up-mail.clicketcloud.com Open in urlscan Pro
46.30.203.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://uqr.to/1jin9
Effective URL:
http://up-mail.clicketcloud.com/?225605
Submission: On June 03 via automatic, source phishtank (June 3rd 2023, 9:50:44 pm UTC) — Scanned from DE

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 34 HTTP transactions. The main IP is 46.30.203.2, located in Epernon, France and belongs to OWENTIS-AS, FR. The main domain is up-mail.clicketcloud.com.

This is the only time up-mail.clicketcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	13.58.57.95 13.58.57.95	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c02::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 1	212.127.94.2 212.127.94.2	35179 (KORBANK-A...) (KORBANK-AS Korbank S. A.)
10	46.30.203.2 46.30.203.2	39444 (OWENTIS-AS) (OWENTIS-AS)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:3::b818:4d13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:3::b818:4d0c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a02:26f0:350... 2a02:26f0:3500:3::b818:4d08	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
34	12

2 13.58.57.95 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-57-95.us-east-2.compute.amazonaws.com

uqr.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.127.94.2 (Wroclaw, Poland) 1 redirects

ASN35179 (KORBANK-AS Korbank S. A., PL)
PTR: misha.static.ip.WRO.Korbank.PL

webb-link-ap.node.cloudlets.zone	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 46.30.203.2 (Epernon, France)

ASN39444 (OWENTIS-AS, FR)
PTR: ns1.clicketcloud.com

up-mail.clicketcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:3::b818:4d13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:3::b818:4d0c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.terra.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:3::b818:4d08 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	clicketcloud.com up-mail.clicketcloud.com	473 KB
9	trrsf.com s1.trrsf.com — Cisco Umbrella Rank: 371937 p1.trrsf.com — Cisco Umbrella Rank: 400871	67 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866	21 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5230	515 B
2	google.com www.google.com — Cisco Umbrella Rank: 3	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 111	413 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	124 KB
2	uqr.to 1 redirects uqr.to — Cisco Umbrella Rank: 341376	2 KB
1	terra.com.br www.terra.com.br — Cisco Umbrella Rank: 98230	3 KB
1	cloudlets.zone webb-link-ap.node.cloudlets.zone Failed	470 B
34	10

	Domain	Requested by
10	up-mail.clicketcloud.com	uqr.to up-mail.clicketcloud.com
8	s1.trrsf.com	up-mail.clicketcloud.com
3	www.google-analytics.com	www.googletagmanager.com uqr.to
2	www.google.de
2	www.google.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googletagmanager.com	uqr.to www.googletagmanager.com
2	uqr.to	1 redirects
1	p1.trrsf.com	up-mail.clicketcloud.com
1	www.terra.com.br	up-mail.clicketcloud.com
1	webb-link-ap.node.cloudlets.zone	uqr.to
1	region1.google-analytics.com	www.googletagmanager.com
34	12

This site contains no links.

Subject Issuer	Validity	Valid
uqr.to R3	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
terra.com.br DigiCert TLS RSA SHA256 2020 CA1	`2022-11-17` - `2023-11-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://up-mail.clicketcloud.com/?225605
Frame ID: F827C7F8C9FECEA145EF87A194A36660
Requests: 28 HTTP requests in this frame

Frame: http://up-mail.clicketcloud.com/index_files/normal_2.html
Frame ID: 8DBC3D453B892576AE7E7B9E28A7A458
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Terra Mail

Page URL History Show full URLs

http://uqr.to/1jin9 HTTP 301
https://uqr.to/1jin9 Page URL
https://webb-link-ap.node.cloudlets.zone/inf.php HTTP 302
http://up-mail.clicketcloud.com/?225605 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

34
Requests

44 %
HTTPS

75 %
IPv6

10
Domains

12
Subdomains

12
IPs

5
Countries

692 kB
Transfer

1174 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://uqr.to/1jin9 HTTP 301
https://uqr.to/1jin9 Page URL
https://webb-link-ap.node.cloudlets.zone/inf.php HTTP 302
http://up-mail.clicketcloud.com/?225605 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://uqr.to/1jin9 HTTP 301
https://uqr.to/1jin9

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

1jin9 Show response
uqr.to/
Redirect Chain

http://uqr.to/1jin9
https://uqr.to/1jin9

2 KB
2 KB

556ms
319ms

Document
text/html

13.58.57.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://uqr.to/1jin9

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.58.57.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-57-95.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

61e8c7aff048e4e7e2fb079c6904d438e4e8d2863b0fc9e07679ec963b8e9ba4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, private, max-age=2592000
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 809
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Jun 2023 21:50:38 GMT
Expires: Mon, 03 Jul 2023 21:50:38 GMT
Keep-Alive: timeout=5, max=500
Permissions-Policy: geolocation=self
Referrer-Policy: strict-origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 228
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 03 Jun 2023 21:50:37 GMT
Keep-Alive: timeout=5, max=500
Location: https://uqr.to/1jin9
Permissions-Policy: geolocation=self
Referrer-Policy: strict-origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 133 KB
50 KB 40ms
16ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl

Requested by

Host: uqr.to
URL: https://uqr.to/1jin9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34537e2e3af49277e994ecd33885eba64c592ba0c7cfa08509dcaa2ccd4b2263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 21:50:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50997
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Jun 2023 21:50:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 20:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4511
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 03 Jun 2023 22:35:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
74 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0DWYM481N5&l=uqtdl&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03065369b591168cdaea0fc4ad604fe29b6e83d0ca24c5759f19446df5272560

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 21:50:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75316
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 21:50:38 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
343 B 55ms
18ms XHR
text/plain 2a00:1450:400c:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-18982026-1&cid=1759774429.1685829039&jid=1059279937&gjid=2120962305&_gid=1473104472.1685829039&_u=YGBAgEABAAAAAEAAI~&z=1803134804

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://uqr.to/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Jun 2023 21:50:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uqr.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
70 B 51ms
19ms XHR
text/plain 2a00:1450:400c:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-18982026-3&cid=1759774429.1685829039&jid=333606192&gjid=1629519931&_gid=1473104472.1685829039&_u=YGDAgEABAAAAAEAAI~&z=1800717362

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://uqr.to/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Jun 2023 21:50:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uqr.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 8ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1078824702&t=pageview&_s=1&dl=https%3A%2F%2Fuqr.to%2F1jin9&ul=en-us&de=UTF-8&dt=QR%20code%2017&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAAI~&jid=1059279937&gjid=2120962305&cid=1759774429.1685829039&tid=UA-18982026-1&_gid=1473104472.1685829039&gtm=45He35v0n81NSZ7GSJ&cd1=1&cd2=1028507&z=85220138

Requested by

Host: uqr.to
URL: https://uqr.to/1jin9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 23:26:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80660
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 9ms
8ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1078824702&t=pageview&_s=1&dl=https%3A%2F%2Fuqr.to%2F1jin9&ul=en-us&de=UTF-8&dt=QR%20code%2017&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAEAAI~&jid=333606192&gjid=1629519931&cid=1759774429.1685829039&tid=UA-18982026-3&_gid=1473104472.1685829039&gtm=45He35v0n81NSZ7GSJ&cd1=1028507&cd2=%20-%20test&z=843107537

Requested by

Host: uqr.to
URL: https://uqr.to/1jin9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 23:26:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80660
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 81ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0DWYM481N5&gtm=45je35v0&_p=1078824702&cid=1759774429.1685829039&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685829038&sct=1&seg=0&dl=https%3A%2F%2Fuqr.to%2F1jin9&dt=QR%20code%2017&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DWYM481N5&l=uqtdl&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 21:50:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uqr.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET inf.php
webb-link-ap.node.cloudlets.zone/ 0
0

GET
H/1.1

200
OK

Primary Request / Show response
up-mail.clicketcloud.com/
Redirect Chain

https://webb-link-ap.node.cloudlets.zone/inf.php
http://up-mail.clicketcloud.com/?225605

176 KB
25 KB

91ms
42ms

Document
text/html

46.30.203.2
OWENTIS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://up-mail.clicketcloud.com/?225605

Requested by

Host: uqr.to
URL: https://uqr.to/1jin9

Protocol

HTTP/1.1

Server

46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns1.clicketcloud.com

Software

openresty /

Resource Hash

b7e09b6e519fc74b8bb71b1460963052be17dad84324a84accb28583a8ef1622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 24592
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: same-origin
Date: Sat, 03 Jun 2023 21:50:39 GMT
Permissions-Policy: geolocation=(self), payment=(self)
Referrer-Policy: strict-origin-when-cross-origin
Server: openresty
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Resolver-IP: 46.30.203.2 46.30.203.2
X-XSS-Protection: 1; mode=block;

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Sat, 03 Jun 2023 21:50:39 GMT
location: http://up-mail.clicketcloud.com/?225605
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
server: openresty
strict-transport-security: max-age=15811200
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-resolver-ip: 212.127.94.2
x-xss-protection: 1; mode=block;

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 57ms
32ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-1&cid=1759774429.1685829039&jid=1059279937&_u=YGBAgEABAAAAAEAAI~&z=1869664244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 21:50:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 45ms
20ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-1&cid=1759774429.1685829039&jid=1059279937&_u=YGBAgEABAAAAAEAAI~&z=1869664244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 21:50:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 56ms
31ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-3&cid=1759774429.1685829039&jid=333606192&_u=YGDAgEABAAAAAEAAI~&z=856792946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 21:50:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
21ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-3&cid=1759774429.1685829039&jid=333606192&_u=YGDAgEABAAAAAEAAI~&z=856792946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 21:50:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK core.css
up-mail.clicketcloud.com/index_files/ 24 KB
6 KB 34ms
34ms Stylesheet
text/css 46.30.203.2
OWENTIS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://up-mail.clicketcloud.com/index_files/core.css

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?225605

Protocol

HTTP/1.1

Server

46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns1.clicketcloud.com

Software

openresty /

Resource Hash

c50dab21cc8d77be54e50ac80c4449c32fcbaab32ca8e0bfbde67b366fd733b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/?225605
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 5624
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:36 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "60de-5fc461521cc00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.2, 46.30.203.2

GET
H/1.1 200
OK context2.css
up-mail.clicketcloud.com/index_files/ 24 KB
7 KB 65ms
36ms Stylesheet
text/css 46.30.203.2
OWENTIS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://up-mail.clicketcloud.com/index_files/context2.css

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?225605

Protocol

HTTP/1.1

Server

46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns1.clicketcloud.com

Software

openresty /

Resource Hash

a342613ee0097818cb1d7195811b84cce65d38b9b30850c844ce61f06935d8c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/?225605
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 5966
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:36 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "60d0-5fc461521cc00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.2, 46.30.203.2

GET
H/1.1 200
OK navbar.css
up-mail.clicketcloud.com/index_files/ 67 KB
11 KB 63ms
34ms Stylesheet
text/css 46.30.203.2
OWENTIS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://up-mail.clicketcloud.com/index_files/navbar.css

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?225605

Protocol

HTTP/1.1

Server

46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns1.clicketcloud.com

Software

openresty /

Resource Hash

5c5a9efd1aaf8622dba343cc8a028336cddb7fed5c8ec2b4c6df1b918006f333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/?225605
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 10720
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:36 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "10ccd-5fc461521cc00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.2, 46.30.203.2

GET
H/1.1 200
OK normal_2.html Show response
up-mail.clicketcloud.com/index_files/ Frame 8DBC 3 KB
2 KB 42ms
32ms Document
text/html 46.30.203.2
OWENTIS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://up-mail.clicketcloud.com/index_files/normal_2.html

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?225605

Protocol

HTTP/1.1

Server

46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns1.clicketcloud.com

Software

openresty /

Resource Hash

6c4ca36b34f5e1bbdde779c9fa7ea66c7ddbb5873b83f73f55b4df0e0f59e96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: http://up-mail.clicketcloud.com/?225605
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 848
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: same-origin
Date: Sat, 03 Jun 2023 21:50:39 GMT
ETag: "c51-5fc4744668400-gzip"
Last-Modified: Mon, 22 May 2023 12:18:24 GMT
Permissions-Policy: geolocation=(self), payment=(self)
Referrer-Policy: strict-origin-when-cross-origin
Server: openresty
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Resolver-IP: 46.30.203.2 46.30.203.2
X-XSS-Protection: 1; mode=block;

GET
H2 200 menu-white.svg
s1.trrsf.com/update-1684436071/fe/zaz-mod-icons/svg/essential/ 471 B
631 B 205ms
7ms Image
image/svg+xml 2a02:26f0:3500:3::b818:4d13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1684436071/fe/zaz-mod-icons/svg/essential/menu-white.svg
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?225605
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:3::b818:4d13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: abdfabd3bdc79d4892487c7a172e6081a2c240c50aa908799dea10f28eb7e428

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 21:50:39 GMT
content-encoding: gzip
x-cdnterra-cache-status: HIT
server-timing: ak_p; desc="1685829039689_389467923_468045201_49_735_7_16_219";dur=1
content-length: 232
last-modified: Tue, 24 Jan 2023 18:51:48 GMT
server: cloudflare-nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 terra-horizontal-branco.svg
www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/ 6 KB
3 KB 166ms
19ms Image
image/svg+xml 2a02:26f0:3500:3::b818:4d0c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/terra-horizontal-branco.svg

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?225605

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:3::b818:4d0c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-mt-cache: HIT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 21:50:39 GMT
x-cdnterra-cache-status: STALE
content-length: 2774
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK ttl-general.gif
s1.trrsf.com/terramail/capa/terra/_img/ 5 KB
5 KB 200ms
24ms Image
image/gif 2a02:26f0:3500:3::b818:4d08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s1.trrsf.com/terramail/capa/terra/_img/ttl-general.gif
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:3::b818:4d08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: cce5b207bafcac198b067c60c7899be700fc0780fa46b7d75773d0f360a45e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
Last-Modified: Fri, 06 Aug 2010 18:13:55 GMT
Server: cloudflare-nginx
X-CDNTerra-Cache-Status: MISS
Content-Type: image/gif
Cache-Control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4952

GET
H/1.1 200
OK klavika
p1.trrsf.com/image/ 2 KB
2 KB 436ms
260ms Image
image/gif 2a02:26f0:3500:3::b818:4d08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://p1.trrsf.com/image/klavika?c=sh&t=acesse%20seu%20terra%20mail
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:3::b818:4d08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 5b55292cb19be85439b763dd346ac0e0304ea5f90f244660e554d9384c50bda3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
Last-Modified: Wed, 31 May 2023 12:01:20 GMT
Server: cloudflare-nginx
Vary: Accept
X-CDNTerra-Cache-Status: HIT
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 2126
Expires: Tue, 31 May 2033 12:01:20 GMT

GET
H/1.1 200
OK btn-terramail_v2.gif
s1.trrsf.com/terramail/capa/terra/_img/ 5 KB
5 KB 192ms
18ms Image
image/gif 2a02:26f0:3500:3::b818:4d08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s1.trrsf.com/terramail/capa/terra/_img/btn-terramail_v2.gif
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:3::b818:4d08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 57425ffa63cfde72a41bfccb7102329aa38d2702abc780e494dc07e87e902a9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
Last-Modified: Fri, 06 Aug 2010 18:13:55 GMT
Server: cloudflare-nginx
X-CDNTerra-Cache-Status: MISS
Content-Type: image/gif
Cache-Control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4958

GET
H/1.1 200
OK ico-general.png
s1.trrsf.com/atm/3/core/_img/ 8 KB
8 KB 436ms
263ms Image
image/png 2a02:26f0:3500:3::b818:4d08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s1.trrsf.com/atm/3/core/_img/ico-general.png
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:3::b818:4d08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: bc03d253ae8bd556dae288f329158a063063e30afa0e8ea7ea13edec2063dd76

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
Last-Modified: Tue, 24 Jan 2023 18:50:45 GMT
Server: cloudflare-nginx
X-CDNTerra-Cache-Status: HIT
Content-Type: image/png
Cache-Control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8240

GET
H/1.1 200
OK txt-armazenamento-msg.jpg
s1.trrsf.com/terramail/capa/terra/_img/ 5 KB
5 KB 195ms
21ms Image
image/jpeg 2a02:26f0:3500:3::b818:4d08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s1.trrsf.com/terramail/capa/terra/_img/txt-armazenamento-msg.jpg
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:3::b818:4d08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: e5d85771b1d7819b5173f95fa79262187bfd076ffb273be015e774c747d4e112

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
Last-Modified: Fri, 06 Aug 2010 18:13:55 GMT
Server: cloudflare-nginx
X-CDNTerra-Cache-Status: MISS
Content-Type: image/jpeg
Cache-Control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5112

GET
H/1.1 200
OK opensans-semibold-webfont.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/semibold/ 10 KB
11 KB 198ms
25ms Font
application/octet-stream 2a02:26f0:3500:3::b818:4d08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.trrsf.com/fe/zaz-morph/fonts/opensans/semibold/opensans-semibold-webfont.woff2
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?225605
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:3::b818:4d08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618

Request headers

Referer: http://up-mail.clicketcloud.com/
Origin: http://up-mail.clicketcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
Last-Modified: Tue, 24 Jan 2023 18:51:56 GMT
Server: cloudflare-nginx
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-CDNTerra-Cache-Status: HIT
Cache-Control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Content-Length: 10404

GET
H/1.1 200
OK opensans-regular.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/ 18 KB
19 KB 200ms
27ms Font
application/octet-stream 2a02:26f0:3500:3::b818:4d08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.trrsf.com/fe/zaz-morph/fonts/opensans/opensans-regular.woff2
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?225605
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:3::b818:4d08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 513a6866e48ea8e16265464bf3f99aea0289c53007b57221dfd0dd5e64cb6985

Request headers

Referer: http://up-mail.clicketcloud.com/
Origin: http://up-mail.clicketcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
Last-Modified: Fri, 15 Oct 2021 15:07:21 GMT
Server: cloudflare-nginx
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-CDNTerra-Cache-Status: MISS
Cache-Control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Content-Length: 18708

GET
H/1.1 200
OK opensans-bold-webfont.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/bold/ 10 KB
11 KB 190ms
17ms Font
application/octet-stream 2a02:26f0:3500:3::b818:4d08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.trrsf.com/fe/zaz-morph/fonts/opensans/bold/opensans-bold-webfont.woff2
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?225605
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:3::b818:4d08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670

Request headers

Referer: http://up-mail.clicketcloud.com/
Origin: http://up-mail.clicketcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
Last-Modified: Fri, 15 Oct 2021 15:07:20 GMT
Server: cloudflare-nginx
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-CDNTerra-Cache-Status: HIT
Cache-Control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Content-Length: 10304

GET
H/1.1 200
OK 618x226-E-mail-Gigante.jpg
up-mail.clicketcloud.com/index_files/ Frame 8DBC 100 KB
100 KB 33ms
33ms Image
image/jpeg 46.30.203.2
OWENTIS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://up-mail.clicketcloud.com/index_files/618x226-E-mail-Gigante.jpg

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html

Protocol

HTTP/1.1

Server

46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns1.clicketcloud.com

Software

openresty /

Resource Hash

dd8f593e202f80b15b06b224ce8793dcd0cd40a290892ef9a4a6006d58a0bb38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 102128
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:32 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "18ef0-5fc4614e4c300"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.2, 46.30.203.2

GET
H/1.1 200
OK DS668_Pecas_Online_Interno_BN_618x226_B_V0_VP.jpg
up-mail.clicketcloud.com/index_files/ Frame 8DBC 72 KB
73 KB 34ms
33ms Image
image/jpeg 46.30.203.2
OWENTIS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://up-mail.clicketcloud.com/index_files/DS668_Pecas_Online_Interno_BN_618x226_B_V0_VP.jpg

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html

Protocol

HTTP/1.1

Server

46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns1.clicketcloud.com

Software

openresty /

Resource Hash

faa81bbe4fed04fbb1d13c3de548e096ad4597f004bdfb0b490e83a80877321b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 74169
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:34 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "121b9-5fc4615034780"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.2, 46.30.203.2

GET
H/1.1 200
OK DS749_Banner_Online_CURSOS_BN-618x226_v0_HL_new.jpg
up-mail.clicketcloud.com/index_files/ Frame 8DBC 53 KB
53 KB 35ms
34ms Image
image/jpeg 46.30.203.2
OWENTIS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://up-mail.clicketcloud.com/index_files/DS749_Banner_Online_CURSOS_BN-618x226_v0_HL_new.jpg

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html

Protocol

HTTP/1.1

Server

46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns1.clicketcloud.com

Software

openresty /

Resource Hash

c3ef10afe36e1b37a78c10ec71f1367094711470f38210a44bb9bb64a9333334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 53804
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:34 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "d22c-5fc4615034780"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.2, 46.30.203.2

GET
H/1.1 200
OK TER_601_Campanha_Loja_BN_618x226_V0_VP.jpg
up-mail.clicketcloud.com/index_files/ Frame 8DBC 72 KB
73 KB 34ms
33ms Image
image/jpeg 46.30.203.2
OWENTIS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://up-mail.clicketcloud.com/index_files/TER_601_Campanha_Loja_BN_618x226_V0_VP.jpg

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html

Protocol

HTTP/1.1

Server

46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns1.clicketcloud.com

Software

openresty /

Resource Hash

d386885215fb12d5b2b1d3f07a4691b5654476eae9fdb4ce2a29bba7d28d5462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 74125
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:34 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "1218d-5fc4615034780"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.2, 46.30.203.2

GET
H/1.1 200
OK DS749_Banner_Online_CONSTRUTOR_BN-618x226_v0_HL.jpg
up-mail.clicketcloud.com/index_files/ Frame 8DBC 122 KB
123 KB 63ms
35ms Image
image/jpeg 46.30.203.2
OWENTIS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://up-mail.clicketcloud.com/index_files/DS749_Banner_Online_CONSTRUTOR_BN-618x226_v0_HL.jpg

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html

Protocol

HTTP/1.1

Server

46.30.203.2 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns1.clicketcloud.com

Software

openresty /

Resource Hash

7c77a879c840d5056487ab9ee5ca13cc1c8aae2593f0a99674a4f12cce7890b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:39 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 125225
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:34 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "1e929-5fc4615034780"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.2, 46.30.203.2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: webb-link-ap.node.cloudlets.zone
URL: https://webb-link-ap.node.cloudlets.zone/inf.php

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
uqr.to/	1970-01-20 12:17:10	Name: stat_session2590245 Value: 80380f0a-9405-48dd-a4f9-f6b4761edfdb
uqr.to/	1970-01-20 13:00:21	Name: device_view Value: full
.uqr.to/	1970-01-20 12:18:35	Name: _gid Value: GA1.2.1473104472.1685829039
.uqr.to/	1970-01-20 12:17:09	Name: _dc_gtm_UA-18982026-1 Value: 1
.uqr.to/	1970-01-20 12:17:09	Name: _dc_gtm_UA-18982026-3 Value: 1
.uqr.to/	1970-01-20 21:53:09	Name: _ga_0DWYM481N5 Value: GS1.1.1685829038.1.0.1685829038.0.0.0
.uqr.to/	1970-01-20 21:53:09	Name: _ga Value: GA1.1.1759774429.1685829039
webb-link-ap.node.cloudlets.zone/	1969-12-31 23:59:59	Name: SRVGROUP Value: common
up-mail.clicketcloud.com/	1969-12-31 23:59:59	Name: SRVGROUP Value: common

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: http://up-mail.clicketcloud.com/?225605 Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	error	URL: http://up-mail.clicketcloud.com/index_files/normal_2.html Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

p1.trrsf.com
region1.google-analytics.com
s1.trrsf.com
stats.g.doubleclick.net
up-mail.clicketcloud.com
uqr.to
webb-link-ap.node.cloudlets.zone
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.terra.com.br
webb-link-ap.node.cloudlets.zone
13.58.57.95
2001:4860:4802:34::36
212.127.94.2
2a00:1450:4001:806::2004
2a00:1450:4001:811::200e
2a00:1450:4001:813::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c02::9a
2a02:26f0:3500:3::b818:4d08
2a02:26f0:3500:3::b818:4d0c
2a02:26f0:3500:3::b818:4d13
46.30.203.2
03065369b591168cdaea0fc4ad604fe29b6e83d0ca24c5759f19446df5272560
044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72
34537e2e3af49277e994ecd33885eba64c592ba0c7cfa08509dcaa2ccd4b2263
513a6866e48ea8e16265464bf3f99aea0289c53007b57221dfd0dd5e64cb6985
57425ffa63cfde72a41bfccb7102329aa38d2702abc780e494dc07e87e902a9e
5b55292cb19be85439b763dd346ac0e0304ea5f90f244660e554d9384c50bda3
5c5a9efd1aaf8622dba343cc8a028336cddb7fed5c8ec2b4c6df1b918006f333
61e8c7aff048e4e7e2fb079c6904d438e4e8d2863b0fc9e07679ec963b8e9ba4
6c4ca36b34f5e1bbdde779c9fa7ea66c7ddbb5873b83f73f55b4df0e0f59e96c
7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670
7c77a879c840d5056487ab9ee5ca13cc1c8aae2593f0a99674a4f12cce7890b9
83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618
a342613ee0097818cb1d7195811b84cce65d38b9b30850c844ce61f06935d8c5
abdfabd3bdc79d4892487c7a172e6081a2c240c50aa908799dea10f28eb7e428
b7e09b6e519fc74b8bb71b1460963052be17dad84324a84accb28583a8ef1622
bc03d253ae8bd556dae288f329158a063063e30afa0e8ea7ea13edec2063dd76
c3ef10afe36e1b37a78c10ec71f1367094711470f38210a44bb9bb64a9333334
c50dab21cc8d77be54e50ac80c4449c32fcbaab32ca8e0bfbde67b366fd733b4
cce5b207bafcac198b067c60c7899be700fc0780fa46b7d75773d0f360a45e9e
d386885215fb12d5b2b1d3f07a4691b5654476eae9fdb4ce2a29bba7d28d5462
dd8f593e202f80b15b06b224ce8793dcd0cd40a290892ef9a4a6006d58a0bb38
e5d85771b1d7819b5173f95fa79262187bfd076ffb273be015e774c747d4e112
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
faa81bbe4fed04fbb1d13c3de548e096ad4597f004bdfb0b490e83a80877321b

up-mail.clicketcloud.com Open in urlscan Pro 46.30.203.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

44 %HTTPS

75 %IPv6

10 Domains

12 Subdomains

12 IPs

5 Countries

692 kBTransfer

1174 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

up-mail.clicketcloud.com Open in urlscan Pro
46.30.203.2 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

44 %
HTTPS

75 %
IPv6

10
Domains

12
Subdomains

12
IPs

5
Countries

692 kB
Transfer

1174 kB
Size

9
Cookies

34 HTTP transactions
0 data transactions