app.user.com Open in urlscan Pro
2606:4700:10::6816:31fd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://burdamedia.user.com/
Effective URL:
https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Submission: On December 11 via manual (December 11th 2023, 12:07:51 pm UTC) from BE — Scanned from DE

Summary HTTP 55 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 55 HTTP transactions. The main IP is 2606:4700:10::6816:31fd, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.user.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 13th 2023. Valid for: a year.

This is the only time app.user.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700:10:... 2606:4700:10::ac43:2682	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 23	2606:4700:10:... 2606:4700:10::6816:31fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2 2	51.77.134.128 51.77.134.128	16276 (OVH) (OVH)
55	12

6 2606:4700:10::ac43:2682 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

burdamedia.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
register-static.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
support.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:10::6816:31fd (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

burdamedia.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
register-static.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
support.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.77.134.128 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3137052.ip-51-77-134.eu

eu.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.userengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	user.com 4 redirects burdamedia.user.com — Cisco Umbrella Rank: 580727 app.user.com register-static.user.com support.user.com widget.user.com — Cisco Umbrella Rank: 113506 media.user.com — Cisco Umbrella Rank: 192122 eu.user.com — Cisco Umbrella Rank: 601512	1 MB
8	gstatic.com www.gstatic.com fonts.gstatic.com	687 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2693	46 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	360 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6765	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75	403 B
1	userengage.com 1 redirects app.userengage.com	125 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
55	9

	Domain	Requested by
9	register-static.user.com	app.user.com register-static.user.com
7	www.google.com	app.user.com www.gstatic.com www.google.com
6	www.gstatic.com	www.google.com www.gstatic.com
6	widget.user.com	app.user.com support.user.com
5	support.user.com	1 redirects support.user.com
4	media.user.com
4	www.googletagmanager.com	app.user.com www.googletagmanager.com www.google-analytics.com
3	app.user.com	app.user.com static.cloudflareinsights.com
2	www.google.de	app.user.com
2	fonts.gstatic.com	www.google.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	burdamedia.user.com	2 redirects
1	app.userengage.com	1 redirects
1	eu.user.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	app.user.com
55	18

This site contains links to these domains. Also see Links.

Domain
user.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Frame ID: 3992BF5BEB5344FE6920CCC5AB466DE1
Requests: 40 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=h9ask2gbxkvg
Frame ID: FB2C0CEB65969DB8017EA41B28E83078
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=normal&cb=ocn0gac3furk
Frame ID: D9C878AF461F1C9FA6C6C16A90D920FA
Requests: 3 HTTP requests in this frame

Frame: https://media.user.com/avatars/_B0A5675_crop__kopia_IC17acq.jpg
Frame ID: 467449413043CB76C472B41741C9BBCF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

User.com | Login - User.com

Page URL History Show full URLs

http://burdamedia.user.com/ HTTP 301
https://burdamedia.user.com/ HTTP 302
https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/ Page URL

Detected technologies

Django (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

55
Requests

95 %
HTTPS

92 %
IPv6

9
Domains

18
Subdomains

12
IPs

4
Countries

2528 kB
Transfer

6404 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://user.com/en/?utm_source=app.user.com&utm_medium=client_webpush

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://burdamedia.user.com/ HTTP 301
https://burdamedia.user.com/ HTTP 302
https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://support.user.com/widget.js HTTP 301
https://widget.user.com/widget.js

Request Chain 52

https://eu.user.com/media/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg HTTP 301
https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg

Request Chain 54

https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png HTTP 301
https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png

55 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.user.com/accounts/login/
Redirect Chain

http://burdamedia.user.com/
https://burdamedia.user.com/
https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

8 KB
3 KB

138ms
118ms

Document
text/html

2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8256e3f6e16873f0eb0294622bb4d8efe32e3186e00dbb2805b665dd8a166973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
cf-cache-status: DYNAMIC
cf-ray: 833d9bf4fe5fbbb5-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Mon, 11 Dec 2023 12:07:46 GMT
expires: Mon, 11 Dec 2023 12:07:46 GMT
referrer-policy: same-origin
server: cloudflare
ue-backend: wsgi-register
ue-node: uwsgi-register4
vary: Cookie, Accept-Language, Origin
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 833d9bf0e934bbb5-FRA
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 12:07:46 GMT
location: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
referrer-policy: same-origin
server: cloudflare
ue-backend: tenants
ue-node: apinode77
vary: Cookie, Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 / Show response
app.user.com/jsi18n/ 3 KB
1 KB 61ms
60ms Script
text/javascript 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.user.com/jsi18n/

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25606f56d89470768333065f9f9d8efcfe9b46dadece2af3420f5b8f05c7da6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:46 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: DENY
vary: Accept-Language, Cookie, Origin
content-language: en-us
content-type: text/javascript; charset="utf-8"
ue-backend: wsgi-register
ue-node: uwsgi-register6
cf-ray: 833d9bf5cf54bbb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.a99d602810b04e6b8bf5.css
register-static.user.com/static/bundles/ 792 KB
330 KB 51ms
32ms Stylesheet
text/css 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/bundles/main.a99d602810b04e6b8bf5.css
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ef629211f79c3de01794cf294dd988b6ab7bf7a8c7c3d58e3f24440038531b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:46 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: TSPJA23E4PWNTKY4
age: 72278
cf-polished: origSize=923898
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: eX97lDxG1ogyCkGPjEcz2dnsmrcdlPlFcgx7SO1ent6RfZxR6CLJwxi5UZtFL7K+t8ZhdnPXIRg=
cf-bgj: minify
last-modified: Wed, 20 Sep 2023 06:41:57 GMT
server: cloudflare
etag: W/"4a5449e2ee2834089b79fed0961f9496"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=432000
cf-ray: 833d9bf5ef78bbb5-FRA

GET
H2

200

widget.js Show response
widget.user.com/
Redirect Chain

https://support.user.com/widget.js
https://widget.user.com/widget.js

149 KB
51 KB

37ms
27ms

Script
application/javascript

2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget.js
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H2
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c885e6fb5f0e5e48b769b2be53ad58f33c09f0861179872907f13f975eb6991c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 06:03:33 GMT
server: cloudflare
x-amz-request-id: 0F27ZXYFTZEFRAHA
age: 3178
etag: W/"9f11295966ec1b0d997cde32b2bda20e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 833d9bf61fabbbb5-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: oHdpmfXF8aMwDzB11SsoEDSVHJqviXHwT29GFwkd1i4rYpLxAAkRH621i6nFUvnjWG5uf5pSJog=

Redirect headers

date: Mon, 11 Dec 2023 12:07:46 GMT
cf-cache-status: HIT
server: cloudflare
age: 75740
vary: Accept-Encoding
location: https://widget.user.com/widget.js
cache-control: max-age=3600
cf-ray: 833d9bf5ef7cbbb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 register.32307c4297709cd21e7d.css
register-static.user.com/static/bundles/ 384 KB
266 KB 37ms
19ms Stylesheet
text/css 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/bundles/register.32307c4297709cd21e7d.css
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a17dbb8eaac0ee5dfc23e1ab58b100062c8a791a134701945a858e0a98b03b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:46 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: N6K6WMM5QBSSSQGS
age: 72278
cf-polished: origSize=403722
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nt6SxdtWYpYYeAug841paF7Z/Wttvco5QHC68t7qMJnsuKbNerWEC0LIiUPg6WyG0M9Joy0+1Z4=
cf-bgj: minify
last-modified: Wed, 20 Sep 2023 06:41:57 GMT
server: cloudflare
etag: W/"bdc9b32bf30edfa72aa28fb23151febd"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=432000
cf-ray: 833d9bf5ef76bbb5-FRA

GET
H2 200 logo-black-normal.svg
register-static.user.com/static/img/usercom/ 6 KB
2 KB 45ms
27ms Image
image/svg+xml 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register-static.user.com/static/img/usercom/logo-black-normal.svg
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1fd38fc3eedf82b1a61a1225d6469833f5a2775db377bf69d8b77e47e8c7250

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Feb 2022 07:35:57 GMT
server: cloudflare
x-amz-request-id: DKC662S4YQDWGXTR
age: 72278
etag: W/"3338f831a349558bc7d70acf65ae8b44"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=432000
cf-ray: 833d9bf5ef7bbbb5-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ore7BnkDmfltmKIqzKm/jWJVxniNr5Zoy2lmBPuoyFyeWS51LED3JSF0e56GivBWbDf/25Y30wk=

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0cf30b53119edd0aa744144c8573d7011e825591f375e82045b920f080251d5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 11 Dec 2023 12:07:46 GMT

GET
H3 200 gogle-register%402x.png
register-static.user.com/static/img/brands/google/ 7 KB
8 KB 55ms
55ms Image
image/png 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register-static.user.com/static/img/brands/google/gogle-register%402x.png
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5323b169dbd28eb5b59d68445117d5d12c0151f2d5328f66862493c81d24e26d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:46 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: VA5GD8952RH2TNNR
cf-polished: status=cannot_optimize
alt-svc: h3=":443"; ma=86400
content-length: 7446
x-amz-id-2: t+AN+D/RnZDxD/4O0OB4zMx26fN/7Cq08at+gmCeH6KRbVV0vNzraguXZXobI+evH7o/viEAr98=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 01 Feb 2022 07:35:57 GMT
server: cloudflare
etag: "b6f49555c27bc50bde81836f4feb1155"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 833d9bf619de912b-FRA

GET
H3 200 main.2cd8d52a759916a806e4.js Show response
register-static.user.com/static/bundles/ 452 KB
145 KB 30ms
29ms Script
application/javascript 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/bundles/main.2cd8d52a759916a806e4.js
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57c416ceee6ce51bbff3903252e43e07b86a503fe33805b7d4f994d0e5f2ae00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:46 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: SHJ91P4ME6SQM7AP
age: 61623
cf-polished: origSize=464464
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RtANG1M30f2nQ3bsvYKv7sDgoG+LZ2jAh0UPK2XCQe6vUB2gwprwCWcj92Cbfy1tP2bSnHLrGFE=
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 07:54:45 GMT
server: cloudflare
etag: W/"1541f6d2568b3f01d2b3c8ccd50aa25c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 833d9bf619e9912b-FRA

GET
H3 200 register.1d63084dbbbe6427b494.js Show response
register-static.user.com/static/bundles/ 1 MB
423 KB 52ms
51ms Script
application/javascript 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/bundles/register.1d63084dbbbe6427b494.js
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0169cac5fa38d4e599a5117295511c77d9db5c93e77b0edb944c3b8e66e0849

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: RS1G1EBXJEH1CP8E
cf-polished: origSize=1413401
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: famNiPWeKcu3C7Y2FyFzHAbrRw/NT28H7ljPOsEmclmSgy/BSFfSPcKn/40kFqQ7YH6sUbjg4+k=
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 07:54:45 GMT
server: cloudflare
etag: W/"81714c78829446e6f6721d6c22ced3b2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 833d9bf66a39912b-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 71ms
48ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin: https://app.user.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 833d9bf68d79921d-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 363 KB
100 KB 73ms
42ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04d08e2d9540486925356f5bd2208d808e4f07131a47de10084ac09332309816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102169
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 12:07:47 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ 504 KB
202 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://app.user.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 09:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206640
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 09:37:23 GMT

GET
H3 200 DMSans-Medium.woff2
register-static.user.com/static/fonts/dmsans/ 29 KB
30 KB 90ms
77ms Font
application/octet-stream 2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/fonts/dmsans/DMSans-Medium.woff2
Requested by: Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.a99d602810b04e6b8bf5.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 087ad01ffaf62e7b8ecee1bd1e1ea770399c8fc82900d1e7db134e5baf825c0f

Request headers

Referer: https://register-static.user.com/static/bundles/main.a99d602810b04e6b8bf5.css
Origin: https://app.user.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: DMTWR2JFJ18CWV8X
alt-svc: h3=":443"; ma=86400
content-length: 29880
x-amz-id-2: tcv5cAL9UXVzBFKiVxe2T2qMRxuCs9GlVCRcY0f8vOnIjYwxCtaYGXtNTVd8KWXs5ceZyeNVwjY=
last-modified: Tue, 01 Feb 2022 07:35:56 GMT
server: cloudflare
etag: "d940ea16273447cce854f545842768fe"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 833d9bf67e7c199e-FRA

GET
H3 200 DMSans-Regular.woff2
register-static.user.com/static/fonts/dmsans/ 29 KB
30 KB 85ms
73ms Font
application/octet-stream 2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/fonts/dmsans/DMSans-Regular.woff2
Requested by: Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.a99d602810b04e6b8bf5.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308

Request headers

Referer: https://register-static.user.com/static/bundles/main.a99d602810b04e6b8bf5.css
Origin: https://app.user.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: DMTSH1WJ5YNEK80Q
alt-svc: h3=":443"; ma=86400
content-length: 29948
x-amz-id-2: 2y8nxlxaZrODadv/40uY+3SdoKEn09LjJ9Yz17iaN8YT1kDVr16DGtOfHWHXI+zq1nXDA8gExDo=
last-modified: Tue, 01 Feb 2022 07:35:56 GMT
server: cloudflare
etag: "7795a419ed60bbfac7070ea410eeae6a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 833d9bf67e7b199e-FRA

GET
H3 200 fa-solid-900.woff2
register-static.user.com/static/fonts/ 63 KB
63 KB 70ms
58ms Font
application/octet-stream 2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register-static.user.com/static/fonts/fa-solid-900.woff2
Requested by: Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.a99d602810b04e6b8bf5.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad

Request headers

Referer: https://register-static.user.com/static/bundles/main.a99d602810b04e6b8bf5.css
Origin: https://app.user.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: VWM7YJHN59GWGKXX
alt-svc: h3=":443"; ma=86400
content-length: 64428
x-amz-id-2: HFuecYBt9dtKNF8r+TvwDJTvz+51y4As2DIu/d4+eKgEotdkIKNFwe8k7vXqA8EEgqkCwnj+GVmiMI5TdbFpaw==
last-modified: Tue, 01 Feb 2022 07:35:55 GMT
server: cloudflare
etag: "c4fc4e6d5fcf0af616e6cd6f884b72e9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 833d9bf67e7a199e-FRA

GET
H3 200 widget-app.2f1311514d2416d3d6d9.js Show response
widget.user.com/ 92 KB
18 KB 23ms
23ms Script
application/javascript 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-app.2f1311514d2416d3d6d9.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 030f7fa22bba9e4834ce68ce502f78520d0c5eaee401d7ff5654de7dc6494086

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 06:03:33 GMT
server: cloudflare
x-amz-request-id: AZ72MHXEDGS4DDBF
age: 4229
etag: W/"f294a3ea881ab4414e2e49f086355597"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 833d9bf74b38912b-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uMbplPeHrVM73fcaKLxVL+L7MUuf0UTzEYkcHUV+89uxnZjuSXiZZt3gT/wt1H7InsdKxbf+ejk=

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame FB2C 42 KB
27 KB 60ms
60ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=h9ask2gbxkvg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

51afd860f5ea5d485e3cf9ad8f0496af3076fb172fb970f9c978d5957cb6b868

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0wjkmoAUO54MLy758babEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0wjkmoAUO54MLy758babEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 12:07:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D9C8 7 KB
1 KB 20ms
20ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=normal&cb=ocn0gac3furk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1cfd35a92befa98dc9c21dd6c0bdabf69651724f16564a16cd114207c2b7387e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YAUbVqy8nrzI2uRYM22gkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-YAUbVqy8nrzI2uRYM22gkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 12:07:47 GMT
expires: Mon, 11 Dec 2023 12:07:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76c43cede7a596770a94c86987c75ddcdfc95245fa8f1b1a3b369aa27bd93c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89456
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 12:07:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 257 KB
87 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e327db0e12ab82ac3877f02c6485c267a3ce163bce717903191f744ebcc8d82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89316
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 12:07:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 11:48:18 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1169
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Dec 2023 13:48:18 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame D9C8 55 KB
24 KB 25ms
8ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=normal&cb=ocn0gac3furk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 06:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 06:51:16 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame D9C8 504 KB
202 KB 30ms
13ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 09:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206640
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 09:37:23 GMT

GET
H3 200 widget-actionsStore.2f1311514d2416d3d6d9.js Show response
widget.user.com/ 5 KB
2 KB 17ms
16ms Script
application/javascript 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-actionsStore.2f1311514d2416d3d6d9.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 06:03:33 GMT
server: cloudflare
x-amz-request-id: 5RKT8PXZGSJXEJW3
age: 1419
etag: W/"0d051876f932526893b9cf6305e9ce28"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 833d9bf79b93912b-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bouX0Q4jg/FCdLGEI9aqmisnUPVCnMwIemNaAxZZMQj1BtGEAFSz8PQ6sld5dLufcstyZeclCz4=

POST
H3 200 / Show response
support.user.com/api/v2/user-chatping/ 5 KB
2 KB 147ms
147ms Fetch
application/json 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.user.com/api/v2/user-chatping/

Requested by

Host: support.user.com
URL: https://support.user.com/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cd2c4e460cce5d25422b4d1b215723076b4714d61d6c7d7b6cf61f3af9ed2c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ue-backend: tenants
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
vary: Cookie, Origin
allow: POST, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: https://app.user.com
access-control-allow-credentials: true
ue-node: apinode52
cf-ray: 833d9bf80c00912b-FRA

OPTIONS
H3 200 /
support.user.com/api/v2/user-chatping/ Frame 0
0 64ms
64ms Preflight
text/html 2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.user.com/api/v2/user-chatping/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://app.user.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://app.user.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 833d9bf7a80b199e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 12:07:47 GMT
server: cloudflare
ue-backend: tenants
ue-node: apinode37
vary: Origin

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
220 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1865451724&t=pageview&_s=1&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fburdamedia.user.com%2F&ul=en-us&de=UTF-8&dt=User.com%20%7C%20Login%20-%20User.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAEK~&jid=1560590265&gjid=484743517&cid=1776914971.1702296467&tid=UA-100960632-1&_gid=1619698404.1702296467&_r=1&_slc=1&gtm=45He3bt0n815SBSNG9v76971330&cd12=&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd3=1776914971.1702296467&z=894544119

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

4e76f53ab3944fa6b24a671f438de2d4ea0ebc4a252cd8b4ae410c7626713e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 12:07:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 36ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2065MFPQH5&gtm=45je3bt0v876245972z876971330&_p=1702296466853&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1776914971.1702296467&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702296467&sct=1&seg=0&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fburdamedia.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&en=page_view&_fv=1&_ss=1&tfd=1260
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 12:07:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame FB2C 55 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 06:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 06:51:16 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame FB2C 504 KB
202 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 09:37:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206640
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 09:37:23 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-100960632-1&cid=1776914971.1702296467&jid=1560590265&gjid=484743517&_gid=1619698404.1702296467&_u=YGBACEAABAAAACAEK~&z=125513101

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 11 Dec 2023 12:07:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
85 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X19GWGFGFC&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a3dcbc46c250d94458c4c6374c54e238dda950d24060c68813c6cc0ac621e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86978
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 12:07:47 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P39TDMK54G&gtm=45je3bt0v883336927z876971330&_p=1702296466853&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1776914971.1702296467&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702296467&sct=1&seg=0&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fburdamedia.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&en=page_view&_fv=1&_ss=1&tfd=1283
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 12:07:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js Show response
www.google.com/js/bg/ Frame FB2C 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=h9ask2gbxkvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:20:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6849
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 07:20:35 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FB2C 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:04:45 GMT
x-content-type-options: nosniff
age: 244982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 15 Dec 2023 16:04:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FB2C 15 KB
15 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:43:39 GMT
x-content-type-options: nosniff
age: 213848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 00:43:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FB2C 15 KB
16 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:49:27 GMT
x-content-type-options: nosniff
age: 44300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Dec 2024 23:49:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame FB2C 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7b92a4e3cd9b6ea5422c922f8cba9e12213368ade0cac7fa38328003a55887c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=h9ask2gbxkvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 11 Dec 2023 12:07:47 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
30ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100960632-1&cid=1776914971.1702296467&jid=1560590265&_u=YGBACEAABAAAACAEK~&z=1129793457

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 12:07:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 52ms
31ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100960632-1&cid=1776914971.1702296467&jid=1560590265&_u=YGBACEAABAAAACAEK~&z=1129793457

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 12:07:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-X19GWGFGFC&gtm=45je3bt0v9165106096&_p=1702296466853&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1776914971.1702296467&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fburdamedia.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&sid=1702296467&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_3=1776914971.1702296467&tfd=1360
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X19GWGFGFC&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 12:07:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 19ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X19GWGFGFC&cid=1776914971.1702296467&gtm=45je3bt0v9165106096&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X19GWGFGFC&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 12:07:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.user.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X19GWGFGFC&cid=1776914971.1702296467&gtm=45je3bt0v9165106096&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=646907562

Requested by

Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 12:07:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
app.user.com/cdn-cgi/ 0
139 B 10ms
10ms XHR
text/plain 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.user.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.user.com/accounts/login/?next=https%3A//burdamedia.user.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: application/json

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://app.user.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 833d9bf8ac98912b-FRA

OPTIONS
H3 200 /
support.user.com/api/webpush/ Frame 0
0 38ms
38ms Preflight
text/html 2606:4700:10::ac43:2682
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.user.com/api/webpush/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2682 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://app.user.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://app.user.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 833d9bf92a02199e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 12:07:47 GMT
server: cloudflare
ue-backend: tenants
ue-node: apinode77
vary: Origin

POST
H3 200 / Show response
support.user.com/api/webpush/ 1 KB
794 B 51ms
50ms Fetch
application/json 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.user.com/api/webpush/

Requested by

Host: support.user.com
URL: https://support.user.com/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c518d4a6aa0478e851ceed03b160fe582f7f22bd92c74a44b8bd48188654b9b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ue-backend: tenants
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
vary: Cookie, Origin
allow: POST, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: https://app.user.com
access-control-allow-credentials: true
ue-node: apinode68
cf-ray: 833d9bf96d3c912b-FRA

GET
H3 200 widget-chatStore.2f1311514d2416d3d6d9.js Show response
widget.user.com/ 12 KB
4 KB 16ms
16ms Script
application/javascript 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-chatStore.2f1311514d2416d3d6d9.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a34c36eba1fc5d92f556851778a8695936a52b8a63445aaee9863b2fc6b04e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 06:03:33 GMT
server: cloudflare
x-amz-request-id: YWX8388A6JP8YG2Q
age: 5031
etag: W/"4550e64d06e66cf5565b1f1d49a27aa4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 833d9bf92cfe912b-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: W4r0wZ40q7lZ48tuS/9yf9WYPb/Wou0uP8A57N8N6/4F87gy9/BeSfIQv5HR/8T07Gj82flU+B8=

GET
H3 200 widget-launcherModule.2f1311514d2416d3d6d9.js Show response
widget.user.com/ 12 KB
5 KB 20ms
20ms Script
application/javascript 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-launcherModule.2f1311514d2416d3d6d9.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90b4a05a42e37f0e9c9edb4f2f29a5e46ee6d04dd2ea7e4ca29565cb9346d4ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 06:03:33 GMT
server: cloudflare
x-amz-request-id: AHPVXVMRFAQTP1SQ
age: 4971
etag: W/"c910a153db19745fd01517e1bdb7c810"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 833d9bf92cff912b-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: THT2dG1YBOT1GAZTOxEv6MezU+FQg+IxWMNKS/QNCZFw8xjlqZ7vr7h8lwLLaE2g3VMfZ7rbjN8=

GET
H2 200 _B0A5675_crop__kopia_IC17acq.jpg
media.user.com/avatars/ Frame 4674 4 KB
4 KB 31ms
22ms Image
image/jpeg 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/avatars/_B0A5675_crop__kopia_IC17acq.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa9059123daaed6cf6c8625e5cb7fef8a9e69a5d1b448a8fe79f01f87a1307f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
x-amz-version-id: 92ZeJqF_Mn231hyGVvrgj5L_5BYo_jIP
cf-cache-status: HIT
x-amz-request-id: DBRSJ8461QGDAW2M
age: 22815
cf-polished: origSize=4022
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 3896
x-amz-id-2: VSELdykxJ2dfnaMZT3LAY0FY1wmVrp9gyAXb7JhcD/eGgK5ibdv3svTHSOnHlBjI8lbxl4OHR/I=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 07 Feb 2023 08:30:00 GMT
server: cloudflare
etag: "f5b8b48dd8624d85550a5d49f6e97c33"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 833d9bf97baabbb5-FRA

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame FB2C 13 KB
9 KB 87ms
87ms XHR
application/json 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1ee5271d6a44fc3571754ed7fa796c88c8e3cff2c16296caa60584af0cacf8bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=h9ask2gbxkvg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 11 Dec 2023 12:07:47 GMT

GET
H3 200 widget-webpushModule.2f1311514d2416d3d6d9.js Show response
widget.user.com/ 13 KB
6 KB 17ms
17ms Script
application/javascript 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-webpushModule.2f1311514d2416d3d6d9.js
Requested by: Host: support.user.com
URL: https://support.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d026c377dae351eeb868de58af2e64ebf22c483dbc4121ee663ba5a04d5185a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 06:03:33 GMT
server: cloudflare
x-amz-request-id: NFZYHB4WMFCYJ5GD
age: 1546
etag: W/"22b76e545f75ad49b323f37e3da5f6d0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 833d9bf9bd98912b-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: A2SZqsKyA5okTsI/Wo7+qiJxLIj99PpDhoOOuVGTeSxL1Y0IDOfgKcTCoN173ZP0wS/y2F/MTmY=

GET
H3 200 Screenshot_20220720-102953_Instagram_iqIdW02.jpg
media.user.com/avatars/ Frame 4674 3 KB
3 KB 40ms
39ms Image
image/jpeg 2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/avatars/Screenshot_20220720-102953_Instagram_iqIdW02.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c0d0b40ef7be46b2bb46c4f1bba328ff1bc6d41111d41b9018699d7977dc13

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
x-amz-version-id: KqQymXZhnrvIStCIv.8RdKAAMbbaT2tJ
cf-cache-status: REVALIDATED
x-amz-request-id: SHZ5SP7EAPAHH972
cf-polished: origSize=2952
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 2760
x-amz-id-2: 0SPqexUUxyALV0H6PM39sX6oHx/VkasK0AfaDYPDTfJ6VRPiMuBZ6WxRwlkPeUXKwr74+KicwXk=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 22 Jul 2022 09:53:34 GMT
server: cloudflare
etag: "aeccb440cc9865c4b15c49d54cf4a125"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 833d9bf9ddaf912b-FRA

GET
H3

200

user-logo-square-1.jpg
media.user.com/uploads/1t1nnm-userengage-support/
Redirect Chain

https://eu.user.com/media/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg

8 KB
8 KB

53ms
52ms

Image
image/jpeg

2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
Protocol: H3
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 835bd339a94d1155e76137e9ba606f587a1c04f70311b7331df0b83937c5d973

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:47 GMT
x-amz-version-id: null
cf-cache-status: REVALIDATED
x-amz-request-id: WHNH2WY9V264B97A
cf-polished: origSize=9717
alt-svc: h3=":443"; ma=86400
content-length: 8284
x-amz-id-2: G8DZZNO7K/mDF8qRwCW1P1RBEzIgj5iZnaMX7m8B+7UAW8A/tL4iN7I1Gi1Ua/aXU0FMTfj61Ug=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 18 Nov 2021 07:50:38 GMT
server: cloudflare
etag: "559614145db411818f6ddab01cabcfb3"
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 833d9bfa4e20912b-FRA

Redirect headers

location: https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
content-length: 0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4e0138c8a6efc49d5aef63e7d71c139f09aa9a65b31111fc6e60f41e1fe2ead

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

ff4d00-0-0.png
media.user.com/old-media/uploads/6238/
Redirect Chain

https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png
https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png

70 B
456 B

17ms
17ms

Image
image/webp

2606:4700:10::6816:31fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
Protocol: H3
Server: 2606:4700:10::6816:31fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3685d91003825bb30d7c466ce88382cefee36e2253955b5a570f9a27b0ada0bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:07:49 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: ZDECE37QK61Z4X83
age: 4884
cf-polished: origFmt=png, origSize=95
content-disposition: inline; filename="ff4d00-0-0.webp"
alt-svc: h3=":443"; ma=86400
content-length: 70
x-amz-id-2: 5S164MuQjX2wvO7qpwkOxxIDi2Uawn/rpBwx70x/z2wygktFCfQ8LlNlWu9P8WNqYr4HHjb0PRvZlcKIN8WgSg==
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Dec 2021 10:43:20 GMT
server: cloudflare
etag: "9591c410148e6883727c5339fd1c02cd"
vary: Accept
content-type: image/webp
accept-ranges: bytes
cf-ray: 833d9c0569aa912b-FRA

Redirect headers

location: https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
content-length: 0

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 21:10:48	Name: _GRECAPTCHA Value: 09APfP6pX8hYRU_CJPYIO_x2ZwrNNSkmvQ-D1UlPyGUz26o7IZwOSNuoqd-OfPKERGY9u1jQhIsCbm4q-gp24a07Y
app.user.com/	1970-01-21 01:35:46	Name: csrftoken Value: 51SnyegxyDS4kJo86QDu5Rul74PDTInF8Mz6F6PY9SdGV7vKdKpyWXgJ1RCRa2f7
app.user.com/	1970-01-20 17:11:46	Name: sessionid Value: wwrwbsg6zf76ngu7a6qe3qci0z4ip633
.user.com/	1970-01-20 19:01:12	Name: _gcl_au Value: 1.1.296065249.1702296467
.user.com/	1970-01-20 16:53:02	Name: _gid Value: GA1.2.1619698404.1702296467
.user.com/	1970-01-20 16:51:36	Name: _gat_UA-100960632-1 Value: 1
.user.com/	1970-01-21 02:27:36	Name: _ga Value: GA1.1.1776914971.1702296467
.user.com/	1970-01-21 02:27:36	Name: _ga_2065MFPQH5 Value: GS1.1.1702296467.1.0.1702296467.0.0.0
.user.com/	1970-01-21 02:27:36	Name: _ga_P39TDMK54G Value: GS1.1.1702296467.1.0.1702296467.0.0.0
.user.com/	1970-01-21 02:27:36	Name: _ga_X19GWGFGFC Value: GS1.2.1702296467.1.0.1702296467.60.0.0
.user.com/	1970-01-21 02:27:36	Name: _ueuuid Value: -eqyvgbN-w05jfhR
.user.com/	1970-01-21 01:37:12	Name: __ca__chat Value: xoejlm9a1xcb

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://register-static.user.com/static/bundles/register.1d63084dbbbe6427b494.js(Line 83) Message: WebSocket connection to 'wss://app.user.com/ws/notifier/' failed: Error during WebSocket handshake: Unexpected response code: 404

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.user.com
app.userengage.com
burdamedia.user.com
eu.user.com
fonts.gstatic.com
media.user.com
region1.analytics.google.com
region1.google-analytics.com
register-static.user.com
static.cloudflareinsights.com
stats.g.doubleclick.net
support.user.com
widget.user.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
2001:4860:4802:34::36
2606:4700:10::6816:31fd
2606:4700:10::ac43:2682
2606:4700::6810:3865
2a00:1450:4001:800::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c00::9d
51.77.134.128
030f7fa22bba9e4834ce68ce502f78520d0c5eaee401d7ff5654de7dc6494086
04d08e2d9540486925356f5bd2208d808e4f07131a47de10084ac09332309816
087ad01ffaf62e7b8ecee1bd1e1ea770399c8fc82900d1e7db134e5baf825c0f
0cd2c4e460cce5d25422b4d1b215723076b4714d61d6c7d7b6cf61f3af9ed2c1
0cf30b53119edd0aa744144c8573d7011e825591f375e82045b920f080251d5b
18c0d0b40ef7be46b2bb46c4f1bba328ff1bc6d41111d41b9018699d7977dc13
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cfd35a92befa98dc9c21dd6c0bdabf69651724f16564a16cd114207c2b7387e
1ee5271d6a44fc3571754ed7fa796c88c8e3cff2c16296caa60584af0cacf8bb
1ef629211f79c3de01794cf294dd988b6ab7bf7a8c7c3d58e3f24440038531b2
25606f56d89470768333065f9f9d8efcfe9b46dadece2af3420f5b8f05c7da6b
3685d91003825bb30d7c466ce88382cefee36e2253955b5a570f9a27b0ada0bd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936
46a17dbb8eaac0ee5dfc23e1ab58b100062c8a791a134701945a858e0a98b03b
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
4a34c36eba1fc5d92f556851778a8695936a52b8a63445aaee9863b2fc6b04e8
4e76f53ab3944fa6b24a671f438de2d4ea0ebc4a252cd8b4ae410c7626713e26
51afd860f5ea5d485e3cf9ad8f0496af3076fb172fb970f9c978d5957cb6b868
5323b169dbd28eb5b59d68445117d5d12c0151f2d5328f66862493c81d24e26d
57c416ceee6ce51bbff3903252e43e07b86a503fe33805b7d4f994d0e5f2ae00
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
76c43cede7a596770a94c86987c75ddcdfc95245fa8f1b1a3b369aa27bd93c86
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a3dcbc46c250d94458c4c6374c54e238dda950d24060c68813c6cc0ac621e0d
8256e3f6e16873f0eb0294622bb4d8efe32e3186e00dbb2805b665dd8a166973
835bd339a94d1155e76137e9ba606f587a1c04f70311b7331df0b83937c5d973
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308
90b4a05a42e37f0e9c9edb4f2f29a5e46ee6d04dd2ea7e4ca29565cb9346d4ae
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d
aa9059123daaed6cf6c8625e5cb7fef8a9e69a5d1b448a8fe79f01f87a1307f6
b1fd38fc3eedf82b1a61a1225d6469833f5a2775db377bf69d8b77e47e8c7250
c518d4a6aa0478e851ceed03b160fe582f7f22bd92c74a44b8bd48188654b9b3
c7b92a4e3cd9b6ea5422c922f8cba9e12213368ade0cac7fa38328003a55887c
c885e6fb5f0e5e48b769b2be53ad58f33c09f0861179872907f13f975eb6991c
d026c377dae351eeb868de58af2e64ebf22c483dbc4121ee663ba5a04d5185a4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e327db0e12ab82ac3877f02c6485c267a3ce163bce717903191f744ebcc8d82d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e0138c8a6efc49d5aef63e7d71c139f09aa9a65b31111fc6e60f41e1fe2ead
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0169cac5fa38d4e599a5117295511c77d9db5c93e77b0edb944c3b8e66e0849
fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad

app.user.com Open in urlscan Pro 2606:4700:10::6816:31fd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

95 %HTTPS

92 %IPv6

9 Domains

18 Subdomains

12 IPs

4 Countries

2528 kBTransfer

6404 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.user.com Open in urlscan Pro
2606:4700:10::6816:31fd Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

95 %
HTTPS

92 %
IPv6

9
Domains

18
Subdomains

12
IPs

4
Countries

2528 kB
Transfer

6404 kB
Size

12
Cookies

55 HTTP transactions
1 data transactions