urlscan.io logo urlscan.io
SecurityTrails logo

app.nihaocloud.com Open in urlscan Pro
34.251.212.134  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Submission: On June 05 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 40 HTTP transactions. The main IP is 34.251.212.134, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is app.nihaocloud.com.
TLS certificate: Issued by Amazon on April 4th 2020. Valid for: a year.
This is the only time app.nihaocloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 34.251.212.134 16509 (AMAZON-02)
8 104.18.72.113 13335 (CLOUDFLAR...)
1 104.18.74.113 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 104.16.53.111 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
40 9
16    34.251.212.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
app.nihaocloud.com
8    104.18.72.113 (United States)

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
1    104.18.74.113 (United States)

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
6    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
www.googletagservices.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)
nihaocloud.zendesk.com
2    2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
16 app.nihaocloud.com app.nihaocloud.com
8 static.zdassets.com app.nihaocloud.com
static.zdassets.com
4 pagead2.googlesyndication.com app.nihaocloud.com
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 nihaocloud.zendesk.com static.zdassets.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 ekr.zdassets.com static.zdassets.com
40 10

This site contains links to these domains. Also see Links.

Domain
l.linklyhq.com
Subject Issuer Validity Valid
*.nihaocloud.com
Amazon		 2020-04-04 -
2021-05-04		 a year crt.sh
*.zdassets.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-25 -
2021-05-31		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
nihaocloud.zendesk.com
CloudFlare Inc ECC CA-2		 2019-08-07 -
2020-08-06		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Frame ID: 8AA357AF305CE4F6DAC66EDC3F2AA0FF
Requests: 28 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.be28c5ff90f6fb7be0d2.js
Frame ID: A431CD1696FE013CCB1500B9E627637F
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200602/r20190131/zrt_lookup.html
Frame ID: 75BA8A215EA410F14B89272B3AA02E73
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2516758185474602&output=html&adk=1812271804&adf=3025194257&lmt=1591378583&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fapp.nihaocloud.com%2Ff%2Fbf42f08d8fd0429e8329%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1591378582952&bpp=11&bdt=8643&idt=46&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6888393590821&frm=20&pv=2&ga_vid=1104315312.1591378583&ga_sid=1591378583&ga_hid=751104463&ga_fc=0&iag=0&icsg=692207&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=547340899827457&pem=763&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=61
Frame ID: 9C4632BEB0E0451923CFF5617740169F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2516758185474602&output=html&h=159&slotname=7606215361&adk=2463190371&adf=2334248765&w=700&lmt=1591378583&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=700x159&url=https%3A%2F%2Fapp.nihaocloud.com%2Ff%2Fbf42f08d8fd0429e8329%2F&flash=0&fwrattr=false&wgl=1&adsid=NT&dt=1591378582964&bpp=3&bdt=8656&idt=53&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6888393590821&frm=20&pv=1&ga_vid=1104315312.1591378583&ga_sid=1591378583&ga_hid=751104463&ga_fc=0&iag=0&icsg=2789359&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=450&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=547340899827457&pem=763&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WiaqyVCTsp&p=https%3A//app.nihaocloud.com&dtd=59
Frame ID: ECC26EFE72BAFF66A727D2344E1E4A9D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: F87D59D377B956BBD9B692F6267CAAFB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

40
Requests

98 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

4798 kB
Transfer

6826 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.nihaocloud.com/f/bf42f08d8fd0429e8329/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4a2d724a0fc3ad6408bd686d096eb583142036701b2c59b4fc2086f45c7e4d5c

Request headers

:method
GET
:authority
app.nihaocloud.com
:scheme
https
:path
/f/bf42f08d8fd0429e8329/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 05 Jun 2020 17:36:14 GMT
content-type
text/html; charset=utf-8
set-cookie
AWSALB=cUMbsJQ7vrS+Imdisweaan81sc6xg29KwuUCIdsC5zvsJ5iPLWwhPc7XGasBhY+GryKgfqK/N1LwnzZb+7ZPFSjGS8pjPkCC4mof8m8e5zAJPObg8tjfgP3JuQxk; Expires=Fri, 12 Jun 2020 17:36:13 GMT; Path=/ AWSALBCORS=cUMbsJQ7vrS+Imdisweaan81sc6xg29KwuUCIdsC5zvsJ5iPLWwhPc7XGasBhY+GryKgfqK/N1LwnzZb+7ZPFSjGS8pjPkCC4mof8m8e5zAJPObg8tjfgP3JuQxk; Expires=Fri, 12 Jun 2020 17:36:13 GMT; Path=/; SameSite=None; Secure AWSALB=3pqUIxR7eyXXQJi5tlSksbzaEpRmEGtLH9S2A8p39sJElQJNefpDLeJVUB4leveRM2/QRlg/mMX1oatdHuNPE1fTWGOSfwGii9V/yd62iROnO2Ym2Nzz4sRxiktQ; Expires=Fri, 12 Jun 2020 17:36:14 GMT; Path=/ AWSALBCORS=3pqUIxR7eyXXQJi5tlSksbzaEpRmEGtLH9S2A8p39sJElQJNefpDLeJVUB4leveRM2/QRlg/mMX1oatdHuNPE1fTWGOSfwGii9V/yd62iROnO2Ym2Nzz4sRxiktQ; Expires=Fri, 12 Jun 2020 17:36:14 GMT; Path=/; SameSite=None sfcsrftoken=EwMWhUWeao4Z2GtLF6gXBDcuoBoANyMX1rlcwfgEVO2NkNcDn0gxy11Ndizn8YGH; expires=Fri, 04-Jun-2021 17:36:14 GMT; Max-Age=31449600; Path=/
server
nginx/1.14.0 (Ubuntu)
vary
Cookie, Accept-Language
content-language
en
x-server
nginx00101
content-encoding
gzip
x-srv
front_eu_ir_021
fontawesome-all.min.css
app.nihaocloud.com/media/fontawesome/css/ 		54 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/media/fontawesome/css/fontawesome-all.min.css
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:14 GMT
x-test
novhost
last-modified
Mon, 16 Mar 2020 19:47:04 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e6fd7b8-d747"
content-type
text/css
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
55111
seafile-ui.css
app.nihaocloud.com/media/css/ 		276 KB
278 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/media/css/seafile-ui.css
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6092029fecc148c5d2c3ec3c3e1d4a7f9fa47d655fbd1fb22ed22596816adc14

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:14 GMT
x-test
novhost
last-modified
Mon, 16 Mar 2020 19:47:04 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e6fd7b8-4516a"
content-type
text/css
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
282986
seahub_react.css
app.nihaocloud.com/media/css/ 		22 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/media/css/seahub_react.css?t=1398068110
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3cfee6f384e31b7880d886a4667540cc8ea2cd82cd350bf41131e0d26283b389

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:14 GMT
x-test
novhost
last-modified
Mon, 16 Mar 2020 19:47:04 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e6fd7b8-56d2"
content-type
text/css
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
22226
iconfont.css
app.nihaocloud.com/media/css/sf_font3/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/media/css/sf_font3/iconfont.css
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0deddd9ce47d67b4307730f51bc0da664c94adb122d9eb2fea5966fe0744793d

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:14 GMT
x-test
novhost
last-modified
Mon, 16 Mar 2020 19:47:04 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e6fd7b8-cbf"
content-type
text/css
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
3263
sharedFileViewPDF.a870c4327e7d.css
app.nihaocloud.com/media/assets/frontend/css/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/media/assets/frontend/css/sharedFileViewPDF.a870c4327e7d.css
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
57b07e516944dc9b61306050dd3cf39af0cfced002a7ee993d248bc068e35b47

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:14 GMT
x-test
novhost
last-modified
Mon, 16 Mar 2020 19:47:04 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e6fd7b8-18df"
content-type
text/css
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
6367
djangojs.js
app.nihaocloud.com/media/assets/scripts/i18n/en/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/media/assets/scripts/i18n/en/djangojs.js
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
06fb9a2428a5b30ab43095224c11aada44cdba4cac76c946fe5d43482f4ede5b

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:14 GMT
x-test
novhost
last-modified
Mon, 16 Mar 2020 19:47:04 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e6fd7b8-ce3"
content-type
application/javascript
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
3299
bundle.common.3bb5caf0712e.js
app.nihaocloud.com/media/assets/frontend/commons/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/media/assets/frontend/commons/bundle.common.3bb5caf0712e.js
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
eb6f39c18285d71d3a8f4e0238c977b64f3e70bfb72a141dcab5a2540627aede

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:14 GMT
x-test
novhost
last-modified
Mon, 16 Mar 2020 19:47:04 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e6fd7b8-1b149e"
content-type
application/javascript
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
1774750
sharedFileViewPDF.e6e57acc6236.js
app.nihaocloud.com/media/assets/frontend/js/ 		135 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/media/assets/frontend/js/sharedFileViewPDF.e6e57acc6236.js
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c3fe234d6033ae01c72296a633960515576fd98ec440ad79f80498fbdfdbc33a

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:14 GMT
x-test
novhost
last-modified
Thu, 26 Mar 2020 02:34:30 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e7c14b6-21d49"
content-type
application/javascript
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
138569
pdf.min.js
app.nihaocloud.com/media/js/pdf/ 		305 KB
307 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/media/js/pdf/pdf.min.js
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
728f5e8eeaac39b21a6b5241a4da5ad6f155c8483c5ce65392382f68e6f28c69

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:14 GMT
x-test
novhost
last-modified
Mon, 16 Mar 2020 19:47:04 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e6fd7b8-4c596"
content-type
application/javascript
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
312726
viewer.js
app.nihaocloud.com/media/js/pdf/ 		447 KB
449 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/media/js/pdf/viewer.js
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2a72ea6db3369f2bb8ab72735f509bcb35b19a2bbecc19a8614ddbf9af72a51c

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:14 GMT
x-test
novhost
last-modified
Mon, 16 Mar 2020 19:47:04 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e6fd7b8-6fc9c"
content-type
application/javascript
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
457884
asset_composer.js
static.zdassets.com/ekr/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js?key=91e1a6ed-adbf-489a-8a80-ab895596a1b2
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
42
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
69267A1FDED9E608
x-amz-id-2
O04GvN0MbEWAqMzypXd6kfzs9KR+YFoFCkDKkNCyKrkkD0GZ+px4xzxig3AZZ0NePa7wTfskfuU=
last-modified
Tue, 10 Mar 2020 23:13:51 GMT
server
cloudflare
etag
W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
sY6Zq5SXmxNkbgD1V_h8h9T.ZhWYQwC3
cf-request-id
0327271c9500009d3c78bf7200000001
cf-ray
59eba7a75b789d3c-AMS
91e1a6ed-adbf-489a-8a80-ab895596a1b2
ekr.zdassets.com/compose/ 		846 B
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/91e1a6ed-adbf-489a-8a80-ab895596a1b2
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js?key=91e1a6ed-adbf-489a-8a80-ab895596a1b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.74.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0024cd2787d1562c8f0da4c8815bb037a03d3d89f1f4fd9abe1a4c591be117d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:16 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
REVALIDATED
status
200, 200 OK
strict-transport-security
max-age=0
cf-request-id
0327271d610000d8e12f1c4200000001
x-request-id
bc199487-e469-4b02-ae57-971a9ecb5efe
x-runtime
0.002829
server
cloudflare
etag
W/"d0024cd2787d1562c8f0da4c8815bb03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
59eba7a89cb1d8e1-AMS
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		107 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/media/assets/frontend/js/sharedFileViewPDF.e6e57acc6236.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99ab0eebb36871648584bc57f1ccc7982547f169d9c5114465d30906f2b4dafe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
39620
x-xss-protection
0
server
cafe
etag
1902608338433394310
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Jun 2020 17:36:22 GMT
mylogo.png
app.nihaocloud.com/media/custom/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.nihaocloud.com/media/custom/mylogo.png
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
131532196aa7ed1b3297470718e88474f72b07b582c4908a23ddb1acdef09445

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:23 GMT
x-test
novhost
last-modified
Wed, 04 Mar 2020 02:52:14 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e5f17de-2cc2"
content-type
image/png
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
11458
locale.properties
app.nihaocloud.com/media/js/pdf/locale/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/media/js/pdf/locale/locale.properties
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/media/js/pdf/viewer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b7626527d7c6d3b2ed4f88055cfeb23eee5a1ce3fa760b12d5c24492e6e3c081

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:23 GMT
x-test
novhost
last-modified
Mon, 16 Mar 2020 19:47:04 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e6fd7b8-13f6"
content-type
application/octet-stream
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
5110
preload.be28c5ff90f6fb7be0d2.js
static.zdassets.com/web_widget/latest/ Frame A431 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/preload.be28c5ff90f6fb7be0d2.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js?key=91e1a6ed-adbf-489a-8a80-ab895596a1b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
240f7a4f16cdd4cf3132267227ee3d1e47e0bd1ddd6eef57ef18b257e6658cc9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:22 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
136347
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
71D0340F010E68EE
x-amz-id-2
RU5yoRXiQUX8NYgb91ndSjv6X7VXgwGz9+q8FplPrcdioi07ls5minz5nl2sCKVYS4FOE1Cq8eo=
last-modified
Thu, 04 Jun 2020 00:13:31 GMT
server
cloudflare
etag
W/"46f2d2664cd165f402834effc1b7b372"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Ec8aphxXayLPJY4Of.LV7aTqsj63VKZR
cf-request-id
03272735bf00009d3c788e8200000001
cf-ray
59eba7cf98b29d3c-AMS
expires
Fri, 04 Jun 2021 00:13:30 GMT
vendors~web_widget.f6abc628d27146bb56bd.chunk.js
static.zdassets.com/web_widget/latest/ Frame A431 		1 MB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/vendors~web_widget.f6abc628d27146bb56bd.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js?key=91e1a6ed-adbf-489a-8a80-ab895596a1b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a57074b9221b5f7e5aa30690d11a9aff053443c87b8b8b2bc42841414073eaf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:23 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
126
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
4C412163D10D5BD1
x-amz-id-2
8mt8TMlr0fbYrlPYDtNC21Bt0GZtsPY7y03b67Hd0ql+ct749BxvCO4XwljR6VjQMEoRb0+JtKM=
last-modified
Wed, 03 Jun 2020 04:22:50 GMT
server
cloudflare
etag
W/"b102e44afb808e119a50c14c4a9218fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
2nUVc6FaBPQzui_lHIbI0GUbjVms1WrF
cf-request-id
03272735c000009d3c788e9200000001
cf-ray
59eba7cf98b39d3c-AMS
expires
Thu, 03 Jun 2021 04:22:49 GMT
web_widget.c7932b82cf5c80ab3452.chunk.js
static.zdassets.com/web_widget/latest/ Frame A431 		831 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web_widget.c7932b82cf5c80ab3452.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js?key=91e1a6ed-adbf-489a-8a80-ab895596a1b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f23b6738c4eaa71f997234f58fbb272eef57795e3fa2cb93073830ea3164eab
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:22 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3853
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
641968423CBD6F10
x-amz-id-2
gKT9RVWH+iMt9kVH4s4lzmUic6VTXSnw+zgAml/NBYEqsZ/OLcdh2p2jKCGa55i3K2ZWOjIoYdk=
last-modified
Thu, 04 Jun 2020 00:13:33 GMT
server
cloudflare
etag
W/"083dd256e0d853ac8210bbad24038569"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
8DALBeGf.KxXKP.ohsnJY1um2WGNX7fB
cf-request-id
03272735c000009d3c788ea200000001
cf-ray
59eba7cf98b59d3c-AMS
expires
Fri, 04 Jun 2021 00:13:32 GMT
chat-sdk.8bec18ba6b375cdd85e2.chunk.js
static.zdassets.com/web_widget/latest/ Frame A431 		255 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/chat-sdk.8bec18ba6b375cdd85e2.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js?key=91e1a6ed-adbf-489a-8a80-ab895596a1b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e63ace57040569ef71ddec08c63bde0cdb1fb2d9e98027caaf84fa9258e7048
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:22 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3429985
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
FF3025C7B1F618C9
x-amz-id-2
ARbSxz7kYZISIMzrj7l7LblmtOv+0t+5UvgmYBhqovq+dBvLFG7SukzOkZu+EFVS3PajoBZAE+g=
last-modified
Fri, 24 Apr 2020 06:36:01 GMT
server
cloudflare
etag
W/"23243262e0659a5a9e138886779371e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
ZLJ4wrb4N.QqdO_sfLJrfvdZBfGl9OnX
cf-request-id
03272735c000009d3c788eb200000001
cf-ray
59eba7cf98b69d3c-AMS
expires
Sat, 24 Apr 2021 06:35:59 GMT
talk-sdk.7c47ccfd16f610af9419.chunk.js
static.zdassets.com/web_widget/latest/ Frame A431 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/talk-sdk.7c47ccfd16f610af9419.chunk.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js?key=91e1a6ed-adbf-489a-8a80-ab895596a1b2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c92f7682c59c5b7114bc128d96cf1e2cb6a1715b78a758416ae6945e94f257
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:22 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
9915295
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
5911AF3E7F2AEF4F
x-amz-id-2
8t5ol9dTgka2KNcbL3YiSm52wDA80Jz4ogHHwaqSDWlYaHSIV6JcJKdehbkdTudutGlyd9M3VhA=
last-modified
Tue, 11 Feb 2020 23:02:24 GMT
server
cloudflare
etag
W/"d4ff6abb6c9a8faed822b772d2bae2de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
EKjPLGKsuiLiHfexpyxMTeH26gcAiuWk
cf-request-id
03272735c000009d3c788ec200000001
cf-ray
59eba7cf98b79d3c-AMS
expires
Wed, 10 Feb 2021 23:02:22 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=app.nihaocloud.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Jun 2020 17:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=app.nihaocloud.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Jun 2020 17:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/ 		215 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0563e7f92c3564af0f9d4cfbce95ed0f34c6e7e0b4c04dd68e4b6628412c458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
82827
x-xss-protection
0
server
cafe
etag
4187836308712077645
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jun 2020 17:36:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200602/r20190131/ Frame 75BA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200602/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200602/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 03 Jun 2020 03:45:27 GMT
expires
Wed, 17 Jun 2020 03:45:27 GMT
content-type
text/html; charset=UTF-8
etag
17826495148367054107
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4284
x-xss-protection
0
cache-control
public, max-age=1209600
age
222655
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 9C46 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2516758185474602&output=html&adk=1812271804&adf=3025194257&lmt=1591378583&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fapp.nihaocloud.com%2Ff%2Fbf42f08d8fd0429e8329%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1591378582952&bpp=11&bdt=8643&idt=46&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6888393590821&frm=20&pv=2&ga_vid=1104315312.1591378583&ga_sid=1591378583&ga_hid=751104463&ga_fc=0&iag=0&icsg=692207&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=547340899827457&pem=763&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=61
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2516758185474602&output=html&adk=1812271804&adf=3025194257&lmt=1591378583&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fapp.nihaocloud.com%2Ff%2Fbf42f08d8fd0429e8329%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1591378582952&bpp=11&bdt=8643&idt=46&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6888393590821&frm=20&pv=2&ga_vid=1104315312.1591378583&ga_sid=1591378583&ga_hid=751104463&ga_fc=0&iag=0&icsg=692207&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=547340899827457&pem=763&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=61
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Jun 2020 17:36:23 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 05-Jun-2020 17:51:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Jun 2020 17:36:23 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2492982947ed2c294bc237854de7004eee0ff09cfd5a72137c1eac9cbe9b2118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591185012131054"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27695
x-xss-protection
0
expires
Fri, 05 Jun 2020 17:36:23 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame ECC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2516758185474602&output=html&h=159&slotname=7606215361&adk=2463190371&adf=2334248765&w=700&lmt=1591378583&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=700x159&url=https%3A%2F%2Fapp.nihaocloud.com%2Ff%2Fbf42f08d8fd0429e8329%2F&flash=0&fwrattr=false&wgl=1&adsid=NT&dt=1591378582964&bpp=3&bdt=8656&idt=53&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6888393590821&frm=20&pv=1&ga_vid=1104315312.1591378583&ga_sid=1591378583&ga_hid=751104463&ga_fc=0&iag=0&icsg=2789359&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=450&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=547340899827457&pem=763&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WiaqyVCTsp&p=https%3A//app.nihaocloud.com&dtd=59
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2516758185474602&output=html&h=159&slotname=7606215361&adk=2463190371&adf=2334248765&w=700&lmt=1591378583&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=700x159&url=https%3A%2F%2Fapp.nihaocloud.com%2Ff%2Fbf42f08d8fd0429e8329%2F&flash=0&fwrattr=false&wgl=1&adsid=NT&dt=1591378582964&bpp=3&bdt=8656&idt=53&shv=r20200602&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6888393590821&frm=20&pv=1&ga_vid=1104315312.1591378583&ga_sid=1591378583&ga_hid=751104463&ga_fc=0&iag=0&icsg=2789359&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=450&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=547340899827457&pem=763&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=WiaqyVCTsp&p=https%3A//app.nihaocloud.com&dtd=59
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Jun 2020 17:36:23 GMT
server
cafe
content-length
25475
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 05-Jun-2020 17:51:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Jun 2020 17:36:23 GMT
cache-control
private
config
nihaocloud.zendesk.com/embeddable/ 		825 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nihaocloud.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js?key=91e1a6ed-adbf-489a-8a80-ab895596a1b2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d080b3c38e1c2104b0fa06e35d47b0bcdced194006d71534d7210f3821534d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
status
200
vary
Origin, Accept-Encoding
cf-request-id
03272736ad0000c77147110200000001
x-request-id
59eba7d11e4dc771-IAD
x-runtime
0.001867
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server
embeddable-app-server-5c77d7f5bd-jtk9n
cf-ray
59eba7d11e4dc771-AMS
en-us.8c5bc8d78bd4a18e6a4b.js
static.zdassets.com/web_widget/latest/locales/ Frame A431 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/locales/en-us.8c5bc8d78bd4a18e6a4b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.f6abc628d27146bb56bd.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8836ca7738f5e1eaa19cc65e536c633016787f39b4e56e4f6bbb6f675842edc0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:23 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
667116
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
x-amz-request-id
B6F78362F6F0BD5B
x-amz-id-2
BtC9t3wiGTwfcTxOjiaHAvcNLD7S+rX5ihfmPBzykgi2If2lysJVL5BaZYtm5yX5sQcHWJtTGpo=
last-modified
Thu, 28 May 2020 12:40:56 GMT
server
cloudflare
etag
W/"8c5bc8d78bd4a18e6a4b2d35e2fbd8a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
VnPBuTWJJ9qnDtoQ3Zn6AC6UYOtiGSz_
cf-request-id
032727377500009d3c78902200000001
cf-ray
59eba7d259f79d3c-AMS
expires
Fri, 28 May 2021 12:40:55 GMT
embeddable_blip
nihaocloud.zendesk.com/ Frame A431 		0
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nihaocloud.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vYXBwLm5paGFvY2xvdWQuY29tL2YvYmY0MmYwOGQ4ZmQwNDI5ZTgzMjkvIiwidGltZSI6MTk3LCJsb2FkVGltZSI6NzkuNzE0OTk5OTk5ODUwOTksIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJOaWhhbyBDbG91ZCIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSwgdXNlci1zY2FsYWJsZT1ubyIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2V9LCJidWlkIjoiOTUxM2M2MmRlMzllMjY2MjEyZTQxZGVjMDFiNjM4MTUiLCJzdWlkIjoiZTcwZTE3NzU5MDc4MjViNGE4ZDBjYzNiZTM2ZDEzM2MiLCJ2ZXJzaW9uIjoiN2RkMjdhYzJmIiwidGltZXN0YW1wIjoiMjAyMC0wNi0wNVQxNzozNjoyMy41NzJaIiwidXJsIjoiaHR0cHM6Ly9hcHAubmloYW9jbG91ZC5jb20vZi9iZjQyZjA4ZDhmZDA0MjllODMyOS8ifQ%3D%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.f6abc628d27146bb56bd.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:23 GMT
cf-cache-status
MISS
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://app.nihaocloud.com
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
cf-ray
59eba7d39a7ac771-AMS
content-length
0
cf-request-id
032727383f0000c77147123200000001
viewer.properties
app.nihaocloud.com/media/js/pdf/locale/en-US/ 		11 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/media/js/pdf/locale/en-US/viewer.properties
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/media/js/pdf/viewer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bf756904f4b2832e736d3089f62fca7b9c61b2bfccf21467eca810cb531e7104

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:24 GMT
x-test
novhost
last-modified
Mon, 16 Mar 2020 19:47:04 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e6fd7b8-2a19"
content-type
application/octet-stream
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
10777
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200602&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
578b28723fb8de50529c49c8c7e7c80e98d219f44d8ca4eaf8e5fb1e7a7c4258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Jun 2020 17:36:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5570
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200602/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5456
x-xss-protection
0
expires
Fri, 05 Jun 2020 17:36:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame F87D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Fri, 05 Jun 2020 17:12:12 GMT
expires
Sat, 05 Jun 2021 17:12:12 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1451
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200602&jk=547340899827457&bg=!xcalxt5YTpLfGivBg_0CAAAAQ1IAAAAOmQF6IhYQHGM8ORm-TfdZyzf6Yu2lY9aeKhMObkkU_dnYWsamY_HhJzy4K5khWz9EhD-z5TnlpO_QmIDmcMY1JNHrsDeuc9O-fo6UypJSEM3l4l9-_yQUUY9UaOQSUhFoJlwRBNQi3HReqKDv5Es7waE8GXgQI6uzGmnYI-IWL0BJEX7nst0pHiJV-mIU9DapY7IXgGmRXd-noqoy25KlVv8iY1yIto1H62xP-oiqCty_MZHJPsWS22APxYT0aDjvoq1IyqTlgkYMbV_8-x_1XZBsnT1hl8Om2b9_Lmux__hL3H6xk5p0gpF8m1Cbzk6PtcL-KatBxMinTDHdaQFi1V2PTiMc9VvLvKidq_-Uvz0qie3_-08L0E63SGXc9b_-uI_tDRiXDwSjUqBTFQdmzITBZU22woDQKwzkLEQlSa_gl1VqgejcbC5q5kw5iMv9UUcd3D8kD6CdOCx7KtbgOG_r6vzf4zt71tn9M0iDAA1oemdcWQdTz434fbBx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jun 2020 17:36:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame A431 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 05 Jun 2020 17:36:24 GMT
cf-cache-status
DYNAMIC
x-amz-request-id
7ED53D0F8030F644
x-amz-server-side-encryption
AES256
cf-ray
59eba7d72c6f9d3c-AMS
status
206
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
4iCmwnnZNTmqnghUIPhnLnwQ9KV9AXMopnBHrkcmgUWoao74NC1Gb8/luFTQkRauBZpjHoxMQSA=
Content-Range
bytes 0-19697/19698
last-modified
Tue, 12 Feb 2019 01:07:53 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
x-amz-version-id
7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control
public, max-age=31536000
cf-request-id
0327273a7a00009d3c78927200000001
content-type
audio/mpeg; charset=utf-8
expires
Wed, 12 Feb 2020 01:07:52 GMT
pdf.worker.min.js
app.nihaocloud.com/media/js/pdf/ 		733 KB
735 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/media/js/pdf/pdf.worker.min.js
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/media/js/pdf/pdf.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0368b35ca6ff92e65883e77487b12d0cd0706ee9e43ba156b182352d7d10cab5

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:24 GMT
x-test
novhost
last-modified
Mon, 16 Mar 2020 19:47:04 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e6fd7b8-b72c1"
content-type
application/javascript
status
200
x-srv
front_eu_ir_021
accept-ranges
bytes
content-length
750273
VA%20Closing%20CD.pdf
app.nihaocloud.com/seafhttp/files/0eebd4ca-dda6-41b2-a8ac-9f5b147c7cfc/ 		319 KB
320 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.nihaocloud.com/seafhttp/files/0eebd4ca-dda6-41b2-a8ac-9f5b147c7cfc/VA%20Closing%20CD.pdf
Requested by
Host: app.nihaocloud.com
URL: https://app.nihaocloud.com/media/js/pdf/pdf.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.212.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-212-134.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2a8881e1c19e24b4ce53403f1e0ca2117ebc9139a5b325b9a53db1659d70a938
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.nihaocloud.com/f/bf42f08d8fd0429e8329/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:36:28 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jun 2020 17:36:28 GMT
server
nginx/1.14.0 (Ubuntu)
status
200
content-type
application/pdf
access-control-allow-origin
*
cache-control
max-age=3600
x-srv
front_eu_ir_021
content-disposition
inline;filename="VA%20Closing%20CD.pdf"
x-test
novhost
content-length
326745
4f36817e-767a-4731-85ef-5cfcee4ed1fe
https://app.nihaocloud.com/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://app.nihaocloud.com/4f36817e-767a-4731-85ef-5cfcee4ed1fe
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f261b8bc1ab972288a9853d4ccda32ba68eeb8b6dbeb17a43316ea9683824dc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
14627
Content-Type
image/jpeg

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| app object| django function| pluralidx function| gettext function| ngettext function| gettext_noop function| pgettext function| npgettext function| interpolate function| get_format function| zEmbed function| zE object| zEWebpackACJsonp function| setImmediate function| clearImmediate boolean| zEACLoaded function| webpackJsonp object| shared object| regeneratorRuntime object| adsbygoogle string| sf_file_url string| sf_pdfworkerjs_url string| sf_pdf_images_path boolean| _pdfjsCompatibilityChecked object| core object| pdfjsLib object| pdfjs-dist/build/pdf object| PDFViewerApplication function| PDFViewerApplicationOptions object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars boolean| _gfp_p_ number| google_lpabyc number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| $zopim object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUlE7n8L24hPpeENiVinP__BR5oyZ9nfWv3tnp5xZECy1a7MiUPxxdoeuMPm
app.nihaocloud.com/ Name: AWSALBCORS
Value: 97Voh+hBijgsroi5ikgL8a4pfropE7KLYF3F0G/mpxZnlONRxrFOGnx9ePKr9ytkKlSET9RDpobyl52JuRZBJ1whvNgUf8MG0MiHU5Lqj6fHSlE6cnsZ9DQWeboX
app.nihaocloud.com/ Name: AWSALB
Value: 97Voh+hBijgsroi5ikgL8a4pfropE7KLYF3F0G/mpxZnlONRxrFOGnx9ePKr9ytkKlSET9RDpobyl52JuRZBJ1whvNgUf8MG0MiHU5Lqj6fHSlE6cnsZ9DQWeboX
.nihaocloud.com/ Name: __zlcmid
Value: yYjBi605HOLt5W

1 Console Messages

Source Level URL
Text
console-api log URL: https://app.nihaocloud.com/media/js/pdf/viewer.js(Line 1294)
Message:
PDF 5566371fc43d89d782fab31e53541610 [1.5 SAMBox 2.1.19 / sejda.com (4.0.11)] (PDF.js: 2.0.943)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
app.nihaocloud.com
ekr.zdassets.com
googleads.g.doubleclick.net
nihaocloud.zendesk.com
pagead2.googlesyndication.com
static.zdassets.com
tpc.googlesyndication.com
www.googletagservices.com
104.16.53.111
104.18.72.113
104.18.74.113
2a00:1450:4001:808::2002
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:824::2002
34.251.212.134
0368b35ca6ff92e65883e77487b12d0cd0706ee9e43ba156b182352d7d10cab5
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06fb9a2428a5b30ab43095224c11aada44cdba4cac76c946fe5d43482f4ede5b
0deddd9ce47d67b4307730f51bc0da664c94adb122d9eb2fea5966fe0744793d
131532196aa7ed1b3297470718e88474f72b07b582c4908a23ddb1acdef09445
1e63ace57040569ef71ddec08c63bde0cdb1fb2d9e98027caaf84fa9258e7048
1f261b8bc1ab972288a9853d4ccda32ba68eeb8b6dbeb17a43316ea9683824dc
240f7a4f16cdd4cf3132267227ee3d1e47e0bd1ddd6eef57ef18b257e6658cc9
2492982947ed2c294bc237854de7004eee0ff09cfd5a72137c1eac9cbe9b2118
2a57074b9221b5f7e5aa30690d11a9aff053443c87b8b8b2bc42841414073eaf
2a72ea6db3369f2bb8ab72735f509bcb35b19a2bbecc19a8614ddbf9af72a51c
2a8881e1c19e24b4ce53403f1e0ca2117ebc9139a5b325b9a53db1659d70a938
3cfee6f384e31b7880d886a4667540cc8ea2cd82cd350bf41131e0d26283b389
3f23b6738c4eaa71f997234f58fbb272eef57795e3fa2cb93073830ea3164eab
4a2d724a0fc3ad6408bd686d096eb583142036701b2c59b4fc2086f45c7e4d5c
56c92f7682c59c5b7114bc128d96cf1e2cb6a1715b78a758416ae6945e94f257
578b28723fb8de50529c49c8c7e7c80e98d219f44d8ca4eaf8e5fb1e7a7c4258
57b07e516944dc9b61306050dd3cf39af0cfced002a7ee993d248bc068e35b47
6092029fecc148c5d2c3ec3c3e1d4a7f9fa47d655fbd1fb22ed22596816adc14
728f5e8eeaac39b21a6b5241a4da5ad6f155c8483c5ce65392382f68e6f28c69
8836ca7738f5e1eaa19cc65e536c633016787f39b4e56e4f6bbb6f675842edc0
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
99ab0eebb36871648584bc57f1ccc7982547f169d9c5114465d30906f2b4dafe
9d080b3c38e1c2104b0fa06e35d47b0bcdced194006d71534d7210f3821534d3
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
b7626527d7c6d3b2ed4f88055cfeb23eee5a1ce3fa760b12d5c24492e6e3c081
bf756904f4b2832e736d3089f62fca7b9c61b2bfccf21467eca810cb531e7104
c0563e7f92c3564af0f9d4cfbce95ed0f34c6e7e0b4c04dd68e4b6628412c458
c3fe234d6033ae01c72296a633960515576fd98ec440ad79f80498fbdfdbc33a
d0024cd2787d1562c8f0da4c8815bb037a03d3d89f1f4fd9abe1a4c591be117d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
eb6f39c18285d71d3a8f4e0238c977b64f3e70bfb72a141dcab5a2540627aede
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3