f6ddab01cabcfb3"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8964faa679f73a94-FRA

Redirect headers

location: https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
content-length: 0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4e0138c8a6efc49d5aef63e7d71c139f09aa9a65b31111fc6e60f41e1fe2ead

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

ff4d00-0-0.png
media.user.com/old-media/uploads/6238/
Redirect Chain

https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png
https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png

70 B
455 B

29ms
29ms

Image
image/webp

172.67.38.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
Protocol: H3
Server: 172.67.38.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3685d91003825bb30d7c466ce88382cefee36e2253955b5a570f9a27b0ada0bd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 19 Jun 2024 16:43:38 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 14ES037MEMR4QMWS
age: 6954
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ff4d00-0-0.webp"
alt-svc: h3=":443"; ma=86400
content-length: 70
x-amz-id-2: LXkdChsdJpax4JTAtR9DuWS/fmQXmEs6wk53sUTZ3UIOWe2NF5Cmv6EZhovFjdbMW8pKBZyfIEQN/tcZiysy0g==
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Dec 2021 10:43:20 GMT
server: cloudflare
etag: "9591c410148e6883727c5339fd1c02cd"
vary: Accept
content-type: image/webp
accept-ranges: bytes
cf-ray: 8964fab08fcf3a94-FRA

Redirect headers

location: https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
content-length: 0

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.user.com/	1970-01-20 23:36:31	Name: _gcl_au Value: 1.1.1755563968.1718815416
.user.com/	1970-01-20 21:28:21	Name: _gid Value: GA1.2.810479406.1718815416
.user.com/	1970-01-20 21:26:55	Name: _gat_UA-100960632-1 Value: 1
app.user.com/	1970-01-20 21:47:05	Name: sessionid Value: wou093pqjuyl2j064eeo4qvu7ql05ror
app.user.com/	1970-01-21 06:11:05	Name: csrftoken Value: 0UKGbImK2FMXNVytKD1C4oRkCaRB8cd1
.user.com/	1970-01-21 07:02:55	Name: _ga Value: GA1.1.668164711.1718815416
.user.com/	1970-01-21 07:02:55	Name: _ga_2065MFPQH5 Value: GS1.1.1718815415.1.1.1718815416.0.0.0
.user.com/	1970-01-21 07:02:55	Name: _ga_P39TDMK54G Value: GS1.1.1718815415.1.1.1718815416.0.0.0
.user.com/	1970-01-21 07:02:55	Name: _ga_X19GWGFGFC Value: GS1.2.1718815415.1.1.1718815416.59.0.0
.user.com/	1970-01-21 07:02:55	Name: _ueuuid Value: Q5YoY9WT-DkVR7Ff
.user.com/	1970-01-21 06:12:31	Name: __ca__chat Value: kbpjzl0gtxat

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://burda.user.com/clients/api/v3/agent-groups/?active=true Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://burda.user.com/clients/api/v3/team-members/current_agent/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://burda.user.com/clients/api/v3/team-members/current_app/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://burda.user.com/api/v3/logout/ Message: Failed to load resource: the server responded with a status of 403 ()
recommendation	verbose	URL: https://app.user.com/accounts/login/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://app.user.com/accounts/login/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://register-static.user.com/static/bundles/register.545d6ca2e8b5dd45a457.js(Line 83) Message: WebSocket connection to 'wss://app.user.com/ws/notifier/' failed: Error during WebSocket handshake: Unexpected response code: 404

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-analytics.user.com
app.user.com
app.userengage.com
burda.user.com
eu.user.com
media.user.com
region1.analytics.google.com
region1.google-analytics.com
register-static.user.com
sentry.user.com
static.cloudflareinsights.com
stats.g.doubleclick.net
support.user.com
widget.user.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
142.250.185.110
142.250.186.40
172.67.38.130
2001:4860:4802:32::36
216.239.32.36
216.58.206.35
216.58.206.68
2606:4700::6810:4f49
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:400c:c06::9d
49.13.202.2
51.77.134.128
030f7fa22bba9e4834ce68ce502f78520d0c5eaee401d7ff5654de7dc6494086
0361a928acd5b35b5cffb34286ff6d71c132fdc0d4b33c22d94419bd8f7cb786
066a301357677534f08f06ae14a13f202b671dea3adb29a3b581a5b32431bf90
087ad01ffaf62e7b8ecee1bd1e1ea770399c8fc82900d1e7db134e5baf825c0f
1104a4c5b65090087151d72f6a94c3e8276076dbd6167cf14e9c9398ca882d4a
18c0d0b40ef7be46b2bb46c4f1bba328ff1bc6d41111d41b9018699d7977dc13
1d4a753075e9b63ae42e2ad2b1f12bded82b1780ae995afb6aaca8cf74d474c1
1ef629211f79c3de01794cf294dd988b6ab7bf7a8c7c3d58e3f24440038531b2
25606f56d89470768333065f9f9d8efcfe9b46dadece2af3420f5b8f05c7da6b
2bbca26273b10187582b2db74e1f83f7278874ce2f7d8cbe5a6bf9f4a0ac95b6
2bbe0a410465096e8fc4cd77af845f08b042bd6c079829ee039a5ee4ee1aa295
3685d91003825bb30d7c466ce88382cefee36e2253955b5a570f9a27b0ada0bd
372eb37a96c06d92d7b293623f3fdb3c0eb477d183865cd71433dbe8f00431a2
3b3527a4af4a7bdb95af65dfc565ded65feefaa2d000af4cadca670fffd302d5
421d8475aed2dcee9b1fba000b3f8850e2807b7a8c085d28c1875b509fb16b86
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45bccabe5b26fddab7f57ea4ba645fdad4dcf14ca7737f13f6c6d064fbb865ed
46a17dbb8eaac0ee5dfc23e1ab58b100062c8a791a134701945a858e0a98b03b
4e76f53ab3944fa6b24a671f438de2d4ea0ebc4a252cd8b4ae410c7626713e26
5080d7532ac9818b775f9b964c4f94fda41ad4366fc98e59d6e86cb3a23d6a16
525c81d55933099cf83bc85d250c8712085b6e574a84f8f13362631d6b700d46
53bcf7741fb5ff7ead61449060f8ebb72026151f24fb1d09bad8604ea1e3536a
631c5a37d1bfb7512d02c3a3d69ff70e6d35fe3bddb5621310ac423a4c74de77
77704139ceaad478f61a8822e965617aa7bcb286251d0b5baa0ad9007736282f
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
811150801cf81a07619bb2fefe78a813f702b17e54e540de16987c153b9b9b15
835bd339a94d1155e76137e9ba606f587a1c04f70311b7331df0b83937c5d973
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308
8989e559774bbc98dc37f114863687f7941f78723321942e2360b825ff24e977
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8e71bcbfb0e533c2c2c7433855273cd42f87c4e787fe2ca874be246a4910a12b
8ec5e3b4386d656415945b6e20b9eceb4cadf85baeca6211b5875b9fce1ceb2e
90b4a05a42e37f0e9c9edb4f2f29a5e46ee6d04dd2ea7e4ca29565cb9346d4ae
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d
a327d69088c6d807ab445af175657ee88f4da7a196e14f7ad507fb87d7cd81bd
a949eacb0cc55752feae34e4f58242c4a79270984bea194b1d0388bfe3b27600
b1fd38fc3eedf82b1a61a1225d6469833f5a2775db377bf69d8b77e47e8c7250
b57b6466c0c6d8912655fe336614e3df0865c0d9fce6fe598bc5edf9a4868a4d
b7b52d0d52c69620247edc1f169666223d3c872dcc15c3acb87012f8606cc6cb
b859cf506d1449e8552a3ed5943718d17cd83c1945432b6603c70c5951a5195b
b9257a56100043c12ef26d1d74de17c214f31cb662d91ebf9d91c645a9a720d6
bca0d05ea66295fb7373bb22c3e848990ba00564fa639a4cfce8250e8a91540a
c518d4a6aa0478e851ceed03b160fe582f7f22bd92c74a44b8bd48188654b9b3
d026c377dae351eeb868de58af2e64ebf22c483dbc4121ee663ba5a04d5185a4
d34e1e9eea965163cc2ac92861a0f59281ca59f525ce0d4611f58b3691e65f44
d865eecf3e86c11ab224434aecb84384c87cd8e52f5f0d5fb2f9b5291eab8578
dbff0849bc109eee7f9b7b1fe12e40fc8add21823b2f1fb600b37f620cbd7862
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e0138c8a6efc49d5aef63e7d71c139f09aa9a65b31111fc6e60f41e1fe2ead
e9af31bba437bc8090ea66e088521ea240537666a9ebe6c2cc37e1ca4ffe21f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbd9b29117eabcc3309b0b9955005321138d9c23d707e6ec3ec80237d681ef52
fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad

app.user.com Open in urlscan Pro 172.67.38.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

95 %HTTPS

43 %IPv6

9 Domains

19 Subdomains

14 IPs

4 Countries

3082 kBTransfer

10509 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.user.com Open in urlscan Pro
172.67.38.130 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

95 %
HTTPS

43 %
IPv6

9
Domains

19
Subdomains

14
IPs

4
Countries

3082 kB
Transfer

10509 kB
Size

11
Cookies

88 HTTP transactions
1 data transactions