userscloud.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://userscloud.com/f376me3g9nuo
Submission: On August 24 via manual (August 24th 2023, 5:05:44 pm UTC) from US — Scanned from CH

Summary HTTP 72 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 14 domains to perform 72 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is userscloud.com.
TLS certificate: Issued by E1 on July 4th 2023. Valid for: 3 months.

This is the only time userscloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2011	15169 (GOOGLE) (GOOGLE)
6	172.64.166.32 172.64.166.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	18.65.39.90 18.65.39.90	16509 (AMAZON-02) (AMAZON-02)
4	104.21.82.102 104.21.82.102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:4001:80b::200d	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2600:9000:220... 2600:9000:2204:1400:3:9f90:340:21	16509 (AMAZON-02) (AMAZON-02)
1	108.138.7.129 108.138.7.129	16509 (AMAZON-02) (AMAZON-02)
72	19

13 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

userscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.166.32 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.65.39.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-90.ams1.r.cloudfront.net

rtoukfareputfe.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.82.102 (None, )

ASN13335 (CLOUDFLARENET, US)

ndwouldmeu.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200d (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2204:1400:3:9f90:340:21 (United States)

ASN16509 (AMAZON-02, US)

d30tme16wdjle5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-129.fra56.r.cloudfront.net

tureukworektob.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	google.com 4 redirects docs.google.com — Cisco Umbrella Rank: 170 apis.google.com — Cisco Umbrella Rank: 130 play.google.com — Cisco Umbrella Rank: 44 accounts.google.com — Cisco Umbrella Rank: 33	395 KB
13	userscloud.com userscloud.com	268 KB
6	rtoukfareputfe.info rtoukfareputfe.info	7 KB
6	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 36403	302 KB
4	ndwouldmeu.info ndwouldmeu.info	1 KB
3	cloudfront.net d30tme16wdjle5.cloudfront.net	2 KB
3	googleapis.com content.googleapis.com — Cisco Umbrella Rank: 2014	1 KB
3	gstatic.com www.gstatic.com ssl.gstatic.com	551 KB
1	tureukworektob.info tureukworektob.info — Cisco Umbrella Rank: 48029	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2412	244 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 675
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	89 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1024	7 KB
72	14

	Domain	Requested by
13	userscloud.com	userscloud.com static.cloudflareinsights.com
11	docs.google.com	userscloud.com docs.google.com www.gstatic.com
8	play.google.com	www.gstatic.com
6	accounts.google.com	4 redirects
6	rtoukfareputfe.info	userscloud.com
6	pogothere.xyz	userscloud.com
4	ndwouldmeu.info
4	apis.google.com	docs.google.com apis.google.com content.googleapis.com
3	d30tme16wdjle5.cloudfront.net	rtoukfareputfe.info
3	content.googleapis.com	apis.google.com
2	www.gstatic.com	docs.google.com
1	tureukworektob.info	userscloud.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.facebook.com
1	csp.withgoogle.com	userscloud.com
1	ssl.gstatic.com	www.gstatic.com
1	www.googletagmanager.com	userscloud.com
1	static.cloudflareinsights.com	userscloud.com
72	18

This site contains no links.

Subject Issuer	Validity	Valid
userscloud.com E1	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
rtoukfareputfe.info Amazon RSA 2048 M02	`2023-08-17` - `2024-09-15`	a year	crt.sh
ndwouldmeu.info GTS CA 1P5	`2023-08-17` - `2023-11-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-03` - `2023-09-01`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
tureukworektob.info Amazon RSA 2048 M03	`2023-08-17` - `2024-09-15`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://userscloud.com/f376me3g9nuo
Frame ID: 586023B326F79783495DFA3FF873297B
Requests: 33 HTTP requests in this frame

Frame: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
Frame ID: D1BF431D45238848982895A756D3371C
Requests: 24 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XCdl0Q1uUzA.O%2Fd%3D1%2Frs%3DAHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA%2Fm%3D__features__
Frame ID: 83E8A4C7B5D3DA5E7156F68A14AF3367
Requests: 6 HTTP requests in this frame

Frame: https://rtoukfareputfe.info/MWY5OTNQBFpUDFBbWx9GQwoEHAF3Qwt/VwJWTVRWAFBOXVldAwwXUF0JTF1VQwlXTR1fA00cAXdTam5hfjNVWkJyH3gJUnVWd3JeCA5cb2EIP1R3RXUMCQB8ZQpjc0l8C3pQB0EnfmBiehFSWnZbCU59AGAMdE5xSz9xfF9zNXgIUlxee3B3dxdcfHpHKFNvA2QhXlR5SD9pWklkVGl4Zl02enRBdRwICXpYDmNwSQEScHhUWCsKcwR4CE0BaQMebl9dXgFweFxANmp4BWA+QVB8ZVd7X3R7C1xsQxRUe10BYCpoYUtYL3p4eFQhY0BWWDxLYHRSHmxXHkFRWldHZCpAcF17N3wMfUszUH1nQVVjaApjAG5vBlQKc0tqdgJRfUpoC3ZQZXMAe39KVFdoUHxLEUpoa0kPdHpEeSxtCBYDJFt/aRRUe3RnCVF6QH4CBVdKWlULTQxWZBYPYGQIEWpXX1YFV01mYTJ0QXhzP1ddAWQ2bGECXQNhSWBQJV1IVnBAU0pcXxYEUFJAJXNeYQA/dn59dBVteA
Frame ID: FBFDEC5962530E9FBFFB3D34E219C8DF
Requests: 2 HTTP requests in this frame

Frame: https://rtoukfareputfe.info/d0RkRm8WJgcrUBZ5BmAaBShZY10xYVYAC0R0ECsKRnITIgUbIVFoDBsrESIJBSsKMkEZIRBjXTEiAQI9GSUwIQ0gMw8WLQA8AAdeJhQ3BxcvHCU2Ci8sNQE5ECMuBDkHdSIqOiABIhcLNREhIj4fMy4QOk4RIxAANhImcgsgIzYTLCFxMgcYBAIwBCYjAzIlOzQVJQ87JSgCBT1GJSF2CzUMIiopIBUDEjolFj0EBAAPNCEpPRM2dyQ1AVwjOiUeNQUtQgg8FzUvBlQ+CzUoAB8sMR0hFwMHcjwXNS8MCAM4NigqCywNKzYQORsFMCEtOBAlNiYhFkklNSEGVQIuEDAwAzo1BzN1WjkGVQQnNHRQFDkhLzUDXgAQJgA9EwYNFCI0LwwfKxAOAB4+LRwgKl8VHBMuLj8RCwMtNgIvAF4cBzAHAFJ2JgIpQgwnADY2EiIDLSEjKhA7NjQtFBguFDMXHxMVCDJKRQYwFwsmFhMyIDIsLhMsJmIONQAZNFkkXDoqBTcWGyFV
Frame ID: C61905A07382D1078D348F2B318F2A9D
Requests: 2 HTTP requests in this frame

Frame: https://rtoukfareputfe.info/YVNxeFYAMRIVaQBuE14jEz9MXWQndkM+MlJjBRUzUGUGHDwNNkRWNQ08BBwwEzwfDHgPNgVdZCcCEjA6UDY1KQInOwIdFRYCID0DNB4gLW8sBwYcASQkKCABBhE0NBIRZCI8FCkSFjFkJikoEDJRAhUtIRkcNz0EKQsdHwQnKzs+EwkGKT49NBUnEDEzFBYUEzkkNDEBGSc0PT4NETQqHwMXNyE0Ij88NgA0YyQ/MSs3OToDNAsgIWQ1FQUxEzQZOyAHWDc5EGYAF0EcADJjJC8HJwU9KgMKFikTOjAAQiIAMmMkKA4zZiEpAFEbPBQuKQA0ABE1BVwAMiM4MCEUMDsoPgdVAjYUbjsXJzodAjgnMwcNCjkqOhkbIjohAxYgPQA2FSc0GA1jNikUNDA0SRA3AEEtMDQBPCsRDRYjKT0KBDQ9DwcVMzoyIzkrOgInCjQgPVAUIDlnBAcaHDIjODAzECNmJzk+IwIiFhwnABoyASNjKx4XJAY3XjwSPB8IazgRPkAfUylHPjQiCjJMMg
Frame ID: 5B377D6C0E9729B51AE72BBD218C317B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Userscloud

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

93 %
HTTPS

78 %
IPv6

14
Domains

18
Subdomains

19
IPs

3
Countries

1624 kB
Transfer

4372 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AXo7B7XU642SGu6ghcdueQX5_Z2_qDNEHZw0Ruc7oKCk1qRdXQlDeClVBaNlNbR7jKgexiqXYb8TWw HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7X5sdsX0ldF-Pp336XnXMW0eBGPU8hMG2J-KAzLgQdH3SnyhtQeTPVtKKEUWhizxsBNYYwvnw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-452174764%3A1692896741406661

Request Chain 58

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXo7B7W1UgqlNnJOu6vGse4q9qHmWoKP-171gxFZMf2Aksay9YTx7zMV6MLJz9aWChlRwHKv_0d4hw HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7X-ApgcEYb1mSa-wV8VJ_VrEwD1zyl11q0LzhxAZvHyjK8Xol35Cw05GeZGVFzhAdvBLq8icw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1643455446%3A1692896741416005

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request f376me3g9nuo Show response
userscloud.com/ 461 KB
102 KB 260ms
203ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/f376me3g9nuo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f9f20114e54fed930627f7a17d6a0631969a5ad7829bca90d773d7fc5952a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fbd2e6c7ce54c44-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 24 Aug 2023 17:05:39 GMT
expires: Wed, 23 Aug 2023 17:05:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l98Bs0Y1zg9LEsagD3CNYUReZCyfSSRUM2xKT5l8mrf7%2Bc4erBHPiguVQqp1AiqE4%2FW4KLdIhGvrrhRROsdu5J%2BV6V1ZemNSjh4ZHEAwwi9MG331yuodpUV7ITvzXsDFI6lSWE6wV6URkmXa5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 font-awesome.min.css
userscloud.com/uc/vendor/ 23 KB
6 KB 29ms
28ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/f376me3g9nuo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1227146
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:50:50 GMT
server: cloudflare
etag: W/"5ff0965a-5c79"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fK5%2BUtMqYFeiNi6YcPsXFkYWdCtlvsZ5JjvHivZ0%2B0aFmbLz9AuFmFlQNJx3uN8FK9TQnQd1SfpbIzYNA4EOHlDRuiY1Vh8DKv64pik9H%2F0yQRl%2FI3J%2Bt17K9c7akF2lLChfz218j3QBPlc7xg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7fbd2e6dcec14c44-MXP
access-control-allow-headers: X-Requested-With
expires: Sat, 09 Sep 2023 12:13:12 GMT

GET
H2 200 bootstrap.css
userscloud.com/css/vendor/ 110 KB
20 KB 32ms
31ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/vendor/bootstrap.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/f376me3g9nuo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1227147
cf-polished: origSize=113031
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:12:22 GMT
server: cloudflare
etag: W/"591db9d6-1b987"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AX1OF6DcvysLJ394MJb7kKDSrvL4iFXEXsfIG5I9faxIppauz6uB4UBApRgyCx0IdNKav3w1CO4bq%2Feza%2BmppGv74QKuDw5qrUL7vJ318K6oka%2Bu0b8orcKdxH9ulS0aBvOIOU%2FRVOg8AOzKLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7fbd2e6dcec24c44-MXP
access-control-allow-headers: X-Requested-With
expires: Sat, 09 Sep 2023 12:13:12 GMT

GET
H2 200 essentials.css
userscloud.com/css/app/ 46 KB
8 KB 27ms
26ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/essentials.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/f376me3g9nuo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1227146
cf-polished: origSize=47095
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:13:10 GMT
server: cloudflare
etag: W/"591dba06-b7f7"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuwsHVWsgPU2xDagf9U0AHSHtKQwHIfFW5CVOJm%2FH%2BR0v9wSyi1zHBBg6NdF5KwerNIrc1MULP2GdBa2mehDFPV2L%2F4nP%2Bpazuk1GkEQFArq%2BKx%2Fx%2Bl3nrDCClbfIrOAMJZ6pmWVLBq4P2bkDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7fbd2e6dcec44c44-MXP
access-control-allow-headers: X-Requested-With
expires: Sat, 09 Sep 2023 12:13:13 GMT

GET
H2 200 layout.min.css
userscloud.com/css/app/ 6 KB
2 KB 30ms
29ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/layout.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/f376me3g9nuo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2267597
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:52:04 GMT
server: cloudflare
etag: W/"5ff096a4-17d9"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCOZJ%2BRttLRZVbwAAbR7y8UXOSxX2pl65kRYgM3vRuSVdgNqa%2BsNeVPCs1n470aiaysjuDRZUO4C8nas8XpIV49P8JPrELq1G2nbUIqmOaSNmPriHqpz7jEcBloka1v0KRZ%2BoLCPx5KijPNSxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7fbd2e6dcec64c44-MXP
access-control-allow-headers: X-Requested-With
expires: Mon, 28 Aug 2023 11:12:22 GMT

GET
H2 200 navbar.css
userscloud.com/css/app/ 21 KB
4 KB 43ms
43ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/navbar.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/f376me3g9nuo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1227146
cf-polished: origSize=21572
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 May 2017 15:14:54 GMT
server: cloudflare
etag: W/"591dba6e-5444"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOP7ct8c8xYLqcvM2nePUSdzts%2FD6B0ivMDpEBROa5H%2BYSl9u7J0MXqfn%2FkE9MV8%2BN8XlxQgAYQB2VDP%2BhB%2B9AuLNMc%2BI2ZJWOTT0M8cs%2BCJ9T6ty768wLU%2F88h3zOdrAZOHFqliGl3%2BOHD7JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7fbd2e6dcec74c44-MXP
access-control-allow-headers: X-Requested-With
expires: Sat, 09 Sep 2023 12:13:13 GMT

GET
H3 200 logo_s.jpg
userscloud.com/images/ 2 KB
2 KB 29ms
29ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://userscloud.com/images/logo_s.jpg
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/f376me3g9nuo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2275431
alt-svc: h3=":443"; ma=86400
content-length: 1624
last-modified: Thu, 17 Dec 2020 16:14:49 GMT
server: cloudflare
etag: "5fdb83f9-658"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpsVQ88sx9S1y1QlvxUIEWsQb8AS9qdYmrHFIYXLV%2FFgPPDL%2BWs2MTjnvsZtUmzyJaY9snfRt1whyqdaEwfUKc9mjj2KrjfojqsLxdaNePK7cc5dpp6ulJX8aXdY95dbCNaJBhZ4xVuyeqUMHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7fbd2e6e78ebbb29-MXP
access-control-allow-headers: X-Requested-With
priority: u=3,i
expires: Mon, 28 Aug 2023 09:01:48 GMT

GET
H2 200 gview Show response
docs.google.com/ Frame D1BF 9 KB
4 KB 550ms
401ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true

Requested by

Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f60010035f844f2f677b76465c6809ec1bf899c571fa6c6d9bfb4787ce04426a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cax7pw_mpWzas29_VDJj8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cax7pw_mpWzas29_VDJj8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
date: Thu, 24 Aug 2023 17:05:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rocket-loader.min.js Show response
userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 44ms
43ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/f376me3g9nuo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 16:25:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e38ff7-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6udI7FDRQ%2B29oQYxq9JCN20bFmnd1DD16mlBZzVPR51zTcGasb3jomuiLYyf59OaYMrSCfnZ0ignzn5UY%2F4ZsRW8q5lWt5%2FTdlYiQtvRej493hZ3UQ78NnYT5v4HXzN0Rgs2UooPuyMu6tiC4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7fbd2e6f8ac8bb29-MXP
expires: Sat, 26 Aug 2023 17:05:39 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 122ms
57ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://userscloud.com/
Origin: https://userscloud.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:39 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fbd2e6ffe904be1-MXP

GET
H3 200 fontawesome-webfont.woff2
userscloud.com/uc/fonts/ 55 KB
56 KB 61ms
61ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: userscloud.com
URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://userscloud.com/uc/vendor/font-awesome.min.css
Origin: https://userscloud.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2271174
alt-svc: h3=":443"; ma=86400
content-length: 56780
last-modified: Mon, 14 Dec 2020 20:14:38 GMT
server: cloudflare
etag: "5fd7c7ae-ddcc"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRH5cxnVXintU2xPFRqWj5j5XycGd1dqiLdJG6hMHOsfGS3X%2F2h0bzsQm2GbCV%2BUyHy8iCsX4W6yf%2FmMoYjRrPFBa9uo9i%2BQcuCFgnhTjCGROYC48ttWI8N5klVpwJBQO2U%2B6b0a0RHhtdScGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7fbd2e6f8acabb29-MXP
access-control-allow-headers: X-Requested-With
priority: u=0,i=?0
expires: Mon, 28 Aug 2023 10:12:45 GMT

GET
H3 200 jquery.nicescroll.js Show response
userscloud.com/assets/vendor/core/ 72 KB
19 KB 45ms
43ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/vendor/core/jquery.nicescroll.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc9042d6e57da51821acd007645a5269b176f61c9d35146966f971edba08396

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/f376me3g9nuo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 550309
cf-polished: origSize=115828
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 19 Jul 2023 07:57:30 GMT
server: cloudflare
etag: W/"64b7976a-1c474"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeOJmVs1O7WXs%2FmoxM0WNA8sXQNb5fxOS4pgGYlK9Up0gUhK5d4lfHbawbOS6kiJBSNTYawXNXj45EtA98nfYTb%2FdJUROjmps%2FdvHOeMcr3tZeyCNs4LuRaHemlRoZXdjf24%2Bn3K2CKprBLurQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7fbd2e6ffb8bbb29-MXP
access-control-allow-headers: X-Requested-With
priority: u=1,i=?0
expires: Sun, 17 Sep 2023 08:13:50 GMT

GET
H3 200 bootstrap.js Show response
userscloud.com/assets/vendor/core/ 45 KB
12 KB 51ms
50ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/vendor/core/bootstrap.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 567795e373535ee36eaa0805687b1ba40b46c192cba6c56d83767f320bf14c2c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/f376me3g9nuo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 550308
cf-polished: origSize=67546
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 19 Jul 2023 07:57:21 GMT
server: cloudflare
etag: W/"64b79761-107da"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBebJ6bGrqfj3%2B3BjWJUZSP6%2FzuPohu0WKF85%2FeNZvxu0uFTCnRhwciHpK398Fq6bypAICCGqV3%2F5oUl%2BxoP%2BH7Pm64%2F7SXjCxDuYCzcGBcoh62%2FZyFwTWMXhXWFE9X0%2Bvu1x935A53K5Js58w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7fbd2e6ffb8ebb29-MXP
access-control-allow-headers: X-Requested-With
priority: u=1,i=?0
expires: Sun, 17 Sep 2023 08:13:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 94ms
38ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M73M877RTL

Requested by

Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ddda7b6f718dfc927c5b9d838112ec5e19c6acdf7652e06a95859c0803f3160a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Aug 2023 17:05:39 GMT

GET
H3 200 jquery.min.js Show response
userscloud.com/assets/library/jquery/ 91 KB
33 KB 33ms
32ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/library/jquery/jquery.min.js?v=v2.0.0-rc8&sv=v0.0.1.2
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/f376me3g9nuo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1227256
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 25 May 2014 12:12:31 GMT
server: cloudflare
etag: W/"5381de2f-16b88"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkSinxbSbPEkzW6NfJrpppqmf41AUCQbEzCbB3gv8AvqBsNKHPfkAuHzLD1%2Fnax8WxX%2F0BLS6BvoPxNtJSo6u3a3kdG28FMxvxIGSbabTPyjjbociIRNfjC87EVGis48yd5meFgejN5tTMs0Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
cf-ray: 7fbd2e6ffb90bb29-MXP
access-control-allow-headers: X-Requested-With
priority: u=1,i=?0
expires: Sat, 09 Sep 2023 12:11:23 GMT

GET
H2 200 rs=AC2dHMLD-S54OcFwrV-XrjkhkUiY47fskg
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.55Ua9I0U0I0.L.W.O/d=0/ Frame D1BF 401 KB
51 KB 85ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.55Ua9I0U0I0.L.W.O/d=0/rs=AC2dHMLD-S54OcFwrV-XrjkhkUiY47fskg

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84e4533eed3bcf0e2282be9fa42e20ae67091638254404a5f820fde18cf21b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:02:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51170
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 00:59:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 17:02:09 GMT

GET
H2 204 thumb
docs.google.com/viewerng/ Frame D1BF 0
190 B 48ms
47ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.google.com/viewerng/thumb?ds=AON1mFxps8bKDKjaUfDfvSpZ4Wgctnmzk0SGvXYXdX2brbzfOy_8Ldav_imy8EWClq8c9_ibBSkRuj9dRK4uxUgCatON5vEQXCofTasxKoUf38vFlEjAWRlFn3mcan4msQCzEqEPK2ou864rpbcJ0kiOvWKlnAAecpSi_3xqdO6AAjPbA7Lr_TyHLlzk5l9dZluz_whVhqP2g9diyEoGlp7zi7f3G1DTwElB32KzdOpCC46nSnEN4jjtGKklcNNojI4U8_-614prWoD_OKVpjug5HJ93UjOqHywfEVJidEW3--gPQmFY0L9s6CUciU5EhtQwVsaRwLFJSDvihhwjVSnO6WNSX1jw2JTm6q3pEjAlWRstIYPSOpk%3D&ck=lantern&authuser&w=800&webp=true&p=proj

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PMPHP31VVor-dL7ltkgCPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-PMPHP31VVor-dL7ltkgCPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=main Show response
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.1QqQ2IELpAY.O/d=1/rs=AC2dHMI6XnI-d1Onru9DviRO2XauIBBy1g/ Frame D1BF 1 MB
452 KB 112ms
64ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.1QqQ2IELpAY.O/d=1/rs=AC2dHMI6XnI-d1Onru9DviRO2XauIBBy1g/m=main

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

600415a1cb67c50d9f4bc904089303e9a6fff2ffc70b66b889d3088e01e9d96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 462741
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 07:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 19:14:11 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ Frame D1BF 18 KB
7 KB 118ms
35ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fbea0b8376b137b18c59c9cff930d1aebc7816c9d8f5b29ede865e727e48fdc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Aug 2023 17:05:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7116
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "8a43e9987a8eef52"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 17:05:40 GMT

POST
H2 404 cspreport
docs.google.com/ Frame D1BF 141 B
346 B 162ms
150ms Other
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/cspreport

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8bJbr2l01IUbHItQ3xeNSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: script-src 'report-sample' 'nonce-8bJbr2l01IUbHItQ3xeNSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Aug 2023 17:05:40 GMT
server: GSE
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Thu, 24 Aug 2023 17:05:40 GMT

POST
H2 404 cspreport
docs.google.com/ Frame D1BF 141 B
665 B 157ms
148ms Other
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/cspreport

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1GImFgUssX8t0oweLgbXLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: script-src 'report-sample' 'nonce-1GImFgUssX8t0oweLgbXLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Aug 2023 17:05:40 GMT
server: GSE
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Thu, 24 Aug 2023 17:05:40 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 89ms
36ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 24 Aug 2023 17:05:40 GMT
expires: Thu, 24 Aug 2023 17:05:40 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 30ms
30ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 24 Aug 2023 17:05:40 GMT
expires: Thu, 24 Aug 2023 17:05:40 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XCdl0Q1uUzA.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA/ Frame D1BF 317 KB
109 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XCdl0Q1uUzA.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

349d5079a878757c9198b1c757f5fb68794dcd04b85019380298b25a2cd530ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 05:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110791
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 05:54:44 GMT

POST
H3 200 log Show response
play.google.com/ Frame D1BF 131 B
155 B 94ms
47ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.1QqQ2IELpAY.O/d=1/rs=AC2dHMI6XnI-d1Onru9DviRO2XauIBBy1g/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 24 Aug 2023 17:05:40 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Aug 2023 17:05:40 GMT

GET
H2 200 v-sprite51.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame D1BF 113 KB
49 KB 83ms
21ms Image
image/svg+xml 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite51.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.55Ua9I0U0I0.L.W.O/d=0/rs=AC2dHMLD-S54OcFwrV-XrjkhkUiY47fskg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4ca2de08c4e5dbb1b940fe7d702fe67c45e6bffa79f5fb1ef1b7fd3ffa6ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 08:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 204834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49150
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 19:58:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Wed, 21 Aug 2024 08:11:46 GMT

GET
H3 200 meta Show response
docs.google.com/viewerng/ Frame D1BF 36 B
84 B 78ms
78ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/meta?id=ACFrOgDzzNYwF7lI-AsPkuLIQfWItglZMheu3OB8R1I8UEpNcvaqyccLpColoDKh6ss8kxLcD5KgUBURHykLwwILn954qhc5gcS-39UubhYXf_4xiqm1Vq9Ag5D9Px539Dt-qvc2cgXqcpIAKbTl

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.1QqQ2IELpAY.O/d=1/rs=AC2dHMI6XnI-d1Onru9DviRO2XauIBBy1g/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

879e47078b44290bfb92fd5b6d3cbd3bbff6f8fb3b15279d4ce991cc8b731ac6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i10VYIMOKrWysdfbPTcIWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-i10VYIMOKrWysdfbPTcIWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame D1BF 131 B
155 B 85ms
47ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.1QqQ2IELpAY.O/d=1/rs=AC2dHMI6XnI-d1Onru9DviRO2XauIBBy1g/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 24 Aug 2023 17:05:40 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Aug 2023 17:05:40 GMT

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame 83E8 382 B
1022 B 113ms
28ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XCdl0Q1uUzA.O%2Fd%3D1%2Frs%3DAHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XCdl0Q1uUzA.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c5c4204fba33aeff9a04b480a3d0381db632a795abfabb5aa39a31e2829370e

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-IPw3Z6jij8enlZynPzcwyA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 270
content-security-policy: script-src 'nonce-IPw3Z6jij8enlZynPzcwyA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 17:05:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame D1BF 97 KB
97 KB 111ms
110ms XHR
image/png 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/img?id=ACFrOgDzzNYwF7lI-AsPkuLIQfWItglZMheu3OB8R1I8UEpNcvaqyccLpColoDKh6ss8kxLcD5KgUBURHykLwwILn954qhc5gcS-39UubhYXf_4xiqm1Vq9Ag5D9Px539Dt-qvc2cgXqcpIAKbTl&page=0&w=800&webp=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.1QqQ2IELpAY.O/d=1/rs=AC2dHMI6XnI-d1Onru9DviRO2XauIBBy1g/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

938f9f6f8ca6c0579a8e2068c3ad938e20cbb3d3fcb4b96d5c5e0948f0e470a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X61WIrRADtMcZXo4O7RpeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:40 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-X61WIrRADtMcZXo4O7RpeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame D1BF 14 KB
4 KB 54ms
54ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/presspage?id=ACFrOgDzzNYwF7lI-AsPkuLIQfWItglZMheu3OB8R1I8UEpNcvaqyccLpColoDKh6ss8kxLcD5KgUBURHykLwwILn954qhc5gcS-39UubhYXf_4xiqm1Vq9Ag5D9Px539Dt-qvc2cgXqcpIAKbTl&page=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.1QqQ2IELpAY.O/d=1/rs=AC2dHMI6XnI-d1Onru9DviRO2XauIBBy1g/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1458d86443cfe183296086dfe9afd87ad79b3b6bbde16e0d420bd11350daccfd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cnjiUi2BBkCBaYaBJs5YIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-cnjiUi2BBkCBaYaBJs5YIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame D1BF 97 KB
97 KB 102ms
101ms XHR
image/png 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.1QqQ2IELpAY.O/d=1/rs=AC2dHMI6XnI-d1Onru9DviRO2XauIBBy1g/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d945387ddec689626a2f860bac24a8cbe5076b3cd46887b3b1a2867430ae6790

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S74dVV9p0L9ByKkmPnLEgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:40 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-S74dVV9p0L9ByKkmPnLEgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame D1BF 15 KB
5 KB 118ms
113ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.1QqQ2IELpAY.O/d=1/rs=AC2dHMI6XnI-d1Onru9DviRO2XauIBBy1g/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48d9b9dfb18c45b51b5ff5693f08e61f6f34aa6fa8bd54925fc75a2185ca4e24

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G0NxX3AZ8cs09lFHEbupLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-G0NxX3AZ8cs09lFHEbupLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame D1BF 32 KB
32 KB 149ms
147ms XHR
image/png 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.1QqQ2IELpAY.O/d=1/rs=AC2dHMI6XnI-d1Onru9DviRO2XauIBBy1g/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a674a5953e5bc9f891e0c694a08dd582aec868d74669ddd6a2ab2d1e7b9774c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7jfUVwJ3-wUKWUe7yzAwyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-7jfUVwJ3-wUKWUe7yzAwyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame D1BF 4 KB
1 KB 114ms
111ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.1QqQ2IELpAY.O/d=1/rs=AC2dHMI6XnI-d1Onru9DviRO2XauIBBy1g/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a97aa5e73a74a67909bb2c1aa9d87cd115543c431c6a97085b580343b4091e8b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KfQL29JgoshQOsoqgakqaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-KfQL29JgoshQOsoqgakqaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 apiserving
csp.withgoogle.com/csp/ Frame 83E8 0
0 86ms
31ms Other
text/html 2a00:1450:4001:830::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/apiserving
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://content.googleapis.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame 83E8 18 KB
7 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XCdl0Q1uUzA.O%2Fd%3D1%2Frs%3DAHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61b25985ae40153624ac1d71ccc233f9003a17415dc43d3f989f82ec286d27b4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Aug 2023 17:05:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7117
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "aa0299f9fad01455"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 17:05:40 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XCdl0Q1uUzA.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA/ Frame 83E8 77 KB
27 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XCdl0Q1uUzA.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0171defb12e061ed1c9b8051b409c9c062f692a213de7b9ca51ddcb62613277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 05:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27805
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 05:54:46 GMT

GET
BLOB 200
OK 4e3b67d1-4bf9-4653-8f63-94dafe2bfb84
https://docs.google.com/ Frame D1BF 97 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/4e3b67d1-4bf9-4653-8f63-94dafe2bfb84
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d945387ddec689626a2f860bac24a8cbe5076b3cd46887b3b1a2867430ae6790

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 99730
Content-Type: image/png

GET
BLOB 200
OK 06f56ea2-046a-4eea-b3c1-e66c39a5c8e4
https://docs.google.com/ Frame D1BF 97 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/06f56ea2-046a-4eea-b3c1-e66c39a5c8e4
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 938f9f6f8ca6c0579a8e2068c3ad938e20cbb3d3fcb4b96d5c5e0948f0e470a4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 98978
Content-Type: image/png

GET
BLOB 200
OK f013b9e9-1e95-44f2-bb7f-33b56e7b2c33
https://docs.google.com/ Frame D1BF 32 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/f013b9e9-1e95-44f2-bb7f-33b56e7b2c33
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a674a5953e5bc9f891e0c694a08dd582aec868d74669ddd6a2ab2d1e7b9774c7

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 32256
Content-Type: image/png

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 32ms
32ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 24 Aug 2023 17:05:41 GMT
expires: Thu, 24 Aug 2023 17:05:41 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D1BF 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3 200 log Show response
play.google.com/ Frame D1BF 131 B
155 B 33ms
33ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.1QqQ2IELpAY.O/d=1/rs=AC2dHMI6XnI-d1Onru9DviRO2XauIBBy1g/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Aug 2023 17:05:41 GMT

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 91ms
34ms Fetch
binary/octet-stream 172.64.166.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.166.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1937
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 16:33:24 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5%2BjjnWAozQysKif%2BmEsppLTzEe7DfJ%2Bt1aRDFvdwua2IkXfblODfwNmJnjyG%2BqVyy%2FaVbrzH3Z0kbb0a3EfKkR85EY0i9p3IoYifLO6NzwWYztuQRyiNHYgn%2FWf19HX"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fbd2e7818bbbb8c-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
352 B 205ms
148ms Fetch
text/plain 172.64.166.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.166.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d749bd8781899386c8dba73353832ab16f862f21ca5fd5a3e393c66246f418a7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSOOPsuRMWNWahf%2FGhPFYqywyOP2R2X%2B8BWjKmNahi%2FjCNoxDonwrfbyWOf9onZNWOyPER31YIO2E%2F4D4StIC8pRvibyt75kH7vT6bBGj2GGjfFNkbXtHgV69ZVPW1sW"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7fbd2e7818bebb8c-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
rtoukfareputfe.info/ 0
535 B 252ms
189ms XHR
text/plain 18.65.39.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtoukfareputfe.info/utx?cb=BOaG23CIIKlL&top=userscloud.com&tid=600304
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-90.ams1.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:41 GMT
via: 1.1 d6029710111dc7ad6216b4063753d630.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: j9sluBFsoldGy2pSN7SAKsEbuDE04XMM0i5D-22xhYZDOA2l41dxoA==

GET
H2 200 dn59dBVteA Show response
rtoukfareputfe.info/MWY5OTNQBFpUDFBbWx9GQwoEHAF3Qwt/VwJWTVRWAFBOXVldAwwXUF0JTF1VQwlXTR1fA00cAXdTam5hfjNVWkJyH3gJUnVWd3JeCA5cb2EIP1R3RXUMCQB8ZQpjc0l8C3pQB0EnfmBiehFSWnZbCU59AGAMdE5xSz9xfF9zNXgIUlxee... Frame FBFD 3 KB
2 KB 271ms
244ms Document
text/html 18.65.39.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtoukfareputfe.info/MWY5OTNQBFpUDFBbWx9GQwoEHAF3Qwt/VwJWTVRWAFBOXVldAwwXUF0JTF1VQwlXTR1fA00cAXdTam5hfjNVWkJyH3gJUnVWd3JeCA5cb2EIP1R3RXUMCQB8ZQpjc0l8C3pQB0EnfmBiehFSWnZbCU59AGAMdE5xSz9xfF9zNXgIUlxee3B3dxdcfHpHKFNvA2QhXlR5SD9pWklkVGl4Zl02enRBdRwICXpYDmNwSQEScHhUWCsKcwR4CE0BaQMebl9dXgFweFxANmp4BWA+QVB8ZVd7X3R7C1xsQxRUe10BYCpoYUtYL3p4eFQhY0BWWDxLYHRSHmxXHkFRWldHZCpAcF17N3wMfUszUH1nQVVjaApjAG5vBlQKc0tqdgJRfUpoC3ZQZXMAe39KVFdoUHxLEUpoa0kPdHpEeSxtCBYDJFt/aRRUe3RnCVF6QH4CBVdKWlULTQxWZBYPYGQIEWpXX1YFV01mYTJ0QXhzP1ddAWQ2bGECXQNhSWBQJV1IVnBAU0pcXxYEUFJAJXNeYQA/dn59dBVteA
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-90.ams1.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: f9c54fee2a232d48df247124bd087a1bc3fb3dcae908adcd25ae35ffd83853b4

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1244
content-type: text/html
date: Thu, 24 Aug 2023 17:05:41 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 d6029710111dc7ad6216b4063753d630.cloudfront.net (CloudFront)
x-amz-cf-id: 2oAjTJHxsMQiuUQji5ESWK37WMVx-rV4dtlN8BszQxhswZrZEh-D6g==
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 66ms
59ms Fetch
binary/octet-stream 172.64.166.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.166.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1937
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 16:33:24 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gf0ZfYc9SxsDwcdptpBGqR5QHnJyOE4Uv3Gv4At4ymrPqb2EzLpqcXRrKAyEl8CsD0ftmiDFVBSMHHPZkZ%2BjW9D4vCipOzmAeGb%2BlKTQgd0sn1J02hEhOzbNnWN1QPtH"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fbd2e7818c0bb8c-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
365 B 149ms
142ms Fetch
text/plain 172.64.166.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.166.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aecab2053bd8cdc4ada5c59291bb7639e2decf126881b8b191738b51a4160f71

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtF82PpkWD4cH90yTEDmaUiHUDVKQEVaZbrEtTiLpZNOViiQn8wwFVxGm4bUmRq2ao7CCVNLbssoUefAsnovjO8HnoSJwWHWlnCoensPEgVzBjG1wFu%2BOQpoUvJ%2FMURn"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7fbd2e7818c4bb8c-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
rtoukfareputfe.info/ 0
538 B 125ms
113ms XHR
text/plain 18.65.39.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtoukfareputfe.info/utx?cb=s58QbTjTq5gk&top=userscloud.com&tid=708052
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-90.ams1.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:41 GMT
via: 1.1 d6029710111dc7ad6216b4063753d630.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: Y6eHyOYHDCNHpLymcnOlU-3PewBDPJLJ_6XVnowBTMsGBO2Iqrp8sQ==

GET
H2 200 d0RkRm8WJgcrUBZ5BmAaBShZY10xYVYAC0R0ECsKRnITIgUbIVFoDBsrESIJBSsKMkEZIRBjXTEiAQI9GSUwIQ0gMw8WLQA8AAdeJhQ3BxcvHCU2Ci8sNQE5ECMuBDkHdSIqOiABIhcLNREhIj4fMy4QOk4RIxAANhImcgsgIzYTLCFxMgcYBAIwBCYjAzIlOzQVJ... Show response
rtoukfareputfe.info/ Frame C619 3 KB
2 KB 114ms
114ms Document
text/html 18.65.39.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtoukfareputfe.info/d0RkRm8WJgcrUBZ5BmAaBShZY10xYVYAC0R0ECsKRnITIgUbIVFoDBsrESIJBSsKMkEZIRBjXTEiAQI9GSUwIQ0gMw8WLQA8AAdeJhQ3BxcvHCU2Ci8sNQE5ECMuBDkHdSIqOiABIhcLNREhIj4fMy4QOk4RIxAANhImcgsgIzYTLCFxMgcYBAIwBCYjAzIlOzQVJQ87JSgCBT1GJSF2CzUMIiopIBUDEjolFj0EBAAPNCEpPRM2dyQ1AVwjOiUeNQUtQgg8FzUvBlQ+CzUoAB8sMR0hFwMHcjwXNS8MCAM4NigqCywNKzYQORsFMCEtOBAlNiYhFkklNSEGVQIuEDAwAzo1BzN1WjkGVQQnNHRQFDkhLzUDXgAQJgA9EwYNFCI0LwwfKxAOAB4+LRwgKl8VHBMuLj8RCwMtNgIvAF4cBzAHAFJ2JgIpQgwnADY2EiIDLSEjKhA7NjQtFBguFDMXHxMVCDJKRQYwFwsmFhMyIDIsLhMsJmIONQAZNFkkXDoqBTcWGyFV
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-90.ams1.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 13a3ca458161a63b7f7e41614ff93462c5e5e5160697ce1639cd0588024a5241

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1225
content-type: text/html
date: Thu, 24 Aug 2023 17:05:41 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 d6029710111dc7ad6216b4063753d630.cloudfront.net (CloudFront)
x-amz-cf-id: 43NPeKMxi2erZRGHKyg4jrZZPLnfSUzc2BI2IM2GYTzylqsQ9RTsYg==
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 47ms
46ms Fetch
binary/octet-stream 172.64.166.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.166.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1937
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 16:33:24 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9oOAxAggQRVVp4f4FsQPfPwWMwwmIu2BHwPWKuI8sBezxwZWWAn174%2FAQLSHWsZfrUabKnNU5ib3Ck0%2F6sEOtRL7%2BgxqRmQr9Kxp9KlU158xMJLqDGBYvxX1kSY4Y%2Bd"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fbd2e7828f3bb8c-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
351 B 137ms
137ms Fetch
text/plain 172.64.166.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.166.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dd4a9e5ceaf00556047d1a0d77e1500c1eb1fdfcbca47165f987d3f331b6e3c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtM2b5lsj0%2BEBzfS34MMMnqI7AoRAuVv34J%2FIH84ZeezUeirXOMCOYiHKxR5wF3ljJia5lIySUGh0PfN5ac%2FzsmTJYJrbtMMGD0NSbd7RkN61uC1g%2BjFHQE%2BFebx8Qj4"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://userscloud.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7fbd2e7828f6bb8c-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
rtoukfareputfe.info/ 0
536 B 312ms
312ms XHR
text/plain 18.65.39.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtoukfareputfe.info/utx?cb=zDdXGuZnyTAR&top=userscloud.com&tid=816973
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-90.ams1.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:41 GMT
via: 1.1 d6029710111dc7ad6216b4063753d630.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: VpGqym7Vo91G3ZaZZiYfQU8n6CcKrc-0zXHOJnym229IjufJQ5HISQ==

GET
H2 200 MSs3OToDNAsgIWQ1FQUxEzQZOyAHWDc5EGYAF0EcADJjJC8HJwU9KgMKFikTOjAAQiIAMmMkKA4zZiEpAFEbPBQuKQA0ABE1BVwAMiM4MCEUMDsoPgdVAjYUbjsXJzodAjgnMwcNCjkqOhkbIjohAxYgPQA2FSc0GA1jNikUNDA0SRA3AEEtMDQBPCsRDRYjKT0KB... Show response
rtoukfareputfe.info/YVNxeFYAMRIVaQBuE14jEz9MXWQndkM+MlJjBRUzUGUGHDwNNkRWNQ08BBwwEzwfDHgPNgVdZCcCEjA6UDY1KQInOwIdFRYCID0DNB4gLW8sBwYcASQkKCABBhE0NBIRZCI8FCkSFjFkJikoEDJRAhUtIRkcNz0EKQsdHwQnKzs+EwkGK... Frame 5B37 3 KB
2 KB 110ms
109ms Document
text/html 18.65.39.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtoukfareputfe.info/YVNxeFYAMRIVaQBuE14jEz9MXWQndkM+MlJjBRUzUGUGHDwNNkRWNQ08BBwwEzwfDHgPNgVdZCcCEjA6UDY1KQInOwIdFRYCID0DNB4gLW8sBwYcASQkKCABBhE0NBIRZCI8FCkSFjFkJikoEDJRAhUtIRkcNz0EKQsdHwQnKzs+EwkGKT49NBUnEDEzFBYUEzkkNDEBGSc0PT4NETQqHwMXNyE0Ij88NgA0YyQ/MSs3OToDNAsgIWQ1FQUxEzQZOyAHWDc5EGYAF0EcADJjJC8HJwU9KgMKFikTOjAAQiIAMmMkKA4zZiEpAFEbPBQuKQA0ABE1BVwAMiM4MCEUMDsoPgdVAjYUbjsXJzodAjgnMwcNCjkqOhkbIjohAxYgPQA2FSc0GA1jNikUNDA0SRA3AEEtMDQBPCsRDRYjKT0KBDQ9DwcVMzoyIzkrOgInCjQgPVAUIDlnBAcaHDIjODAzECNmJzk+IwIiFhwnABoyASNjKx4XJAY3XjwSPB8IazgRPkAfUylHPjQiCjJMMg
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-90.ams1.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 72020be98e16d9a9ece50aed125fec352c7c8baf285a748382be5405224bf335

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1236
content-type: text/html
date: Thu, 24 Aug 2023 17:05:41 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 d6029710111dc7ad6216b4063753d630.cloudfront.net (CloudFront)
x-amz-cf-id: x2EpfS6PvckXkUZYLa1VVSj65FIpJevFwLZYeQ-LSlpZ49Y-DA2iCw==
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront

GET
H2 204 bnlrTVJBRgg+byAVIRo3Ayw7F2AsND0cCAIbAD0ALz4tJwYoOE05OwpEXX1iXUlfayIHHVZ8dB0NCjknHURaazsAHwRwdBhEWmNhWldYeXxeXx5wY0gNGyw1U0hNPSYaFVZ8ZFdLU3RkWU1afWVe
ndwouldmeu.info/ 0
387 B 336ms
217ms Image
text/plain 104.21.82.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndwouldmeu.info/bnlrTVJBRgg+byAVIRo3Ayw7F2AsND0cCAIbAD0ALz4tJwYoOE05OwpEXX1iXUlfayIHHVZ8dB0NCjknHURaazsAHwRwdBhEWmNhWldYeXxeXx5wY0gNGyw1U0hNPSYaFVZ8ZFdLU3RkWU1afWVe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.82.102 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32dQu1qFXlnQgJHmxrIM5CbdeeaDpxyPY%2BeUuITctykgYa%2FCEtrGsmEu35dy6lQKOmN0DaA63OFeLRyjZXB7qPfojKMKia1NInt1dr11wyx%2BHxdYhRHsn6MtRahGV2LBG8s%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7fbd2e790aa9bac3-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 267ms
178ms Image
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AXo7B7XU642SGu6ghcdueQX5_Z2_qDNEHZw0Ruc7oKCk1qRdXQlDeClVBaNlNbR...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7X5sdsX0ldF-Pp336XnXMW0eBGPU8hMG2J-KAzLgQdH3SnyhtQeTPVtKKEUWhizxsBNYYwvnw&passiv...

0
0

37ms
36ms

Image
text/html

2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7X5sdsX0ldF-Pp336XnXMW0eBGPU8hMG2J-KAzLgQdH3SnyhtQeTPVtKKEUWhizxsBNYYwvnw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-452174764%3A1692896741406661
Protocol: H3
Server: 2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 24 Aug 2023 17:05:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-qxDO79Z6SOolcHLhKZI1xQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 395
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7X5sdsX0ldF-Pp336XnXMW0eBGPU8hMG2J-KAzLgQdH3SnyhtQeTPVtKKEUWhizxsBNYYwvnw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-452174764%3A1692896741406661
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXo7B7W1UgqlNnJOu6vGse4q9qHmWoKP-171gxFZMf2Aksay9YTx7zMV6ML...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7X-ApgcEYb1mSa-wV8VJ_VrEwD1zyl11q0LzhxAZvHyjK8Xol35Cw05GeZGVFzhAdvBLq8icw&passi...

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7X-ApgcEYb1mSa-wV8VJ_VrEwD1zyl11q0LzhxAZvHyjK8Xol35Cw05GeZGVFzhAdvBLq8icw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1643455446%3A1692896741416005
Protocol: H3
Server: 2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 24 Aug 2023 17:05:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-ufXhGRaW8glvOuRUgThdCw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7X-ApgcEYb1mSa-wV8VJ_VrEwD1zyl11q0LzhxAZvHyjK8Xol35Cw05GeZGVFzhAdvBLq8icw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1643455446%3A1692896741416005
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 FQo0PEMKJRwQED49fAYfNG9tQk5gZ2hUBjk2Z0BPdiEuEwIlIWdDUDk8PB1LdiRnQ1hgfGxCWGN0L09HdiYqExFtY3wCAiQ+Z0NAaWBiS0BnZmtDR2g
ndwouldmeu.info/cnZQUlpdSTMhZycMNCAIGQIhEBwCU2IUPEA/ 0
251 B 341ms
222ms Image
text/plain 104.21.82.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndwouldmeu.info/cnZQUlpdSTMhZycMNCAIGQIhEBwCU2IUPEA/FQo0PEMKJRwQED49fAYfNG9tQk5gZ2hUBjk2Z0BPdiEuEwIlIWdDUDk8PB1LdiRnQ1hgfGxCWGN0L09HdiYqExFtY3wCAiQ+Z0NAaWBiS0BnZmtDR2g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.82.102 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGRoLBHM%2FxlnXWE5ynteeAAMjyfNCkKMnsZxKiVAzWj%2F4kB9VzQEcFnBNjZznOzT2llvnUL%2Be3JCNdXVUfjskHz5PSIpQVs0CiHqX5vV%2FhzRSWEpjjrXp2qHT6%2FxdEWy0NQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7fbd2e790ab0bac3-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 204 anRhY3NFSwIQTjMhFQ0pLUE4BiVTIjcPPV4sDTUqPxpYNiYGQEcXGg5JWVJFU0NSRQMDEFxRSkwHFQIHHwdcUlUDGgcMTkwCXFJdWlpXU11ZUhReQkwAEQIUV0VHEwceGFxSRVNGWVpFXUBQUkBS
ndwouldmeu.info/ 0
248 B 343ms
225ms Image
text/plain 104.21.82.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndwouldmeu.info/anRhY3NFSwIQTjMhFQ0pLUE4BiVTIjcPPV4sDTUqPxpYNiYGQEcXGg5JWVJFU0NSRQMDEFxRSkwHFQIHHwdcUlUDGgcMTkwCXFJdWlpXU11ZUhReQkwAEQIUV0VHEwceGFxSRVNGWVpFXUBQUkBS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.82.102 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6koOjUu%2B574HU6kKTDOG%2B0GXVZZtC0odvCvtAB8uugVF3uJyShXJXfPL%2BO4Htc9mLcwY2uaDT%2Bi2RfWIa5DouGbjkkYf6aDCBonU6g4sskdkUuA6M3TzuBZ42h%2FEZb5MnM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7fbd2e790ab2bac3-MXP
alt-svc: h3=":443"; ma=86400

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 83E8 0
172 B 271ms
271ms XHR
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XCdl0Q1uUzA.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XCdl0Q1uUzA.O%2Fd%3D1%2Frs%3DAHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:41 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 83E8 0
56 B 280ms
280ms XHR
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XCdl0Q1uUzA.O%2Fd%3D1%2Frs%3DAHpOoo-NsQQIx4v-fzv0ma0HnLgz-16yvA%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:41 GMT
x-content-type-options: nosniff
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
244 B 126ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M73M877RTL&gtm=45je38l0&_p=1802165757&cid=780394756.1692896741&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1692896741&sct=1&seg=0&dl=https%3A%2F%2Fuserscloud.com%2Ff376me3g9nuo&dt=Userscloud&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M73M877RTL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userscloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
userscloud.com/cdn-cgi/ 0
140 B 23ms
22ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://userscloud.com/f376me3g9nuo
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://userscloud.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fbd2e793a46bb29-MXP

GET
H2 200 feDRnaTgbWwkPBwxdA1QPSAxXXApeXhQGVggJBVp1FlUWEFQdBUEdQhwJVU9UGVoAVB4dWgRUCV5VAwsFTBITGVcTCQAITRlfCR1aE0dBHFlFWQgTURRYBkwKPgFJWR1KBE8eURZQCB5LXQZXB0xdBldYCFYEQlp6XQZXHlEWAlNMCzoRVVlATgBOTApIVR-cZVB1... Show response
d30tme16wdjle5.cloudfront.net/ Frame C619 594 B
722 B 261ms
182ms Script
text/plain 2600:9000:2204:1400:3:9f90:340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30tme16wdjle5.cloudfront.net/feDRnaTgbWwkPBwxdA1QPSAxXXApeXhQGVggJBVp1FlUWEFQdBUEdQhwJVU9UGVoAVB4dWgRUCV5VAwsFTBITGVcTCQAITRlfCR1aE0dBHFlFWQgTURRYBkwKPgFJWR1KBE8eURZQCB5LXQZXB0xdBldYCFYEQlp6XQZXHlEWAlNMCzoRVVlATgBOTApIVR-cZVB1DAgtTEUBCW35NB1BHC04RVVkQE1wTBFRdBiRMCkhYDgJdXQZXDl0bXwhAHUoEBAFKF1kCTAo+DF5HCFYAVFEBVgNVTApIRwYPWQpdQlt+TQdQRwtOEhJUCQ
Requested by: Host: rtoukfareputfe.info
URL: https://rtoukfareputfe.info/d0RkRm8WJgcrUBZ5BmAaBShZY10xYVYAC0R0ECsKRnITIgUbIVFoDBsrESIJBSsKMkEZIRBjXTEiAQI9GSUwIQ0gMw8WLQA8AAdeJhQ3BxcvHCU2Ci8sNQE5ECMuBDkHdSIqOiABIhcLNREhIj4fMy4QOk4RIxAANhImcgsgIzYTLCFxMgcYBAIwBCYjAzIlOzQVJQ87JSgCBT1GJSF2CzUMIiopIBUDEjolFj0EBAAPNCEpPRM2dyQ1AVwjOiUeNQUtQgg8FzUvBlQ+CzUoAB8sMR0hFwMHcjwXNS8MCAM4NigqCywNKzYQORsFMCEtOBAlNiYhFkklNSEGVQIuEDAwAzo1BzN1WjkGVQQnNHRQFDkhLzUDXgAQJgA9EwYNFCI0LwwfKxAOAB4+LRwgKl8VHBMuLj8RCwMtNgIvAF4cBzAHAFJ2JgIpQgwnADY2EiIDLSEjKhA7NjQtFBguFDMXHxMVCDJKRQYwFwsmFhMyIDIsLhMsJmIONQAZNFkkXDoqBTcWGyFV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:1400:3:9f90:340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 55539d372b5290486bbad504dbcc850d11fc3a6c92ebf8eacaa34514e07b02ca

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtoukfareputfe.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
content-encoding: gzip
via: 1.1 ff34f581ad0f4009e4c404975952e7f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 445
x-amz-cf-id: 2gfyg9lBip_TCkL2jvfFYmhoKN6MPpZl7duOeRhtDzQT3JP6NQQSSw==

GET
H2 200 QcHl1eDQTFhseCwQQEUUMQU9MTwdWEwYXWgBELDp7SDBHAgI2GzYhd0QdUwxOFERHXlgRFxJFEhUXFkUFVhgRGglEXwEIWxtEEhlBERIbDFYbClMNVU0UGgJdHBUUXQY2TFtIEUJJXQ9dHh0aD0dVS0UWQFVLRUkEXklQS3ZVS0UPXR5PQV0HMlxHSExGTV-xdBkA... Show response
d30tme16wdjle5.cloudfront.net/ Frame 5B37 583 B
730 B 254ms
176ms Script
text/plain 2600:9000:2204:1400:3:9f90:340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30tme16wdjle5.cloudfront.net/QcHl1eDQTFhseCwQQEUUMQU9MTwdWEwYXWgBELDp7SDBHAgI2GzYhd0QdUwxOFERHXlgRFxJFEhUXFkUFVhgRGglEXwEIWxtEEhlBERIbDFYbClMNVU0UGgJdHBUUXQY2TFtIEUJJXQ9dHh0aD0dVS0UWQFVLRUkEXklQS3ZVS0UPXR5PQV0HMlxHSExGTV-xdBkAYBQhYFQ4QGl8ZDVBKckVKQlYHRlxHSBwbEQEVWFVLNl0GQBUcE1FVS0UfURMSGlERQkkWEEYfFBBdBjZBTFYEXk1GQA1eTkddBkAKFB5VAhBQSnJFSkJWB0ZfAEUF
Requested by: Host: rtoukfareputfe.info
URL: https://rtoukfareputfe.info/YVNxeFYAMRIVaQBuE14jEz9MXWQndkM+MlJjBRUzUGUGHDwNNkRWNQ08BBwwEzwfDHgPNgVdZCcCEjA6UDY1KQInOwIdFRYCID0DNB4gLW8sBwYcASQkKCABBhE0NBIRZCI8FCkSFjFkJikoEDJRAhUtIRkcNz0EKQsdHwQnKzs+EwkGKT49NBUnEDEzFBYUEzkkNDEBGSc0PT4NETQqHwMXNyE0Ij88NgA0YyQ/MSs3OToDNAsgIWQ1FQUxEzQZOyAHWDc5EGYAF0EcADJjJC8HJwU9KgMKFikTOjAAQiIAMmMkKA4zZiEpAFEbPBQuKQA0ABE1BVwAMiM4MCEUMDsoPgdVAjYUbjsXJzodAjgnMwcNCjkqOhkbIjohAxYgPQA2FSc0GA1jNikUNDA0SRA3AEEtMDQBPCsRDRYjKT0KBDQ9DwcVMzoyIzkrOgInCjQgPVAUIDlnBAcaHDIjODAzECNmJzk+IwIiFhwnABoyASNjKx4XJAY3XjwSPB8IazgRPkAfUylHPjQiCjJMMg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:1400:3:9f90:340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16e73a596f072c66c641f3f5ddfa8f90397689ec680bd1001c9aedd6ae7e079f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtoukfareputfe.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
content-encoding: gzip
via: 1.1 ff34f581ad0f4009e4c404975952e7f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 452
x-amz-cf-id: In5ktPu5y0Z2a1msrCS0sz1Hnp-xXSPUXNHxtCzIQgfGnU0cyfq5ew==

GET
H2 200 5SWROUlcqCyA0aD0NKm9heVR9YmNvDj09OTlZJzMmCi4pAGYQKwkcEjowD3QjMwBzYHElBSA1am8BIDFqeEIvNjV0UGgmJyYPczU2PAUlPCMrDz10IihZIz0tIAgiM3J7Int8Z2xWfnogIAoqPSA6QXxiOT1BfGJmeUp+d2QLQXxiICAKeGZyeiZrYGcxUn-p7cnt... Show response
d30tme16wdjle5.cloudfront.net/ Frame FBFD 1 KB
1 KB 179ms
178ms Script
text/plain 2600:9000:2204:1400:3:9f90:340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30tme16wdjle5.cloudfront.net/5SWROUlcqCyA0aD0NKm9heVR9YmNvDj09OTlZJzMmCi4pAGYQKwkcEjowD3QjMwBzYHElBSA1am8BIDFqeEIvNjV0UGgmJyYPczU2PAUlPCMrDz10IihZIz0tIAgiM3J7Int8Z2xWfnogIAoqPSA6QXxiOT1BfGJmeUp+d2QLQXxiICAKeGZyeiZrYGcxUn-p7cntULyInJQE5NzUiDTp3ZQ9RfWV5elJrYGdhDyYmOiVBfBFye1QiOzwsQXxiMCwHJT1+bFZ+MT87CyM3cnsidmt5eUp6YW9wSnlgcntUPTMxKBYnd2UPUX1leXpSaCdqeA
Requested by: Host: rtoukfareputfe.info
URL: https://rtoukfareputfe.info/MWY5OTNQBFpUDFBbWx9GQwoEHAF3Qwt/VwJWTVRWAFBOXVldAwwXUF0JTF1VQwlXTR1fA00cAXdTam5hfjNVWkJyH3gJUnVWd3JeCA5cb2EIP1R3RXUMCQB8ZQpjc0l8C3pQB0EnfmBiehFSWnZbCU59AGAMdE5xSz9xfF9zNXgIUlxee3B3dxdcfHpHKFNvA2QhXlR5SD9pWklkVGl4Zl02enRBdRwICXpYDmNwSQEScHhUWCsKcwR4CE0BaQMebl9dXgFweFxANmp4BWA+QVB8ZVd7X3R7C1xsQxRUe10BYCpoYUtYL3p4eFQhY0BWWDxLYHRSHmxXHkFRWldHZCpAcF17N3wMfUszUH1nQVVjaApjAG5vBlQKc0tqdgJRfUpoC3ZQZXMAe39KVFdoUHxLEUpoa0kPdHpEeSxtCBYDJFt/aRRUe3RnCVF6QH4CBVdKWlULTQxWZBYPYGQIEWpXX1YFV01mYTJ0QXhzP1ddAWQ2bGECXQNhSWBQJV1IVnBAU0pcXxYEUFJAJXNeYQA/dn59dBVteA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:1400:3:9f90:340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3fd75cf54eb699fd18d2fed60060c1d60790a5c5f104e27c70cffe146bc9040e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtoukfareputfe.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:05:41 GMT
content-encoding: gzip
via: 1.1 ff34f581ad0f4009e4c404975952e7f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 786
x-amz-cf-id: SEjNmCDX6ZcYg9ZZq45XDJeN5rOnc1h9Wm1FqjI5nhbapKFE1bTByw==

GET
H2 200 popunder.gif
ndwouldmeu.info/ 35 B
392 B 26ms
26ms Image
image/gif 104.21.82.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndwouldmeu.info/popunder.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.82.102 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 24 Aug 2023 17:05:41 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Aug 2023 17:11:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 431626
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoJmvN5SxPfvxRFR6XTnMcmF2KWClizAv%2BzMDFwnJy3Juus1JcYsILdETbG3ne5sndarLArhH1ReZtQpwhUCGL3cZjCP1Kpk3DHiJGHegqwiAIs5jmS70bxkva1qExUr13s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7fbd2e7b3ddbbac3-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 multi Show response
tureukworektob.info/ 3 KB
2 KB 180ms
128ms XHR
text/plain 108.138.7.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tureukworektob.info/multi?cs=NFNaV0INYGtudgVgb2JwAGVqb3M&abt=0&red=1&sm=76&k=userscloud%20free%20cloud%20storage%20unlimited&v=1.0.60.3&sts=0&prn=0&emb=0&tid=708052&rxy=1600_1200&u=1931880713748041&agec=1692896741&fs=1&mbkb=512.8205128205128&ref=https%3A%2F%2Fuserscloud.com%2Ff376me3g9nuo&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&tzd=2&uloc=&if=0&_nAMy=1692896741657&crc=1
Requested by: Host: userscloud.com
URL: https://userscloud.com/f376me3g9nuo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-129.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: edbeaf7342cb99e7d5d16308be203d35b5a17ca58ce654aff9db9435a2c6eeac

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 17:05:41 GMT
content-encoding: gzip
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: text/plain
access-control-allow-origin: https://userscloud.com
p3p: CP="NID DSP ALL COR"
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-length: 1511
x-amz-cf-id: Lqb3MFe_cQsm7ndFzl8vxLiPwcQqBZ0Q-UZmwMrwHTpvolMoFg4iaw==

POST
H3 200 log Show response
play.google.com/ Frame D1BF 131 B
155 B 31ms
30ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.de_CH.1QqQ2IELpAY.O/d=1/rs=AC2dHMI6XnI-d1Onru9DviRO2XauIBBy1g/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 24 Aug 2023 17:05:43 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Aug 2023 17:05:43 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 27ms
27ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 24 Aug 2023 17:05:43 GMT
expires: Thu, 24 Aug 2023 17:05:43 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.userscloud.com/	1969-12-31 23:59:59	Name: lang Value: german
.google.com/	1970-01-20 18:38:27	Name: NID Value: 511=hHpemrcQQbc8mC8mQClCSAzGcTfsvPc4ZUtvJvCx4BwswYiHHJj_e2QZCHUFNiBV3zwJm8IHmLf12H5JZtafeLmi_BffVcld4sVBVDD7MMxhgxYPOxb7N873xpE8sSFpS3fl7EYwMQw1iSrVlSzFJi7S4Iv_SnK2nn9ieVFZ_Jw
.userscloud.com/	1970-01-20 23:50:56	Name: _ga Value: GA1.1.780394756.1692896741
pogothere.xyz/	1970-01-20 22:53:20	Name: csu Value: 1931880713748041@1@1692896741
.userscloud.com/	1970-01-20 23:50:56	Name: _ga_M73M877RTL Value: GS1.1.1692896741.1.0.1692896741.0.0.0

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-cax7pw_mpWzas29_VDJj8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security	error	URL: https://docs.google.com/gview?url=https://u4062.userscloud.com/cgi-bin/dl.cgi/kwuqpt2yvrbwzmdmu2b4pd2cauzwym5wlxyqvnno4tjf2affwzkekni/f376me3g9nuo.pdf&embedded=true(Line 8) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'nonce-cax7pw_mpWzas29_VDJj8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
network	error	URL: https://docs.google.com/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://docs.google.com/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7X5sdsX0ldF-Pp336XnXMW0eBGPU8hMG2J-KAzLgQdH3SnyhtQeTPVtKKEUWhizxsBNYYwvnw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-452174764%3A1692896741406661 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7X-ApgcEYb1mSa-wV8VJ_VrEwD1zyl11q0LzhxAZvHyjK8Xol35Cw05GeZGVFzhAdvBLq8icw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1643455446%3A1692896741416005 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
content.googleapis.com
csp.withgoogle.com
d30tme16wdjle5.cloudfront.net
docs.google.com
ndwouldmeu.info
play.google.com
pogothere.xyz
region1.google-analytics.com
rtoukfareputfe.info
ssl.gstatic.com
static.cloudflareinsights.com
tureukworektob.info
userscloud.com
www.facebook.com
www.googletagmanager.com
www.gstatic.com
104.21.82.102
108.138.7.129
172.64.166.32
18.65.39.90
2001:4860:4802:32::36
2600:9000:2204:1400:3:9f90:340:21
2606:4700::6810:3965
2a00:1450:4001:806::2008
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200d
2a00:1450:4001:80f::200e
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2011
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3121::3
0f9f20114e54fed930627f7a17d6a0631969a5ad7829bca90d773d7fc5952a7d
13a3ca458161a63b7f7e41614ff93462c5e5e5160697ce1639cd0588024a5241
1458d86443cfe183296086dfe9afd87ad79b3b6bbde16e0d420bd11350daccfd
16e73a596f072c66c641f3f5ddfa8f90397689ec680bd1001c9aedd6ae7e079f
349d5079a878757c9198b1c757f5fb68794dcd04b85019380298b25a2cd530ca
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4
3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf
3fd75cf54eb699fd18d2fed60060c1d60790a5c5f104e27c70cffe146bc9040e
48d9b9dfb18c45b51b5ff5693f08e61f6f34aa6fa8bd54925fc75a2185ca4e24
4c5c4204fba33aeff9a04b480a3d0381db632a795abfabb5aa39a31e2829370e
4dd4a9e5ceaf00556047d1a0d77e1500c1eb1fdfcbca47165f987d3f331b6e3c
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
55539d372b5290486bbad504dbcc850d11fc3a6c92ebf8eacaa34514e07b02ca
567795e373535ee36eaa0805687b1ba40b46c192cba6c56d83767f320bf14c2c
600415a1cb67c50d9f4bc904089303e9a6fff2ffc70b66b889d3088e01e9d96e
61b25985ae40153624ac1d71ccc233f9003a17415dc43d3f989f82ec286d27b4
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816
72020be98e16d9a9ece50aed125fec352c7c8baf285a748382be5405224bf335
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e4533eed3bcf0e2282be9fa42e20ae67091638254404a5f820fde18cf21b4c
879e47078b44290bfb92fd5b6d3cbd3bbff6f8fb3b15279d4ce991cc8b731ac6
8fbea0b8376b137b18c59c9cff930d1aebc7816c9d8f5b29ede865e727e48fdc
938f9f6f8ca6c0579a8e2068c3ad938e20cbb3d3fcb4b96d5c5e0948f0e470a4
a674a5953e5bc9f891e0c694a08dd582aec868d74669ddd6a2ab2d1e7b9774c7
a97aa5e73a74a67909bb2c1aa9d87cd115543c431c6a97085b580343b4091e8b
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac4ca2de08c4e5dbb1b940fe7d702fe67c45e6bffa79f5fb1ef1b7fd3ffa6ffb
aecab2053bd8cdc4ada5c59291bb7639e2decf126881b8b191738b51a4160f71
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0171defb12e061ed1c9b8051b409c9c062f692a213de7b9ca51ddcb62613277
d749bd8781899386c8dba73353832ab16f862f21ca5fd5a3e393c66246f418a7
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc
d945387ddec689626a2f860bac24a8cbe5076b3cd46887b3b1a2867430ae6790
dcc9042d6e57da51821acd007645a5269b176f61c9d35146966f971edba08396
ddda7b6f718dfc927c5b9d838112ec5e19c6acdf7652e06a95859c0803f3160a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edbeaf7342cb99e7d5d16308be203d35b5a17ca58ce654aff9db9435a2c6eeac
f60010035f844f2f677b76465c6809ec1bf899c571fa6c6d9bfb4787ce04426a
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f9c54fee2a232d48df247124bd087a1bc3fb3dcae908adcd25ae35ffd83853b4

userscloud.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

93 %HTTPS

78 %IPv6

14 Domains

18 Subdomains

19 IPs

3 Countries

1624 kBTransfer

4372 kBSize

5 Cookies

0 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

userscloud.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

93 %
HTTPS

78 %
IPv6

14
Domains

18
Subdomains

19
IPs

3
Countries

1624 kB
Transfer

4372 kB
Size

5
Cookies

72 HTTP transactions
1 data transactions