urlscan.io logo urlscan.io
SecurityTrails logo

userscloud.com Open in urlscan Pro
2606:4700:3031::ac43:8f05  Public Scan

Go To Rescan Add Verdict Report
URL: https://userscloud.com/2sgg16rhmoq2
Submission: On August 16 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3031::ac43:8f05, located in United States and belongs to CLOUDFLARENET, US. The main domain is userscloud.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2021. Valid for: a year.
This is the only time userscloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    2606:4700:3031::ac43:8f05 (United States)

ASN13335 (CLOUDFLARENET, US)
userscloud.com
1    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
5    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
docs.google.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
www.google-analytics.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
3    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
content.googleapis.com
6    2606:4700:3031::ac43:dea7 (United States)

ASN13335 (CLOUDFLARENET, US)
astancerta.fun
3    2600:9000:21f3:3800:5:a46:8900:21 (United States)

ASN16509 (AMAZON-02, US)
dtv5loup63fac.cloudfront.net
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.32.22.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-38.fra56.r.cloudfront.net
esusivebe.top
1    143.204.207.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-24.fra53.r.cloudfront.net
useumaien.biz
Domain Requested by
12 userscloud.com userscloud.com
static.cloudflareinsights.com
6 astancerta.fun userscloud.com
5 docs.google.com userscloud.com
docs.google.com
www.gstatic.com
4 apis.google.com docs.google.com
apis.google.com
content.googleapis.com
3 dtv5loup63fac.cloudfront.net astancerta.fun
3 content.googleapis.com apis.google.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.gstatic.com docs.google.com
1 useumaien.biz userscloud.com
1 esusivebe.top
1 ssl.gstatic.com www.gstatic.com
1 www.googletagmanager.com userscloud.com
1 static.cloudflareinsights.com userscloud.com
43 13

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
esusivebe.top
Amazon		 2020-10-22 -
2021-11-20		 a year crt.sh
useumaien.biz
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh

This page contains 7 frames:

Primary Page: https://userscloud.com/2sgg16rhmoq2
Frame ID: F1B6034F08BB406DA7056F99FD1FE8B3
Requests: 21 HTTP requests in this frame

Frame: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/mcl7dtym5qjt33b746gjhdsglbxyo7eszwftnwmm5hgfdms2tpsglry/2sgg16rhmoq2.pdf&embedded=true
Frame ID: 98CF9055E2DEB9D3FB8A8FC7A4332B53
Requests: 12 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Frame ID: 4C9E709B07198DA207F8973E7898D452
Requests: 5 HTTP requests in this frame

Frame: https://astancerta.fun/N2x0ejRWDhcXC1ZRFlxBRQBJXwZxSUY8UEMaQRZbQhxCSVJWD1oZWFgZEBxGWAIAVFpSGFFIcgA+PBJsU14DFHJNByYvTnY+OUpEVggxEl9lXRwTcV49LTteZSo4AgwOCCY8WXI6G0N/TVwzNQZ+ITgoemUIGE4DcQs9EGZvKSc7XVMqLhZxeSU2CkVmXBsNd3MLFy9nRA86HX12ICUVXXIbBBNwYzY/O2dELyQSR3YmIktYejoYC2d/JjIic0A8JBJfficDQl9iAEFKcl4iJyJaZSYuS1hUNSEJYmIAQUpwTVguLVp1CC4+Yn0IHx1CZjocDmxgQSIycGM9PTVMfg49KFsPJBwSXGQEMjlsBCIjIHFxJhARXBJeMjJ1ZhsyLkBkNBMeUG05Fzt4ZSENL1gCXDwAfWIuDQ5mVAciGX5PLRg9dXIELC1hTzo8S2NtXRgjUAcuAS1iQ14sLWJ/JA0vUXkLITxtYgMmK1gOFiIXZnU/HjxyblwyLFJyC0QoclgEJS1hYS83HnpuFCIefXIuHT9lDlwnSH5wKCwNbm5cNVxeRAMaCglPBCVLXQYKQgNnXR0j
Frame ID: FB1CF4564A50121AA6440BDFB4097C72
Requests: 2 HTTP requests in this frame

Frame: https://astancerta.fun/ejFqQ0YbUwkueRsMCGUzCF1XZnQ8FFgFIg5HXy8pD0FccCAbUkQgKhVEDiU0FV8ebSgfRU9xAE9SMicAIGk7EAE5Qi4QMS9UIxUuPmA/encvdDAbDi5oIQQhPHogOwMPeT8aNTtWMwsDFFIdDxQocDM7AzV3PzN1K0kNEgEpezMWLitrIC8uPGcSGi44AQYFEy50PAQ+CnohJAMscygwNTxGLxUDLXw7BRMNUCErfh55ODAtK3QzcBcXRTwWEzR5CBEPHnkSDjc/Vg4WFCJkJgIAKHcOFRQ/aVonISxbMBYUImQ5CxRDcwkWBDJ8Wwl1LGASCxdIHBICFBF0PQ0UL2gsAgcdcxJ7HzsDKBsLEWMvIC0OeThyDElnPDQnMksvCgE8YywBLTh2OxE1CXUCBRMoaT8AAyh4CQgtAmM7cyUXdTsaIz1YKAIUEFU6JQMOdDJzCEhpP3IgK3kOAhQRdC8JBzdnKztzHWcQCQMoeSAPFEpVOA4AEnA4c3NDZzgnBStiKCAUEnw+CSo4cC9zHxJpPwYePHk8FBcvcD0lFyhwOCRgEEIFLTZHUx4ZKktYDTEwHwM/GiNN
Frame ID: 161C011DB7975BFED32A605C458BC261
Requests: 2 HTTP requests in this frame

Frame: https://astancerta.fun/MGZkU1RRBAc+a1FbBnUhQgpZdmZ2Q1YVMEQQUT87RRZSYDJRBUowOF8TADUmXwgQfTpVEkFhElwoDyc4YhwABR5xFQwQEXkPJQs7YCRXYjdTJzUCHWI/CwQBalQiOQ5mAx5rGX0RMmAVSDM1NhIALzUpGn4zCgkMaTAQCx5hLFIWAn0KJj07dyMnPBZ6NwsQNmIjVwQSAVQnOhpnNx0wGX4zLgAYZSsdBTNDCyc5ZVUxDTARaQEyJDJbElcWM2JRMAcWVTEnax99IzUHMWYzFAIsflMyCw14ISwnFVQuMQcxZjMTCzhYXzEEHXUCI2YMVFZcEjIASxw6FmE/FRUAVAQxKSNxLDIrMmBWJmI3YShQBjlbIyUUYWgCHGoweR4hIgNIKFEZOXkgJjo3fSoiGgBVMDE0AVwzAxA5BDUmGyd3KlQFDnoBJjoWaCQeCxNbLiMbbWcAE2cNViAAOhZhP1ARF3YxNhAecQI8FhBVIC4jFnEkEBYcXyIlGx5UAlUCElY3JnZmciQyAiJyCC0XAngJJjUjejcvFQIAJwMwJWg1PRcVYUAOIDteFlkgJVIrEDogAicsIwN/DSc
Frame ID: 6F3506183A057D7F97B6E30026201E3B
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 93ECDA4B4D329F83F02AB582D0E7FE28
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

43
Requests

98 %
HTTPS

85 %
IPv6

11
Domains

13
Subdomains

14
IPs

2
Countries

2008 kB
Transfer

2876 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2sgg16rhmoq2
userscloud.com/ 		345 KB
97 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/2sgg16rhmoq2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccdc032315a2036a72edb4d3af15a3daca9acfbf8e906fea3293ed322407436
Security Headers
Name Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
userscloud.com
:scheme
https
:path
/2sgg16rhmoq2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=0;includeSubDomains;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
expires
Sun, 15 Aug 2021 10:56:11 GMT
set-cookie
lang=english; domain=.userscloud.com; path=/
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,POST,OPTIONS
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggD0NAA%2FIlWIQ8fiaLdwOwmHM%2B2T1okQvCrgt8QDZ0ncy9n9imUry42LAxcWQW%2F8I6YDRNvyjyJPSDOayl%2BqWSHUS5r6Bdq2E8fhgrGfnalFK6GZRGPPjFZpBJRsVJ1HewWk3Ux%2FhhP5zIH5Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67fa2270ade542cf-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
font-awesome.min.css
userscloud.com/uc/vendor/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/uc/vendor/font-awesome.min.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816

Request headers

:path
/uc/vendor/font-awesome.min.css
pragma
no-cache
cookie
lang=english
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
userscloud.com
referer
https://userscloud.com/2sgg16rhmoq2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://userscloud.com/2sgg16rhmoq2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
869932
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sat, 02 Jan 2021 15:50:50 GMT
server
cloudflare
etag
W/"5ff0965a-5c79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbpPbTGnrNyzrRkpQLUD78J6JxgpeTXUpQzdOpwkOLcGRvzIpbcDBugqfk%2F5KXUUQl%2Bf26jBfcx%2FdSGzrZyjj%2BC50Hc6zlo7oeMCWUTJWtWBFvd%2FwCpbM%2FhxULwhTh%2B5a9Quv2DlqPoLmyUZkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
67fa2278df3fc2c2-FRA
access-control-allow-headers
X-Requested-With
expires
Sun, 05 Sep 2021 09:17:19 GMT
bootstrap.css
userscloud.com/css/vendor/ 		110 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/css/vendor/bootstrap.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf

Request headers

:path
/css/vendor/bootstrap.css
pragma
no-cache
cookie
lang=english
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
userscloud.com
referer
https://userscloud.com/2sgg16rhmoq2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://userscloud.com/2sgg16rhmoq2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
869932
cf-polished
origSize=113031
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 18 May 2017 15:12:22 GMT
server
cloudflare
etag
W/"591db9d6-1b987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boXvLV9SJZaPkz0J1OL5wYr0GVWLoW3daZwMDT45r44leD08AsxEScK3ac7v0XwBKj%2FyFKPv%2BloS7IGusXH6yKetFWNM9VLasMa0Vt%2F2OMq5J6dnZSro%2FMQNaU7i%2BVDoksl57BFLoHTxdub%2Bzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Sun, 05 Sep 2021 09:17:19 GMT
cache-control
max-age=2592000
cf-ray
67fa2278df40c2c2-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
minify
essentials.css
userscloud.com/css/app/ 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/css/app/essentials.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4

Request headers

:path
/css/app/essentials.css
pragma
no-cache
cookie
lang=english
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
userscloud.com
referer
https://userscloud.com/2sgg16rhmoq2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://userscloud.com/2sgg16rhmoq2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
869932
cf-polished
origSize=47095
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 18 May 2017 15:13:10 GMT
server
cloudflare
etag
W/"591dba06-b7f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbKAS0Kd8VucTXI3KYvYTesBp3aCNTWknL4KO3Dnri5%2F%2FU4k%2B1I8OafJBi9dR8iTTX5H4NW%2FC6ajjwQB6lpBQr5jvV5q7X445vvnUKhuAPg7aRCSxEgnsnAf7PiLe52fnaAFCEU3QVsHLjwZdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Sun, 05 Sep 2021 09:17:19 GMT
cache-control
max-age=2592000
cf-ray
67fa2278df43c2c2-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
minify
layout.min.css
userscloud.com/css/app/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/css/app/layout.min.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc

Request headers

:path
/css/app/layout.min.css
pragma
no-cache
cookie
lang=english
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
userscloud.com
referer
https://userscloud.com/2sgg16rhmoq2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://userscloud.com/2sgg16rhmoq2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
869932
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sat, 02 Jan 2021 15:52:04 GMT
server
cloudflare
etag
W/"5ff096a4-17d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DyK38ByzS%2FltsSxdoLrP5DuLSPa23f%2BBeZTRbVGzXKxYM4QzJMO5h5qDaJHG%2F56wkGiaa%2F7g%2FIijX7fBnaGAcZr70jDThBbEhFH%2Fv19HGimd%2BLn4aLSqGtBCUgln6xXWpn42R1uJWn253nBOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
67fa2278df39c2c2-FRA
access-control-allow-headers
X-Requested-With
expires
Sun, 05 Sep 2021 09:17:19 GMT
navbar.css
userscloud.com/css/app/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/css/app/navbar.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977

Request headers

:path
/css/app/navbar.css
pragma
no-cache
cookie
lang=english
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
userscloud.com
referer
https://userscloud.com/2sgg16rhmoq2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://userscloud.com/2sgg16rhmoq2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
869932
cf-polished
origSize=21572
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 18 May 2017 15:14:54 GMT
server
cloudflare
etag
W/"591dba6e-5444"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kuk6XKPXB%2FySUZmF0Rhq1a6vZbEH%2F8BdAVVDrEfOr1XEv3rI6YyuoJW5CJkwivu%2FSqVaas1QHtFia55LjL615HwLCyYAHwSqNvusWq5RF%2FDjhpG77R0iJUqv4JLCzEG0ACTR5IyMBd3pos0FgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Sun, 05 Sep 2021 09:17:19 GMT
cache-control
max-age=2592000
cf-ray
67fa2278df45c2c2-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
minify
logo_s.jpg
userscloud.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://userscloud.com/images/logo_s.jpg
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137

Request headers

:path
/images/logo_s.jpg
pragma
no-cache
cookie
lang=english
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
userscloud.com
referer
https://userscloud.com/2sgg16rhmoq2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://userscloud.com/2sgg16rhmoq2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:11 GMT
access-control-allow-methods
GET,POST,OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
869908
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1624
last-modified
Thu, 17 Dec 2020 16:14:49 GMT
server
cloudflare
etag
"5fdb83f9-658"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qszaxf4AY1xpjduCbSvrdud1cKys%2BepppG4Hw3dsm8i%2B3YJYg12dW9fa97WcIWFEHvofYNBWFdf%2F3%2FM4UW8p44tkq7DydwEiRhxYFDadTBf1pHOr1TalnqYWvn8aMz2AJhVtBfvlZkGoQy8FyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
67fa22795811c2c2-FRA
access-control-allow-headers
X-Requested-With
expires
Sun, 05 Sep 2021 09:17:43 GMT
rocket-loader.min.js
userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
cookie
lang=english
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
userscloud.com
referer
https://userscloud.com/2sgg16rhmoq2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://userscloud.com/2sgg16rhmoq2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Aug 2021 10:09:00 GMT
server
cloudflare
etag
W/"6114f33c-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcblzcWGCVjFQADmFwoojPbyrqHfZFsvfEnR8917fWSqDK%2BBEShMZ6Nyne%2BiQMSDt6p9QJAouGj%2FcMCOeAXXNewpr3GDAXYrogYR%2B4CRqUaau2QffAwQfYLYGv6vVLXdXEPcjq5dbZk%2FLkBlVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
67fa22795814c2c2-FRA
vary
Accept-Encoding
expires
Wed, 18 Aug 2021 10:56:11 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:11 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
67fa227958882c0d-FRA
gview
docs.google.com/ Frame 98CF 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/mcl7dtym5qjt33b746gjhdsglbxyo7eszwftnwmm5hgfdms2tpsglry/2sgg16rhmoq2.pdf&embedded=true
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
027ab93950d2734537252f0eb224ef30ad12d5e3a8992af34fe0e3622101e9a7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RZRQZgBPRad9AbJY5x4CpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
docs.google.com
:scheme
https
:path
/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/mcl7dtym5qjt33b746gjhdsglbxyo7eszwftnwmm5hgfdms2tpsglry/2sgg16rhmoq2.pdf&embedded=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userscloud.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://userscloud.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 16 Aug 2021 10:56:11 GMT
content-encoding
gzip
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy
script-src 'report-sample' 'nonce-RZRQZgBPRad9AbJY5x4CpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
x-xss-protection
1; mode=block
server
GSE
set-cookie
NID=221=l5n6dAlU4zVtWQu5T8OUzZuu1q-ksio4LPfBrKrwB8JHa2WT6Jq1qbi1PTihxZgDfEr7kiYu78e3XXX8Ssu3hTpTm0cZNrW15QX9Tml4rzvQIcHBgdzpwd0m11wOz_In55qaYkHTFhYm5q7OdHUszLQyiJVToPDIdm_DBfthjMo; expires=Tue, 15-Feb-2022 10:56:11 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fontawesome-webfont.woff2
userscloud.com/uc/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/uc/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: userscloud.com
URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

sec-fetch-mode
cors
origin
https://userscloud.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
lang=english
:path
/uc/fonts/fontawesome-webfont.woff2?v=4.3.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
userscloud.com
referer
https://userscloud.com/uc/vendor/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://userscloud.com
Referer
https://userscloud.com/uc/vendor/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:11 GMT
access-control-allow-methods
GET,POST,OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
869927
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
56780
last-modified
Mon, 14 Dec 2020 20:14:38 GMT
server
cloudflare
etag
"5fd7c7ae-ddcc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zO5Rzuih%2FUYj4OlhvP8Ilb%2BvUMxH3MmNxMOy84JH4WELGJKiYCMzwe4HQ23t%2FTL0G1fF5mKLZrhap2PAvuLFGVYRLl1611CAemnuXhivChT4Yu50RBEx2JE56HV8WJoykA3aLFEnvqgIzCfoZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
67fa22797859c2c2-FRA
access-control-allow-headers
X-Requested-With
expires
Sun, 05 Sep 2021 09:17:24 GMT
js
www.googletagmanager.com/gtag/ 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-70768172-1
Requested by
Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b64ed37154b8ea13c4e27a0a805b39a3a6a9bb53db309523540f071ce7e6f30c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40877
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 16 Aug 2021 10:56:11 GMT
bootstrap.js
userscloud.com/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/bootstrap.js
Requested by
Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc

Request headers

:path
/bootstrap.js
pragma
no-cache
cookie
lang=english
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
userscloud.com
referer
https://userscloud.com/2sgg16rhmoq2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://userscloud.com/2sgg16rhmoq2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6479
cf-polished
origSize=35778
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sat, 26 Dec 2020 13:26:43 GMT
server
cloudflare
etag
W/"8bc2-5b75dfde473c8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePmxhsYIJ3XiKCukSjRjYpXAsX4h42vzbZZaZCxvFCDvxgRIwcxtKAzl4mMWSylwjPnsGeaRzIEdYuPNaOlSc%2FRYXcaCS1B5oeEu6qPv26BW13ik6fH60h9k4kDJF1RDv70AMwcyT8GEXGepvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=259200
cf-ray
67fa2279d91bc2c2-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
minify
jquery.min.js
userscloud.com/assets/library/jquery/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/assets/library/jquery/jquery.min.js?v=v2.0.0-rc8&sv=v0.0.1.2
Requested by
Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

:path
/assets/library/jquery/jquery.min.js?v=v2.0.0-rc8&sv=v0.0.1.2
pragma
no-cache
cookie
lang=english
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
userscloud.com
referer
https://userscloud.com/2sgg16rhmoq2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://userscloud.com/2sgg16rhmoq2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
869932
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Sun, 25 May 2014 12:12:31 GMT
server
cloudflare
etag
W/"5381de2f-16b88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGso7rL6IEMSSdSWmPn51zu%2FmmCJZqvr36Bhn4nQqEyxY%2BPwlpiM9sfVnRmDkDLpqo0aQT4RpnN6GtvC2NMKwXWau5qlldiJfgmNnM0t342Wl7Xbrhu%2FBjauG7%2FN9vSE4SPDGJHqz%2BdM16%2F4hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
67fa2279d920c2c2-FRA
access-control-allow-headers
X-Requested-With
expires
Sun, 05 Sep 2021 09:17:19 GMT
rs=AC2dHMIbTmIS6TnacGxfBHyPXNN44RZv7w
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.7mCne2n6wiw.L.W.O/d=0/ Frame 98CF 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.7mCne2n6wiw.L.W.O/d=0/rs=AC2dHMIbTmIS6TnacGxfBHyPXNN44RZv7w
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/mcl7dtym5qjt33b746gjhdsglbxyo7eszwftnwmm5hgfdms2tpsglry/2sgg16rhmoq2.pdf&embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5efc6c44c79dea9006cc3352e1dd7f21aa9adfc51343927b7b45ffc82a4fa8eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 01:34:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24176
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 19:14:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 01:34:43 GMT
thumb
docs.google.com/viewerng/ Frame 98CF 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://docs.google.com/viewerng/thumb?ds=AON1mFyX0UaMtFYwk8hoNv60iILIfW8aXiBD2cbnIXElv984EA1WXix8U6wAWVSxO0lJ8J4a4eXSe9rAw5qBcbp4JMOVPYbdwo2W5BDXMANMZj1hZKUEJcwHTt3mrPipYvbrolXOW9llIroqYUYByMCt3_MxJ9rMH5NEO-4D0doWfzuphzXXnZ5fc8Is1eKu5JksvQJvhOcO466OLq00Dz3n12GviieViG4tb2_IkdbTuiWGvj7NHZdRG9LpbM66t_cRBn-G2-05Ytt0GAsLTjrLIZQvMnFfT7U_MIAH8TUja6IqCqRgvsJinkMp8AIET_Kk47WYkZPshOpyTYKX5hngPtOHqYbNcHMD9hcIRW322ru1fVH4TsU%3D&ck=lantern&authuser&w=800&webp=true&p=proj
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/mcl7dtym5qjt33b746gjhdsglbxyo7eszwftnwmm5hgfdms2tpsglry/2sgg16rhmoq2.pdf&embedded=true
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
27b43c0c88a2b4d120ef01d86b97c7bf27fa963095852ad022779319050a2033
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lfhYbPtpX7A1ZvPC3k8gBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/mcl7dtym5qjt33b746gjhdsglbxyo7eszwftnwmm5hgfdms2tpsglry/2sgg16rhmoq2.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:12 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private, max-age=300
content-security-policy
script-src 'report-sample' 'nonce-lfhYbPtpX7A1ZvPC3k8gBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 16 Aug 2021 10:56:12 GMT
m=main
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.FE9Tj5KVbeo.O/d=1/rs=AC2dHML5mNiKmswsnLZ1mbI0V2_3AbwseQ/ Frame 98CF 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.FE9Tj5KVbeo.O/d=1/rs=AC2dHML5mNiKmswsnLZ1mbI0V2_3AbwseQ/m=main
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/mcl7dtym5qjt33b746gjhdsglbxyo7eszwftnwmm5hgfdms2tpsglry/2sgg16rhmoq2.pdf&embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1de57ad8f0e97c0260786a62ed3296149b6f250fb4110f12a9266ac731d7c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 01:21:34 GMT
vary
Accept-Encoding
last-modified
Thu, 05 Aug 2021 13:11:30 GMT
server
sffe
x-content-type-options
nosniff
age
552878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129385
x-xss-protection
0
expires
Wed, 10 Aug 2022 01:21:34 GMT
client.js
apis.google.com/js/ Frame 98CF 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/mcl7dtym5qjt33b746gjhdsglbxyo7eszwftnwmm5hgfdms2tpsglry/2sgg16rhmoq2.pdf&embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89bcafeb5a916c4f0ea21a718e7e3d839e72a23ea7078bc72683035044a71c91
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z0vI0656vHCH7LDJ14i5Cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"cf1f25698213eff9e49aa59a787f751c"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-Z0vI0656vHCH7LDJ14i5Cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Mon, 16 Aug 2021 10:56:12 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ Frame 98CF 		312 KB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d52aa5614f8b75142f9fee208d69dad6a137508c23cc56026ed9f71d04231106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 00:22:59 GMT
vary
Accept-Encoding, Origin
last-modified
Wed, 07 Jul 2021 13:43:54 GMT
server
sffe
x-content-type-options
nosniff
age
37993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
319728
x-xss-protection
0
expires
Tue, 16 Aug 2022 00:22:59 GMT
v-sprite38.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 98CF 		34 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite38.svg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.7mCne2n6wiw.L.W.O/d=0/rs=AC2dHMIbTmIS6TnacGxfBHyPXNN44RZv7w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cba1896313ea5c1b9c7142be77501dfc2a7fbcb0c15ebe2ce9fde4bdb48c1cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 09:37:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
4725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8570
x-xss-protection
0
last-modified
Thu, 22 Jul 2021 21:38:00 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Aug 2022 09:37:27 GMT
meta
docs.google.com/viewerng/ Frame 98CF 		36 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/viewerng/meta?id=ACFrOgBzaUV6Q2azQydEP77FhIQ9UQG4da9xhdsWawE3ZFZAbhV2I_vhOX7V8Wi5thvjKP69IyZ8MDdwxq87Qh14yzc9bG6w1wv-Xog9ba9w0mVdPVfE8lm-ypVMQL3AvEeyyq_K9eQsu8UzD9Ac
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.FE9Tj5KVbeo.O/d=1/rs=AC2dHML5mNiKmswsnLZ1mbI0V2_3AbwseQ/m=main
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7b7c0fbe0bd60dd5fa1dbfad0ece7835c374e0dfeb56c5812e28872235cec2a5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MB8OMtNnVINBKI3+8kAXYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/mcl7dtym5qjt33b746gjhdsglbxyo7eszwftnwmm5hgfdms2tpsglry/2sgg16rhmoq2.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-MB8OMtNnVINBKI3+8kAXYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
date
Mon, 16 Aug 2021 10:56:12 GMT
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
img
docs.google.com/viewerng/ Frame 98CF 		79 KB
79 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/viewerng/img?id=ACFrOgBzaUV6Q2azQydEP77FhIQ9UQG4da9xhdsWawE3ZFZAbhV2I_vhOX7V8Wi5thvjKP69IyZ8MDdwxq87Qh14yzc9bG6w1wv-Xog9ba9w0mVdPVfE8lm-ypVMQL3AvEeyyq_K9eQsu8UzD9Ac&page=0&w=800&webp=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.FE9Tj5KVbeo.O/d=1/rs=AC2dHML5mNiKmswsnLZ1mbI0V2_3AbwseQ/m=main
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
27b43c0c88a2b4d120ef01d86b97c7bf27fa963095852ad022779319050a2033
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l/En77bG+pVczlkeuz8L/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/mcl7dtym5qjt33b746gjhdsglbxyo7eszwftnwmm5hgfdms2tpsglry/2sgg16rhmoq2.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 10:56:12 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-l/En77bG+pVczlkeuz8L/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
presspage
docs.google.com/viewerng/ Frame 98CF 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/viewerng/presspage?id=ACFrOgBzaUV6Q2azQydEP77FhIQ9UQG4da9xhdsWawE3ZFZAbhV2I_vhOX7V8Wi5thvjKP69IyZ8MDdwxq87Qh14yzc9bG6w1wv-Xog9ba9w0mVdPVfE8lm-ypVMQL3AvEeyyq_K9eQsu8UzD9Ac&page=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.en_US.FE9Tj5KVbeo.O/d=1/rs=AC2dHML5mNiKmswsnLZ1mbI0V2_3AbwseQ/m=main
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9260587c5a8bbd8cb3fb15427e99cc086cfe1c536d04914b9d6d39d82cefc22e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-soioQBs2PGeyjZYsHI04GA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/mcl7dtym5qjt33b746gjhdsglbxyo7eszwftnwmm5hgfdms2tpsglry/2sgg16rhmoq2.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-soioQBs2PGeyjZYsHI04GA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
date
Mon, 16 Aug 2021 10:56:12 GMT
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
proxy.html
content.googleapis.com/static/ Frame 4C9E 		382 B
862 B 		Document
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb058d79df5c793531596af8a345d8a0be47a7c576d1b7cd987a6a21adcdb6ba
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-CRm7SGDLonA--eL_qx1fxA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
content.googleapis.com
:scheme
https
:path
/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://docs.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://docs.google.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy
script-src 'nonce-CRm7SGDLonA--eL_qx1fxA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
273
date
Mon, 16 Aug 2021 10:56:12 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Fri, 17 Jul 2020 22:45:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
googleapis.proxy.js
apis.google.com/js/ Frame 4C9E 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/googleapis.proxy.js?onload=startup
Requested by
Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
612459434ea07ce9edf82fdd6c25f635cae0982b5d9073836a79319f2297c416
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1E3jkKC2uYOTahojCaqn3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"6b32549b3f460b1eabd1e7f58eac9424"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-1E3jkKC2uYOTahojCaqn3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Mon, 16 Aug 2021 10:56:12 GMT
truncated
/ Frame 98CF 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
a6831484-df1d-47f8-8371-65f7417329fd
https://docs.google.com/ Frame 98CF 		79 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://docs.google.com/a6831484-df1d-47f8-8371-65f7417329fd
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/mcl7dtym5qjt33b746gjhdsglbxyo7eszwftnwmm5hgfdms2tpsglry/2sgg16rhmoq2.pdf&embedded=true
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27b43c0c88a2b4d120ef01d86b97c7bf27fa963095852ad022779319050a2033

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
80860
Content-Type
image/png
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ Frame 4C9E 		62 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf0070aa387c14c819743da3cb176a3ff823fa9eb7674962225f2bc4342e442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 20:35:43 GMT
vary
Accept-Encoding, Origin
last-modified
Wed, 07 Jul 2021 13:43:54 GMT
server
sffe
x-content-type-options
nosniff
age
397229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63883
x-xss-protection
0
expires
Thu, 11 Aug 2022 20:35:43 GMT
utx
astancerta.fun/ 		0
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://astancerta.fun/utx?cb=hhxkQQKToXXF&top=userscloud.com&tid=600304
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dea7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:13 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94LON02kYDe3%2BGVbhL5KeetSzsUvrsggRWRTdrPC9b1uDo0%2FQKvLS3nqethoRyO%2Bp5Yj5Y%2FDr%2BSI5jlD4BZd4F73ehEzfiPlOj%2BQ%2FPxmtzvoEu43pWaleScDAjOLUJDQMLN194AflxONWAuUkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://userscloud.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
cf-ray
67fa22848a033233-FRA
x-amz-cf-id
-XkRGYQfMPBXCRVQFH8r2uCaNG0r1yqNqnK0oiCh_zIMKf2TjEU_lA==
HjxyblwyLFJyC0QoclgEJS1hYS83HnpuFCIefXIuHT9lDlwnSH5wKCwNbm5cNVxeRAMaCglPBCVLXQYKQgNnXR0j
astancerta.fun/N2x0ejRWDhcXC1ZRFlxBRQBJXwZxSUY8UEMaQRZbQhxCSVJWD1oZWFgZEBxGWAIAVFpSGFFIcgA+PBJsU14DFHJNByYvTnY+OUpEVggxEl9lXRwTcV49LTteZSo4AgwOCCY8WXI6G0N/TVwzNQZ+ITgoemUIGE4DcQs9EGZvKSc7XVMqLhZxeS... Frame FB1C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://astancerta.fun/N2x0ejRWDhcXC1ZRFlxBRQBJXwZxSUY8UEMaQRZbQhxCSVJWD1oZWFgZEBxGWAIAVFpSGFFIcgA+PBJsU14DFHJNByYvTnY+OUpEVggxEl9lXRwTcV49LTteZSo4AgwOCCY8WXI6G0N/TVwzNQZ+ITgoemUIGE4DcQs9EGZvKSc7XVMqLhZxeSU2CkVmXBsNd3MLFy9nRA86HX12ICUVXXIbBBNwYzY/O2dELyQSR3YmIktYejoYC2d/JjIic0A8JBJfficDQl9iAEFKcl4iJyJaZSYuS1hUNSEJYmIAQUpwTVguLVp1CC4+Yn0IHx1CZjocDmxgQSIycGM9PTVMfg49KFsPJBwSXGQEMjlsBCIjIHFxJhARXBJeMjJ1ZhsyLkBkNBMeUG05Fzt4ZSENL1gCXDwAfWIuDQ5mVAciGX5PLRg9dXIELC1hTzo8S2NtXRgjUAcuAS1iQ14sLWJ/JA0vUXkLITxtYgMmK1gOFiIXZnU/HjxyblwyLFJyC0QoclgEJS1hYS83HnpuFCIefXIuHT9lDlwnSH5wKCwNbm5cNVxeRAMaCglPBCVLXQYKQgNnXR0j
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dea7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b31864dd386cb0702bf2d3da3c4fd1990daf6351f5e37b2bd75111fc5590c31

Request headers

:method
GET
:authority
astancerta.fun
:scheme
https
:path
/N2x0ejRWDhcXC1ZRFlxBRQBJXwZxSUY8UEMaQRZbQhxCSVJWD1oZWFgZEBxGWAIAVFpSGFFIcgA+PBJsU14DFHJNByYvTnY+OUpEVggxEl9lXRwTcV49LTteZSo4AgwOCCY8WXI6G0N/TVwzNQZ+ITgoemUIGE4DcQs9EGZvKSc7XVMqLhZxeSU2CkVmXBsNd3MLFy9nRA86HX12ICUVXXIbBBNwYzY/O2dELyQSR3YmIktYejoYC2d/JjIic0A8JBJfficDQl9iAEFKcl4iJyJaZSYuS1hUNSEJYmIAQUpwTVguLVp1CC4+Yn0IHx1CZjocDmxgQSIycGM9PTVMfg49KFsPJBwSXGQEMjlsBCIjIHFxJhARXBJeMjJ1ZhsyLkBkNBMeUG05Fzt4ZSENL1gCXDwAfWIuDQ5mVAciGX5PLRg9dXIELC1hTzo8S2NtXRgjUAcuAS1iQ14sLWJ/JA0vUXkLITxtYgMmK1gOFiIXZnU/HjxyblwyLFJyC0QoclgEJS1hYS83HnpuFCIefXIuHT9lDlwnSH5wKCwNbm5cNVxeRAMaCglPBCVLXQYKQgNnXR0j
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userscloud.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://userscloud.com/

Response headers

date
Mon, 16 Aug 2021 10:56:13 GMT
content-type
text/html
content-length
1270
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
p6Fs1BsB4BkVo20-OddMPOjBKXh97Z-ncJ-HIpKGIxNgzE1dSLyfRQ==
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldL1weErkvEHOsmRetHoCS65S%2B5i%2BUW0MNKQKsvEDPQrUc1j%2BO58gZ0HWrSW4EvdyFyhIRLzUwS4ZL5w83RDeCbW75vkRnPmNhatHty1fiZkqI29G%2Bi9O0%2FuWCen3PtYjwxRzyIQxRkLoQjs5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67fa22848a003233-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
utx
astancerta.fun/ 		0
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://astancerta.fun/utx?cb=8O8uMAKhoVQj&top=userscloud.com&tid=708052
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dea7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:13 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuhlFAEnpsUi29Aa7Ao6geMC%2B3mWr5P1nEMnuia%2BSm0RCYEdBgQe%2BfW9n%2FP7xK60H62lYqw%2FiVXhTLnB%2FYzs9f0WvmwQSBj8pZg%2FTVnKlVRXmQq5ufB3Ikt81xeWkI%2FlrQQWpfCiyLwSIyZSLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://userscloud.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
cf-ray
67fa2284ca743233-FRA
x-amz-cf-id
x9Z4v_9-E0PI8EZcnCq7GVJea3AoclbAGD4NvxYuFHSx0VTmaHyMlQ==
GiNN
astancerta.fun/ejFqQ0YbUwkueRsMCGUzCF1XZnQ8FFgFIg5HXy8pD0FccCAbUkQgKhVEDiU0FV8ebSgfRU9xAE9SMicAIGk7EAE5Qi4QMS9UIxUuPmA/encvdDAbDi5oIQQhPHogOwMPeT8aNTtWMwsDFFIdDxQocDM7AzV3PzN1K0kNEgEpezMWLitrIC8uPG... Frame 161C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://astancerta.fun/ejFqQ0YbUwkueRsMCGUzCF1XZnQ8FFgFIg5HXy8pD0FccCAbUkQgKhVEDiU0FV8ebSgfRU9xAE9SMicAIGk7EAE5Qi4QMS9UIxUuPmA/encvdDAbDi5oIQQhPHogOwMPeT8aNTtWMwsDFFIdDxQocDM7AzV3PzN1K0kNEgEpezMWLitrIC8uPGcSGi44AQYFEy50PAQ+CnohJAMscygwNTxGLxUDLXw7BRMNUCErfh55ODAtK3QzcBcXRTwWEzR5CBEPHnkSDjc/Vg4WFCJkJgIAKHcOFRQ/aVonISxbMBYUImQ5CxRDcwkWBDJ8Wwl1LGASCxdIHBICFBF0PQ0UL2gsAgcdcxJ7HzsDKBsLEWMvIC0OeThyDElnPDQnMksvCgE8YywBLTh2OxE1CXUCBRMoaT8AAyh4CQgtAmM7cyUXdTsaIz1YKAIUEFU6JQMOdDJzCEhpP3IgK3kOAhQRdC8JBzdnKztzHWcQCQMoeSAPFEpVOA4AEnA4c3NDZzgnBStiKCAUEnw+CSo4cC9zHxJpPwYePHk8FBcvcD0lFyhwOCRgEEIFLTZHUx4ZKktYDTEwHwM/GiNN
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dea7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02b978e1feb64fa5c75dfdc947ca03ed38f8499ce275af8a042f6eab1877c113

Request headers

:method
GET
:authority
astancerta.fun
:scheme
https
:path
/ejFqQ0YbUwkueRsMCGUzCF1XZnQ8FFgFIg5HXy8pD0FccCAbUkQgKhVEDiU0FV8ebSgfRU9xAE9SMicAIGk7EAE5Qi4QMS9UIxUuPmA/encvdDAbDi5oIQQhPHogOwMPeT8aNTtWMwsDFFIdDxQocDM7AzV3PzN1K0kNEgEpezMWLitrIC8uPGcSGi44AQYFEy50PAQ+CnohJAMscygwNTxGLxUDLXw7BRMNUCErfh55ODAtK3QzcBcXRTwWEzR5CBEPHnkSDjc/Vg4WFCJkJgIAKHcOFRQ/aVonISxbMBYUImQ5CxRDcwkWBDJ8Wwl1LGASCxdIHBICFBF0PQ0UL2gsAgcdcxJ7HzsDKBsLEWMvIC0OeThyDElnPDQnMksvCgE8YywBLTh2OxE1CXUCBRMoaT8AAyh4CQgtAmM7cyUXdTsaIz1YKAIUEFU6JQMOdDJzCEhpP3IgK3kOAhQRdC8JBzdnKztzHWcQCQMoeSAPFEpVOA4AEnA4c3NDZzgnBStiKCAUEnw+CSo4cC9zHxJpPwYePHk8FBcvcD0lFyhwOCRgEEIFLTZHUx4ZKktYDTEwHwM/GiNN
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userscloud.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://userscloud.com/

Response headers

date
Mon, 16 Aug 2021 10:56:13 GMT
content-type
text/html
content-length
1268
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
y7tVR_Ix8ZnmJbc_oiz75NhcgtBBnGmC7my6YV-zPe4CBssENJ4JMg==
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqqxmM6DQqkaost2KS0jJwAmotKXWRrbtXaCilh9Dw5CP%2BL5j6iJbOblysYbzt5q4Q53R5v%2F%2B5O71A5howaGKwgB1KSDFABT1BeC2GU%2BV7c0pyKnHdLlDv%2BCVeNgNJYr6tElNZD%2ByiI3GvBqdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67fa2284da883233-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
utx
astancerta.fun/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://astancerta.fun/utx?cb=ysqqiagGXhME&top=userscloud.com&tid=816973
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dea7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:13 GMT
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbVhaya6wPQ5f%2Bnm4x0X5NhUKJ9sUQI%2Fk%2BK0VWN6tt4GG3FFQo%2FUh8c%2FH9duVZmCEM8E7Zm8Ay8oeyp4lbd2a4zT1olyUBK5DURiyVAgGjoljP%2BvxAlsDHMDFqYw3aO%2F%2Bq15shUEHnwY%2FR3bIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://userscloud.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
cf-ray
67fa22852b233233-FRA
x-amz-cf-id
SGdfmJ3XpH_A7j2dO4yMmKIIHIwhk48RrSjWj-iiOpBxJJ_Oug-oMw==
DSc
astancerta.fun/MGZkU1RRBAc+a1FbBnUhQgpZdmZ2Q1YVMEQQUT87RRZSYDJRBUowOF8TADUmXwgQfTpVEkFhElwoDyc4YhwABR5xFQwQEXkPJQs7YCRXYjdTJzUCHWI/CwQBalQiOQ5mAx5rGX0RMmAVSDM1NhIALzUpGn4zCgkMaTAQCx5hLFIWAn0KJj07dy... Frame 6F35 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://astancerta.fun/MGZkU1RRBAc+a1FbBnUhQgpZdmZ2Q1YVMEQQUT87RRZSYDJRBUowOF8TADUmXwgQfTpVEkFhElwoDyc4YhwABR5xFQwQEXkPJQs7YCRXYjdTJzUCHWI/CwQBalQiOQ5mAx5rGX0RMmAVSDM1NhIALzUpGn4zCgkMaTAQCx5hLFIWAn0KJj07dyMnPBZ6NwsQNmIjVwQSAVQnOhpnNx0wGX4zLgAYZSsdBTNDCyc5ZVUxDTARaQEyJDJbElcWM2JRMAcWVTEnax99IzUHMWYzFAIsflMyCw14ISwnFVQuMQcxZjMTCzhYXzEEHXUCI2YMVFZcEjIASxw6FmE/FRUAVAQxKSNxLDIrMmBWJmI3YShQBjlbIyUUYWgCHGoweR4hIgNIKFEZOXkgJjo3fSoiGgBVMDE0AVwzAxA5BDUmGyd3KlQFDnoBJjoWaCQeCxNbLiMbbWcAE2cNViAAOhZhP1ARF3YxNhAecQI8FhBVIC4jFnEkEBYcXyIlGx5UAlUCElY3JnZmciQyAiJyCC0XAngJJjUjejcvFQIAJwMwJWg1PRcVYUAOIDteFlkgJVIrEDogAicsIwN/DSc
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:dea7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f61437e010d63adf0fd421e777731785081381c6fff72dd211b0ddf4dd5c9584

Request headers

:method
GET
:authority
astancerta.fun
:scheme
https
:path
/MGZkU1RRBAc+a1FbBnUhQgpZdmZ2Q1YVMEQQUT87RRZSYDJRBUowOF8TADUmXwgQfTpVEkFhElwoDyc4YhwABR5xFQwQEXkPJQs7YCRXYjdTJzUCHWI/CwQBalQiOQ5mAx5rGX0RMmAVSDM1NhIALzUpGn4zCgkMaTAQCx5hLFIWAn0KJj07dyMnPBZ6NwsQNmIjVwQSAVQnOhpnNx0wGX4zLgAYZSsdBTNDCyc5ZVUxDTARaQEyJDJbElcWM2JRMAcWVTEnax99IzUHMWYzFAIsflMyCw14ISwnFVQuMQcxZjMTCzhYXzEEHXUCI2YMVFZcEjIASxw6FmE/FRUAVAQxKSNxLDIrMmBWJmI3YShQBjlbIyUUYWgCHGoweR4hIgNIKFEZOXkgJjo3fSoiGgBVMDE0AVwzAxA5BDUmGyd3KlQFDnoBJjoWaCQeCxNbLiMbbWcAE2cNViAAOhZhP1ARF3YxNhAecQI8FhBVIC4jFnEkEBYcXyIlGx5UAlUCElY3JnZmciQyAiJyCC0XAngJJjUjejcvFQIAJwMwJWg1PRcVYUAOIDteFlkgJVIrEDogAicsIwN/DSc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://userscloud.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://userscloud.com/

Response headers

date
Mon, 16 Aug 2021 10:56:13 GMT
content-type
text/html
content-length
1270
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
n3oKfbjsrfsRyqU1iAMIT6KFgK1uhvbeY_s9GgcutjT3MLSHPL8ctA==
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3phshLhDsGJ7Qsv%2Fiv52x%2FKznNLgoPthMS9Z13DbuKcF1iFWh%2Fo98lGok4J3Z6M6wLf2FuIJIv6hNfiMLoWRIAoAsETXT0Sz%2F3xD6aPT7e2uwfchMPTSQlWBX2sLIGakpYI%2BVRdKILA8JYlZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67fa22852b2e3233-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
rum
userscloud.com/cdn-cgi/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://userscloud.com/cdn-cgi/rum?req_id=67fa2270ade542cf
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://userscloud.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
lang=english
content-length
1320
:path
/cdn-cgi/rum?req_id=67fa2270ade542cf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
userscloud.com
referer
https://userscloud.com/2sgg16rhmoq2
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://userscloud.com/2sgg16rhmoq2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 16 Aug 2021 10:56:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://userscloud.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
67fa22853dc6c2c2-FRA
vary
Origin
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70768172-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
6152
date
Mon, 16 Aug 2021 09:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Mon, 16 Aug 2021 11:13:41 GMT
viewerimpressions
content.googleapis.com/drive/v2internal/ Frame 4C9E 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://docs.google.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Goog-AuthUser
0
X-Referer
https://docs.google.com

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 10:56:13 GMT
server
GSE
etag
"vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin, X-Origin
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Jan 1990 00:00:00 GMT
viewerimpressions
content.googleapis.com/drive/v2internal/ Frame 4C9E 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://docs.google.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Goog-AuthUser
0
X-Referer
https://docs.google.com

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 10:56:13 GMT
server
GSE
etag
"vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin, X-Origin
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Jan 1990 00:00:00 GMT
HAQwFTtSXgddZUcALRMyUl50HzIUBytRckVcJxAlGAEhXWUxVH1WZ1lYd0BuWVt2XWVHHyUeNgUFYUoRQl9zVmRBSjFFY0FVfEg0RFohQWUVCCdNYxVdIEBiEQ90S2JGDXwZY0A
dtv5loup63fac.cloudfront.net/7RHhXd2wnFzkRUzARM0padEhkR1hiEiQYAjRFLx89dRFmEVo9Kz0GO2IMLRNRdl47FgIjRXESAidFZlENIBpqQ0owCDgcUSscNgIALQoiEwpiDTZKASsCPhsAJV1lMVlqSHJFXGwPPhkIKw8kUl50FiNSXnRJZ1lcYUsVUl5... Frame FB1C 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtv5loup63fac.cloudfront.net/7RHhXd2wnFzkRUzARM0padEhkR1hiEiQYAjRFLx89dRFmEVo9Kz0GO2IMLRNRdl47FgIjRXESAidFZlENIBpqQ0owCDgcUSscNgIALQoiEwpiDTZKASsCPhsAJV1lMVlqSHJFXGwPPhkIKw8kUl50FiNSXnRJZ1lcYUsVUl50Dz4ZWnBdZDVJdkgvQVhtXW-VHDTQIOxIbIRo8HhhhShFCX3NWZEFJdkh/HAQwFTtSXgddZUcALRMyUl50HzIUBytRckVcJxAlGAEhXWUxVH1WZ1lYd0BuWVt2XWVHHyUeNgUFYUoRQl9zVmRBSjFFY0FVfEg0RFohQWUVCCdNYxVdIEBiEQ90S2JGDXwZY0A
Requested by
Host: astancerta.fun
URL: https://astancerta.fun/N2x0ejRWDhcXC1ZRFlxBRQBJXwZxSUY8UEMaQRZbQhxCSVJWD1oZWFgZEBxGWAIAVFpSGFFIcgA+PBJsU14DFHJNByYvTnY+OUpEVggxEl9lXRwTcV49LTteZSo4AgwOCCY8WXI6G0N/TVwzNQZ+ITgoemUIGE4DcQs9EGZvKSc7XVMqLhZxeSU2CkVmXBsNd3MLFy9nRA86HX12ICUVXXIbBBNwYzY/O2dELyQSR3YmIktYejoYC2d/JjIic0A8JBJfficDQl9iAEFKcl4iJyJaZSYuS1hUNSEJYmIAQUpwTVguLVp1CC4+Yn0IHx1CZjocDmxgQSIycGM9PTVMfg49KFsPJBwSXGQEMjlsBCIjIHFxJhARXBJeMjJ1ZhsyLkBkNBMeUG05Fzt4ZSENL1gCXDwAfWIuDQ5mVAciGX5PLRg9dXIELC1hTzo8S2NtXRgjUAcuAS1iQ14sLWJ/JA0vUXkLITxtYgMmK1gOFiIXZnU/HjxyblwyLFJyC0QoclgEJS1hYS83HnpuFCIefXIuHT9lDlwnSH5wKCwNbm5cNVxeRAMaCglPBCVLXQYKQgNnXR0j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3800:5:a46:8900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b83f02e3630fa4aa7aa14a796e4a16b5061443d5dcd863be6224b6334acbf293

Request headers

Referer
https://astancerta.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:13 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
753
via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
x-amz-cf-id
oGD__4ZSVIFUljuoT4XmItKbUmsOdohkVK5ieM4iDGTXtx16nVoOvg==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1427042304&t=pageview&_s=1&dl=https%3A%2F%2Fuserscloud.com%2F2sgg16rhmoq2&ul=en-us&de=UTF-8&dt=Userscloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1136164133&gjid=119784739&cid=1596871895.1629111374&tid=UA-70768172-1&_gid=168461362.1629111374&_r=1&gtm=2ou8b0&z=869910515
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 10:56:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://userscloud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
5cXdFZXQSGCsDSwUeIVhDQU91UEZXHTYKGgFKJxEuHUYsAgYHEncwLRRAYxEOFUp3QxgQGSJYUhQZJlhFVxYhB0lFUTEVGxpKKgEVBBssFwEVEWMQFUwaKh8dHRskQEY3QmtVUUNHbRIdHxMqEgdURXULAFRFdVREX0dgVjZURXUSHR9BcUBHM1J3VQxHQ2-xARkE...
dtv5loup63fac.cloudfront.net/ Frame 161C 		571 B
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dtv5loup63fac.cloudfront.net/5cXdFZXQSGCsDSwUeIVhDQU91UEZXHTYKGgFKJxEuHUYsAgYHEncwLRRAYxEOFUp3QxgQGSJYUhQZJlhFVxYhB0lFUTEVGxpKKgEVBBssFwEVEWMQFUwaKh8dHRskQEY3QmtVUUNHbRIdHxMqEgdURXULAFRFdVREX0dgVjZURXUSHR9BcUBHM1J3VQxHQ2-xARkEWNRUYFAAgBx8YA2BXMkREcktHR1J3VVwaHzEIGFRFBkBGQRssDhFURXUCERIcKkxRQ0cmDQYeGiBARjdPfEtEX0N2XU1fQHdARkEEJAMVAx5gVzJERHJLR0dRMFhAR059VRdCQSBcRhMTJlBAE0YhXUEXFHVWQUAWfQRARg
Requested by
Host: astancerta.fun
URL: https://astancerta.fun/ejFqQ0YbUwkueRsMCGUzCF1XZnQ8FFgFIg5HXy8pD0FccCAbUkQgKhVEDiU0FV8ebSgfRU9xAE9SMicAIGk7EAE5Qi4QMS9UIxUuPmA/encvdDAbDi5oIQQhPHogOwMPeT8aNTtWMwsDFFIdDxQocDM7AzV3PzN1K0kNEgEpezMWLitrIC8uPGcSGi44AQYFEy50PAQ+CnohJAMscygwNTxGLxUDLXw7BRMNUCErfh55ODAtK3QzcBcXRTwWEzR5CBEPHnkSDjc/Vg4WFCJkJgIAKHcOFRQ/aVonISxbMBYUImQ5CxRDcwkWBDJ8Wwl1LGASCxdIHBICFBF0PQ0UL2gsAgcdcxJ7HzsDKBsLEWMvIC0OeThyDElnPDQnMksvCgE8YywBLTh2OxE1CXUCBRMoaT8AAyh4CQgtAmM7cyUXdTsaIz1YKAIUEFU6JQMOdDJzCEhpP3IgK3kOAhQRdC8JBzdnKztzHWcQCQMoeSAPFEpVOA4AEnA4c3NDZzgnBStiKCAUEnw+CSo4cC9zHxJpPwYePHk8FBcvcD0lFyhwOCRgEEIFLTZHUx4ZKktYDTEwHwM/GiNN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3800:5:a46:8900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0d14eb72e6152550a6c9581167f7b3b22616c28ffc0e70b23d7522ff5ff3c86e

Request headers

Referer
https://astancerta.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:13 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
450
via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
x-amz-cf-id
sbxf2RmR2ikOf1kRF86n5snbh21PF0WC0AzmHheqz9UgLEIsNPS8Bg==
lNktlRzdVJAshCEIiAXoPB31ccAQQIRYoWUZ2FjZVez8MMwV3AxUQeF0IQzNNUnZXYVtXJQJ6EVMlBnoGECoBJQoCbRE3WF12CiNWQycMNUJSLUMyVgsmCj1eWicEYgVwfkt3EgR7TTBeWC8KMEQTeVUpQxN5VXYHGHtAdHUTeVUwXlh9UWIEdG5Xd08Af0-xiBQY...
dtv5loup63fac.cloudfront.net/ Frame 6F35 		555 B
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dtv5loup63fac.cloudfront.net/lNktlRzdVJAshCEIiAXoPB31ccAQQIRYoWUZ2FjZVez8MMwV3AxUQeF0IQzNNUnZXYVtXJQJ6EVMlBnoGECoBJQoCbRE3WF12CiNWQycMNUJSLUMyVgsmCj1eWicEYgVwfkt3EgR7TTBeWC8KMEQTeVUpQxN5VXYHGHtAdHUTeVUwXlh9UWIEdG5Xd08Af0-xiBQYqFTdbUzwAJVxfP0B1cQN4UmkEAG5Xdx9dIxEqWxN5JmIFBicMLFITeVUgUlUgCm4SBHsGL0VZJgBiBXBzXGkHGH9Wfw4YfFdiBQY4BCFWRCJAdXEDeFJpBABtEHoDAHJdd1QFfQB+BVQvBnIDVHoBfwJQKFV0AgcqXSYDAQ
Requested by
Host: astancerta.fun
URL: https://astancerta.fun/MGZkU1RRBAc+a1FbBnUhQgpZdmZ2Q1YVMEQQUT87RRZSYDJRBUowOF8TADUmXwgQfTpVEkFhElwoDyc4YhwABR5xFQwQEXkPJQs7YCRXYjdTJzUCHWI/CwQBalQiOQ5mAx5rGX0RMmAVSDM1NhIALzUpGn4zCgkMaTAQCx5hLFIWAn0KJj07dyMnPBZ6NwsQNmIjVwQSAVQnOhpnNx0wGX4zLgAYZSsdBTNDCyc5ZVUxDTARaQEyJDJbElcWM2JRMAcWVTEnax99IzUHMWYzFAIsflMyCw14ISwnFVQuMQcxZjMTCzhYXzEEHXUCI2YMVFZcEjIASxw6FmE/FRUAVAQxKSNxLDIrMmBWJmI3YShQBjlbIyUUYWgCHGoweR4hIgNIKFEZOXkgJjo3fSoiGgBVMDE0AVwzAxA5BDUmGyd3KlQFDnoBJjoWaCQeCxNbLiMbbWcAE2cNViAAOhZhP1ARF3YxNhAecQI8FhBVIC4jFnEkEBYcXyIlGx5UAlUCElY3JnZmciQyAiJyCC0XAngJJjUjejcvFQIAJwMwJWg1PRcVYUAOIDteFlkgJVIrEDogAicsIwN/DSc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3800:5:a46:8900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
23cb72beaea6c8f3429943512aa2fac569837a979b72292b5464087074c85004

Request headers

Referer
https://astancerta.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 10:56:13 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
436
via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
x-amz-cf-id
WN8LUwNGkm5aXprhlNkbuyIxaQr08ZtXnaUDzCj3-R2NqLzSckMY3w==
popunder.gif
esusivebe.top/ 		35 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esusivebe.top/popunder.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-38.fra56.r.cloudfront.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 16 Aug 2021 10:56:14 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
content-length
58
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc941.cloudfront.net (CloudFront)
x-amz-cf-id
3wANphlzxx0vwB-rrJvyjhvz2gANdiQpXcoUFwohH5negJK__6JCdA==
multi
useumaien.biz/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://useumaien.biz/multi?tid=708052&red=1&cs=bE5ycnZdeEsQFVh8SxBHXHpGF0Zc&abt=0&v=1.0.48.0&sm=76&k=userscloud%20free%20cloud%20storage%20unlimited&sts=0&prn=0&emb=0&fs=1&ref=https%3A%2F%2Fuserscloud.com%2F2sgg16rhmoq2&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&tzd=2&uloc=&if=0&_mr7J=1629111374274&crc=1
Requested by
Host: userscloud.com
URL: https://userscloud.com/2sgg16rhmoq2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-24.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
3e51124c91659ed2cb6358416da34be878be365799d2ada2a7b5578bd2fb0e97

Request headers

Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Aug 2021 10:56:14 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://userscloud.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
text/plain
content-length
1349
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-id
53xUuqptTdRaEGzO1auASVv3Cl5aB5FuiwdBQ7SM_LamOhRwrZUkmw==
truncated
/ Frame 93EC 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __cfQR object| __cfBeacon function| $ function| jQuery function| Fingerprint2 number| LAST_CORRECT_EVENT_TIME number| _306923442 number| _891119744 function| fa number| _1393880397 object| colors object| config object| jQuery110206471464991293907 function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 221=l5n6dAlU4zVtWQu5T8OUzZuu1q-ksio4LPfBrKrwB8JHa2WT6Jq1qbi1PTihxZgDfEr7kiYu78e3XXX8Ssu3hTpTm0cZNrW15QX9Tml4rzvQIcHBgdzpwd0m11wOz_In55qaYkHTFhYm5q7OdHUszLQyiJVToPDIdm_DBfthjMo
.userscloud.com/ Name: lang
Value: english

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
astancerta.fun
content.googleapis.com
docs.google.com
dtv5loup63fac.cloudfront.net
esusivebe.top
ssl.gstatic.com
static.cloudflareinsights.com
userscloud.com
useumaien.biz
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
13.32.22.38
143.204.207.24
2600:9000:21f3:3800:5:a46:8900:21
2606:4700:3031::ac43:8f05
2606:4700:3031::ac43:dea7
2606:4700::6810:5f41
2a00:1450:4001:809::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
027ab93950d2734537252f0eb224ef30ad12d5e3a8992af34fe0e3622101e9a7
02b978e1feb64fa5c75dfdc947ca03ed38f8499ce275af8a042f6eab1877c113
0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc
0d14eb72e6152550a6c9581167f7b3b22616c28ffc0e70b23d7522ff5ff3c86e
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
23cb72beaea6c8f3429943512aa2fac569837a979b72292b5464087074c85004
27b43c0c88a2b4d120ef01d86b97c7bf27fa963095852ad022779319050a2033
2b31864dd386cb0702bf2d3da3c4fd1990daf6351f5e37b2bd75111fc5590c31
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9
3e51124c91659ed2cb6358416da34be878be365799d2ada2a7b5578bd2fb0e97
5efc6c44c79dea9006cc3352e1dd7f21aa9adfc51343927b7b45ffc82a4fa8eb
612459434ea07ce9edf82fdd6c25f635cae0982b5d9073836a79319f2297c416
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b7c0fbe0bd60dd5fa1dbfad0ece7835c374e0dfeb56c5812e28872235cec2a5
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89bcafeb5a916c4f0ea21a718e7e3d839e72a23ea7078bc72683035044a71c91
8cba1896313ea5c1b9c7142be77501dfc2a7fbcb0c15ebe2ce9fde4bdb48c1cc
9260587c5a8bbd8cb3fb15427e99cc086cfe1c536d04914b9d6d39d82cefc22e
a1de57ad8f0e97c0260786a62ed3296149b6f250fb4110f12a9266ac731d7c78
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b64ed37154b8ea13c4e27a0a805b39a3a6a9bb53db309523540f071ce7e6f30c
b83f02e3630fa4aa7aa14a796e4a16b5061443d5dcd863be6224b6334acbf293
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137
cccdc032315a2036a72edb4d3af15a3daca9acfbf8e906fea3293ed322407436
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d52aa5614f8b75142f9fee208d69dad6a137508c23cc56026ed9f71d04231106
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ecf0070aa387c14c819743da3cb176a3ff823fa9eb7674962225f2bc4342e442
f61437e010d63adf0fd421e777731785081381c6fff72dd211b0ddf4dd5c9584
fb058d79df5c793531596af8a345d8a0be47a7c576d1b7cd987a6a21adcdb6ba