up-mail.clicketcloud.com Open in urlscan Pro
46.30.203.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://uqr.to/1jin6
Effective URL:
http://up-mail.clicketcloud.com/?999940
Submission: On June 03 via automatic, source phishtank (June 3rd 2023, 9:50:53 pm UTC) — Scanned from DE

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 10 domains to perform 34 HTTP transactions. The main IP is 46.30.203.3, located in Epernon, France and belongs to OWENTIS-AS, FR. The main domain is up-mail.clicketcloud.com.

This is the only time up-mail.clicketcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.58.57.95 13.58.57.95	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 1	212.127.94.2 212.127.94.2	15851 (WASK-COM ...) (WASK-COM WROCMAN-COM non-educational part of WASK network)
10	46.30.203.3 46.30.203.3	39444 (OWENTIS-AS) (OWENTIS-AS)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:ab0... 2a02:26f0:ab00::b819:328b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:310... 2a02:26f0:3100::1735:28f3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a02:26f0:480... 2a02:26f0:480:e::210:f107	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:ab0... 2a02:26f0:ab00::b819:32bb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
34	13

1 13.58.57.95 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-57-95.us-east-2.compute.amazonaws.com

uqr.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.127.94.2 (Wroclaw, Poland) 1 redirects

ASN15851 (WASK-COM WROCMAN-COM non-educational part of WASK network, Wroclaw,Poland, PL)
PTR: misha.static.ip.WRO.Korbank.PL

webb-link-ap.node.cloudlets.zone	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 46.30.203.3 (Epernon, France)

ASN39444 (OWENTIS-AS, FR)
PTR: ns2.clicketcloud.com

up-mail.clicketcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00::b819:328b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:28f3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.terra.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:480:e::210:f107 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00::b819:32bb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p1.trrsf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	clicketcloud.com up-mail.clicketcloud.com	473 KB
9	trrsf.com s1.trrsf.com — Cisco Umbrella Rank: 371937 p1.trrsf.com — Cisco Umbrella Rank: 400871	67 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866	21 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5230	515 B
2	google.com www.google.com — Cisco Umbrella Rank: 3	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 111	413 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	124 KB
1	terra.com.br www.terra.com.br — Cisco Umbrella Rank: 98230	3 KB
1	cloudlets.zone webb-link-ap.node.cloudlets.zone Failed	471 B
1	uqr.to uqr.to — Cisco Umbrella Rank: 341376	2 KB
34	10

	Domain	Requested by
10	up-mail.clicketcloud.com	uqr.to up-mail.clicketcloud.com
8	s1.trrsf.com	up-mail.clicketcloud.com
3	www.google-analytics.com	www.googletagmanager.com
2	www.google.de
2	www.google.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googletagmanager.com	uqr.to www.googletagmanager.com
1	p1.trrsf.com	up-mail.clicketcloud.com
1	www.terra.com.br	up-mail.clicketcloud.com
1	webb-link-ap.node.cloudlets.zone	uqr.to
1	region1.google-analytics.com	www.googletagmanager.com
1	uqr.to
34	12

This site contains no links.

Subject Issuer	Validity	Valid
uqr.to R3	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
terra.com.br DigiCert TLS RSA SHA256 2020 CA1	`2022-11-17` - `2023-11-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://up-mail.clicketcloud.com/?999940
Frame ID: 24FB41F8E4199AE3FD83E8C6CBF329E6
Requests: 28 HTTP requests in this frame

Frame: http://up-mail.clicketcloud.com/index_files/normal_2.html
Frame ID: 681091D159A721A4C6BCA1F0E50591EC
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Terra Mail

Page URL History Show full URLs

https://uqr.to/1jin6 Page URL
https://webb-link-ap.node.cloudlets.zone/inf.php HTTP 302
http://up-mail.clicketcloud.com/?999940 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

34
Requests

44 %
HTTPS

77 %
IPv6

10
Domains

12
Subdomains

13
IPs

5
Countries

692 kB
Transfer

1174 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://uqr.to/1jin6 Page URL
https://webb-link-ap.node.cloudlets.zone/inf.php HTTP 302
http://up-mail.clicketcloud.com/?999940 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 1jin6 Show response
uqr.to/ 2 KB
2 KB 555ms
322ms Document
text/html 13.58.57.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://uqr.to/1jin6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.58.57.95 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-58-57-95.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a579f472163ee6dd5e1e2ba59388b9d1afb19283ff1ee9c41356d985dd09d435

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, private, max-age=2592000
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 809
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Jun 2023 21:50:47 GMT
Expires: Mon, 03 Jul 2023 21:50:47 GMT
Keep-Alive: timeout=5, max=500
Permissions-Policy: geolocation=self
Referrer-Policy: strict-origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 133 KB
50 KB 42ms
17ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl

Requested by

Host: uqr.to
URL: https://uqr.to/1jin6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b7e1f4612f0718c075c0ee5dded17687a8cbb52f79198e08fe1cb3f9b1cd688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 21:50:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50982
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Jun 2023 21:50:48 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 51 KB
21 KB 46ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 20:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4521
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 03 Jun 2023 22:35:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
74 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0DWYM481N5&l=uqtdl&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSZ7GSJ&l=uqtdl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5deefde8c47b45e95dc75207118fc27f528ff72ce15f4ee1e4bb9833846167ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 21:50:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75315
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Jun 2023 21:50:48 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 41ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0DWYM481N5&gtm=45je35v0&_p=36547859&cid=12033311.1685829048&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685829048&sct=1&seg=0&dl=https%3A%2F%2Fuqr.to%2F1jin6&dt=QR%20code%2014&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DWYM481N5&l=uqtdl&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 21:50:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uqr.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET inf.php
webb-link-ap.node.cloudlets.zone/ 0
0

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
343 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-18982026-1&cid=12033311.1685829048&jid=228860875&gjid=1562552692&_gid=1616987081.1685829048&_u=YCDAgEABAAAAAEAAI~&z=791621375

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://uqr.to/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Jun 2023 21:50:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uqr.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
70 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-18982026-3&cid=12033311.1685829048&jid=888549874&gjid=1306817847&_gid=1616987081.1685829048&_u=YCDAgEABAAAAAEAAI~&z=1732630332

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://uqr.to/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Jun 2023 21:50:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uqr.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 9ms
8ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=36547859&t=pageview&_s=1&dl=https%3A%2F%2Fuqr.to%2F1jin6&ul=en-us&de=UTF-8&dt=QR%20code%2014&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=228860875&gjid=1562552692&cid=12033311.1685829048&tid=UA-18982026-1&_gid=1616987081.1685829048&gtm=45He35v0n81NSZ7GSJ&cd1=1&cd2=1028507&z=278939280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 02:51:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68374
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 9ms
8ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=36547859&t=pageview&_s=1&dl=https%3A%2F%2Fuqr.to%2F1jin6&ul=en-us&de=UTF-8&dt=QR%20code%2014&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAEAAI~&jid=888549874&gjid=1306817847&cid=12033311.1685829048&tid=UA-18982026-3&_gid=1616987081.1685829048&gtm=45He35v0n81NSZ7GSJ&cd1=1028507&cd2=%20-%20test&z=2092274772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 02:51:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68374
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Primary Request / Show response
up-mail.clicketcloud.com/
Redirect Chain

https://webb-link-ap.node.cloudlets.zone/inf.php
http://up-mail.clicketcloud.com/?999940

176 KB
25 KB

72ms
31ms

Document
text/html

46.30.203.3
OWENTIS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://up-mail.clicketcloud.com/?999940

Requested by

Host: uqr.to
URL: https://uqr.to/1jin6

Protocol

HTTP/1.1

Server

46.30.203.3 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns2.clicketcloud.com

Software

openresty /

Resource Hash

43f2eb925f979937d6984ef06e4b53625c293b4c08f903104fbbe6fbda59fba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 24592
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: same-origin
Date: Sat, 03 Jun 2023 21:50:48 GMT
Permissions-Policy: geolocation=(self), payment=(self)
Referrer-Policy: strict-origin-when-cross-origin
Server: openresty
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Resolver-IP: 46.30.203.3 46.30.203.3
X-XSS-Protection: 1; mode=block;

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Sat, 03 Jun 2023 21:50:48 GMT
location: http://up-mail.clicketcloud.com/?999940
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
server: openresty
strict-transport-security: max-age=15811200
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-resolver-ip: 212.127.94.2
x-xss-protection: 1; mode=block;

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 48ms
21ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-1&cid=12033311.1685829048&jid=228860875&_u=YCDAgEABAAAAAEAAI~&z=1653503520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 21:50:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 80ms
54ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-1&cid=12033311.1685829048&jid=228860875&_u=YCDAgEABAAAAAEAAI~&z=1653503520

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 21:50:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 44ms
18ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-3&cid=12033311.1685829048&jid=888549874&_u=YCDAgEABAAAAAEAAI~&z=1893837748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 21:50:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 81ms
55ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18982026-3&cid=12033311.1685829048&jid=888549874&_u=YCDAgEABAAAAAEAAI~&z=1893837748

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uqr.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Jun 2023 21:50:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK core.css
up-mail.clicketcloud.com/index_files/ 24 KB
6 KB 20ms
20ms Stylesheet
text/css 46.30.203.3
OWENTIS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://up-mail.clicketcloud.com/index_files/core.css

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?999940

Protocol

HTTP/1.1

Server

46.30.203.3 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns2.clicketcloud.com

Software

openresty /

Resource Hash

c50dab21cc8d77be54e50ac80c4449c32fcbaab32ca8e0bfbde67b366fd733b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/?999940
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 5624
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:36 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "60de-5fc461521cc00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.3, 46.30.203.3

GET
H/1.1 200
OK context2.css
up-mail.clicketcloud.com/index_files/ 24 KB
7 KB 37ms
21ms Stylesheet
text/css 46.30.203.3
OWENTIS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://up-mail.clicketcloud.com/index_files/context2.css

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?999940

Protocol

HTTP/1.1

Server

46.30.203.3 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns2.clicketcloud.com

Software

openresty /

Resource Hash

a342613ee0097818cb1d7195811b84cce65d38b9b30850c844ce61f06935d8c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/?999940
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 5966
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:36 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "60d0-5fc461521cc00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.3, 46.30.203.3

GET
H/1.1 200
OK navbar.css
up-mail.clicketcloud.com/index_files/ 67 KB
11 KB 40ms
23ms Stylesheet
text/css 46.30.203.3
OWENTIS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://up-mail.clicketcloud.com/index_files/navbar.css

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?999940

Protocol

HTTP/1.1

Server

46.30.203.3 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns2.clicketcloud.com

Software

openresty /

Resource Hash

5c5a9efd1aaf8622dba343cc8a028336cddb7fed5c8ec2b4c6df1b918006f333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/?999940
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 10720
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:36 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "10ccd-5fc461521cc00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.3, 46.30.203.3

GET
H/1.1 200
OK normal_2.html Show response
up-mail.clicketcloud.com/index_files/ Frame 6810 3 KB
2 KB 20ms
20ms Document
text/html 46.30.203.3
OWENTIS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://up-mail.clicketcloud.com/index_files/normal_2.html

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?999940

Protocol

HTTP/1.1

Server

46.30.203.3 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns2.clicketcloud.com

Software

openresty /

Resource Hash

6c4ca36b34f5e1bbdde779c9fa7ea66c7ddbb5873b83f73f55b4df0e0f59e96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: http://up-mail.clicketcloud.com/?999940
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 848
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: same-origin
Date: Sat, 03 Jun 2023 21:50:48 GMT
ETag: "c51-5fc4744668400-gzip"
Last-Modified: Mon, 22 May 2023 12:18:24 GMT
Permissions-Policy: geolocation=(self), payment=(self)
Referrer-Policy: strict-origin-when-cross-origin
Server: openresty
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Resolver-IP: 46.30.203.3 46.30.203.3
X-XSS-Protection: 1; mode=block;

GET
H/1.1 200
OK 618x226-E-mail-Gigante.jpg
up-mail.clicketcloud.com/index_files/ Frame 6810 100 KB
100 KB 20ms
20ms Image
image/jpeg 46.30.203.3
OWENTIS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://up-mail.clicketcloud.com/index_files/618x226-E-mail-Gigante.jpg

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html

Protocol

HTTP/1.1

Server

46.30.203.3 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns2.clicketcloud.com

Software

openresty /

Resource Hash

dd8f593e202f80b15b06b224ce8793dcd0cd40a290892ef9a4a6006d58a0bb38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 102128
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:32 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "18ef0-5fc4614e4c300"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.3, 46.30.203.3

GET
H/1.1 200
OK DS668_Pecas_Online_Interno_BN_618x226_B_V0_VP.jpg
up-mail.clicketcloud.com/index_files/ Frame 6810 72 KB
73 KB 21ms
21ms Image
image/jpeg 46.30.203.3
OWENTIS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://up-mail.clicketcloud.com/index_files/DS668_Pecas_Online_Interno_BN_618x226_B_V0_VP.jpg

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html

Protocol

HTTP/1.1

Server

46.30.203.3 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns2.clicketcloud.com

Software

openresty /

Resource Hash

faa81bbe4fed04fbb1d13c3de548e096ad4597f004bdfb0b490e83a80877321b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 74169
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:34 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "121b9-5fc4615034780"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.3, 46.30.203.3

GET
H/1.1 200
OK DS749_Banner_Online_CURSOS_BN-618x226_v0_HL_new.jpg
up-mail.clicketcloud.com/index_files/ Frame 6810 53 KB
53 KB 19ms
18ms Image
image/jpeg 46.30.203.3
OWENTIS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://up-mail.clicketcloud.com/index_files/DS749_Banner_Online_CURSOS_BN-618x226_v0_HL_new.jpg

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html

Protocol

HTTP/1.1

Server

46.30.203.3 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns2.clicketcloud.com

Software

openresty /

Resource Hash

c3ef10afe36e1b37a78c10ec71f1367094711470f38210a44bb9bb64a9333334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 53804
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:34 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "d22c-5fc4615034780"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.3, 46.30.203.3

GET
H/1.1 200
OK TER_601_Campanha_Loja_BN_618x226_V0_VP.jpg
up-mail.clicketcloud.com/index_files/ Frame 6810 72 KB
73 KB 41ms
22ms Image
image/jpeg 46.30.203.3
OWENTIS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://up-mail.clicketcloud.com/index_files/TER_601_Campanha_Loja_BN_618x226_V0_VP.jpg

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html

Protocol

HTTP/1.1

Server

46.30.203.3 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns2.clicketcloud.com

Software

openresty /

Resource Hash

d386885215fb12d5b2b1d3f07a4691b5654476eae9fdb4ce2a29bba7d28d5462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 74125
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:34 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "1218d-5fc4615034780"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.3, 46.30.203.3

GET
H/1.1 200
OK DS749_Banner_Online_CONSTRUTOR_BN-618x226_v0_HL.jpg
up-mail.clicketcloud.com/index_files/ Frame 6810 122 KB
123 KB 265ms
246ms Image
image/jpeg 46.30.203.3
OWENTIS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://up-mail.clicketcloud.com/index_files/DS749_Banner_Online_CONSTRUTOR_BN-618x226_v0_HL.jpg

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/normal_2.html

Protocol

HTTP/1.1

Server

46.30.203.3 Epernon, France, ASN39444 (OWENTIS-AS, FR),

Reverse DNS

ns2.clicketcloud.com

Software

openresty /

Resource Hash

7c77a879c840d5056487ab9ee5ca13cc1c8aae2593f0a99674a4f12cce7890b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/index_files/normal_2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Cross-Origin-Embedder-Policy: unsafe-none
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
Content-Length: 125225
X-XSS-Protection: 1; mode=block;
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 22 May 2023 10:53:34 GMT
Server: openresty
Cross-Origin-Opener-Policy: same-origin-allow-popups
ETag: "1e929-5fc4615034780"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Permissions-Policy: geolocation=(self), payment=(self)
Accept-Ranges: bytes
X-Resolver-IP: 46.30.203.3, 46.30.203.3

GET
H2 200 menu-white.svg
s1.trrsf.com/update-1684436071/fe/zaz-mod-icons/svg/essential/ 471 B
578 B 193ms
15ms Image
image/svg+xml 2a02:26f0:ab00::b819:328b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.trrsf.com/update-1684436071/fe/zaz-mod-icons/svg/essential/menu-white.svg
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?999940
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::b819:328b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: abdfabd3bdc79d4892487c7a172e6081a2c240c50aa908799dea10f28eb7e428

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 21:50:48 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 18:51:48 GMT
server: cloudflare-nginx
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-cdnterra-cache-status: HIT
cache-control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000, immutable
access-control-allow-credentials: true
server-timing: ak_p; desc="1685829048695_3088659079_92254467_553_522_8_21_219";dur=1
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 199

GET
H2 200 terra-horizontal-branco.svg
www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/ 6 KB
3 KB 218ms
19ms Image
image/svg+xml 2a02:26f0:3100::1735:28f3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.terra.com.br/globalSTATIC/fe/zaz-mod-t360-icons/svg/logos/terra-horizontal-branco.svg

Requested by

Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?999940

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28f3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-mt-cache: HIT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 21:50:48 GMT
x-cdnterra-cache-status: STALE
content-length: 2774
last-modified: Tue, 24 Jan 2023 18:51:52 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-type, x-cache
cache-control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK ttl-general.gif
s1.trrsf.com/terramail/capa/terra/_img/ 5 KB
5 KB 160ms
16ms Image
image/gif 2a02:26f0:480:e::210:f107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s1.trrsf.com/terramail/capa/terra/_img/ttl-general.gif
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol: HTTP/1.1
Server: 2a02:26f0:480:e::210:f107 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: cce5b207bafcac198b067c60c7899be700fc0780fa46b7d75773d0f360a45e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
Last-Modified: Fri, 06 Aug 2010 18:13:55 GMT
Server: cloudflare-nginx
X-CDNTerra-Cache-Status: MISS
Content-Type: image/gif
Cache-Control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4952

GET
H/1.1 200
OK klavika
p1.trrsf.com/image/ 2 KB
2 KB 280ms
133ms Image
image/gif 2a02:26f0:ab00::b819:32bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://p1.trrsf.com/image/klavika?c=sh&t=acesse%20seu%20terra%20mail
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol: HTTP/1.1
Server: 2a02:26f0:ab00::b819:32bb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 5b55292cb19be85439b763dd346ac0e0304ea5f90f244660e554d9384c50bda3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
Last-Modified: Wed, 31 May 2023 12:01:20 GMT
Server: cloudflare-nginx
Vary: Accept
X-CDNTerra-Cache-Status: HIT
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Server-Timing: ak_p; desc="1685829048685_3088659127_98964226_12026_1122_8_0_-";dur=1
Content-Length: 2126
Expires: Tue, 31 May 2033 12:01:20 GMT

GET
H/1.1 200
OK btn-terramail_v2.gif
s1.trrsf.com/terramail/capa/terra/_img/ 5 KB
5 KB 161ms
20ms Image
image/gif 2a02:26f0:480:e::210:f107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s1.trrsf.com/terramail/capa/terra/_img/btn-terramail_v2.gif
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol: HTTP/1.1
Server: 2a02:26f0:480:e::210:f107 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 57425ffa63cfde72a41bfccb7102329aa38d2702abc780e494dc07e87e902a9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
Last-Modified: Fri, 06 Aug 2010 18:13:55 GMT
Server: cloudflare-nginx
X-CDNTerra-Cache-Status: MISS
Content-Type: image/gif
Cache-Control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4958

GET
H/1.1 200
OK ico-general.png
s1.trrsf.com/atm/3/core/_img/ 8 KB
8 KB 157ms
16ms Image
image/png 2a02:26f0:480:e::210:f107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s1.trrsf.com/atm/3/core/_img/ico-general.png
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol: HTTP/1.1
Server: 2a02:26f0:480:e::210:f107 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: bc03d253ae8bd556dae288f329158a063063e30afa0e8ea7ea13edec2063dd76

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
Last-Modified: Tue, 24 Jan 2023 18:50:45 GMT
Server: cloudflare-nginx
X-CDNTerra-Cache-Status: HIT
Content-Type: image/png
Cache-Control: max-age=3600, stale-while-revalidate=3600, stale-if-error=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8240

GET
H/1.1 200
OK txt-armazenamento-msg.jpg
s1.trrsf.com/terramail/capa/terra/_img/ 5 KB
5 KB 156ms
14ms Image
image/jpeg 2a02:26f0:480:e::210:f107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s1.trrsf.com/terramail/capa/terra/_img/txt-armazenamento-msg.jpg
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/index_files/context2.css
Protocol: HTTP/1.1
Server: 2a02:26f0:480:e::210:f107 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: e5d85771b1d7819b5173f95fa79262187bfd076ffb273be015e774c747d4e112

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://up-mail.clicketcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
Last-Modified: Fri, 06 Aug 2010 18:13:55 GMT
Server: cloudflare-nginx
X-CDNTerra-Cache-Status: MISS
Content-Type: image/jpeg
Cache-Control: max-age=315360000, stale-while-revalidate=3600, stale-if-error=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5112

GET
H/1.1 200
OK opensans-semibold-webfont.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/semibold/ 10 KB
11 KB 157ms
17ms Font
application/octet-stream 2a02:26f0:480:e::210:f107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.trrsf.com/fe/zaz-morph/fonts/opensans/semibold/opensans-semibold-webfont.woff2
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?999940
Protocol: HTTP/1.1
Server: 2a02:26f0:480:e::210:f107 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618

Request headers

Referer: http://up-mail.clicketcloud.com/
Origin: http://up-mail.clicketcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
Last-Modified: Tue, 24 Jan 2023 18:51:56 GMT
Server: cloudflare-nginx
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-CDNTerra-Cache-Status: HIT
Cache-Control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Content-Length: 10404

GET
H/1.1 200
OK opensans-regular.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/ 18 KB
19 KB 161ms
20ms Font
application/octet-stream 2a02:26f0:480:e::210:f107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.trrsf.com/fe/zaz-morph/fonts/opensans/opensans-regular.woff2
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?999940
Protocol: HTTP/1.1
Server: 2a02:26f0:480:e::210:f107 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 513a6866e48ea8e16265464bf3f99aea0289c53007b57221dfd0dd5e64cb6985

Request headers

Referer: http://up-mail.clicketcloud.com/
Origin: http://up-mail.clicketcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
Last-Modified: Fri, 15 Oct 2021 15:07:21 GMT
Server: cloudflare-nginx
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-CDNTerra-Cache-Status: MISS
Cache-Control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Content-Length: 18708

GET
H/1.1 200
OK opensans-bold-webfont.woff2
s1.trrsf.com/fe/zaz-morph/fonts/opensans/bold/ 10 KB
11 KB 161ms
20ms Font
application/octet-stream 2a02:26f0:480:e::210:f107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://s1.trrsf.com/fe/zaz-morph/fonts/opensans/bold/opensans-bold-webfont.woff2
Requested by: Host: up-mail.clicketcloud.com
URL: http://up-mail.clicketcloud.com/?999940
Protocol: HTTP/1.1
Server: 2a02:26f0:480:e::210:f107 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670

Request headers

Referer: http://up-mail.clicketcloud.com/
Origin: http://up-mail.clicketcloud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Sat, 03 Jun 2023 21:50:48 GMT
Last-Modified: Fri, 15 Oct 2021 15:07:20 GMT
Server: cloudflare-nginx
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
X-CDNTerra-Cache-Status: HIT
Cache-Control: max-age=31540000, stale-while-revalidate=3600, stale-if-error=864000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Content-Length: 10304

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: webb-link-ap.node.cloudlets.zone
URL: https://webb-link-ap.node.cloudlets.zone/inf.php

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
uqr.to/	1970-01-20 12:17:10	Name: stat_session2590242 Value: ef8f86c2-9c1e-4c4a-af37-4964576771d0
uqr.to/	1970-01-20 13:00:21	Name: device_view Value: full
.uqr.to/	1970-01-20 21:53:09	Name: _ga_0DWYM481N5 Value: GS1.1.1685829048.1.0.1685829048.0.0.0
.uqr.to/	1970-01-20 21:53:09	Name: _ga Value: GA1.2.12033311.1685829048
.uqr.to/	1970-01-20 12:18:35	Name: _gid Value: GA1.2.1616987081.1685829048
.uqr.to/	1970-01-20 12:17:09	Name: _dc_gtm_UA-18982026-1 Value: 1
.uqr.to/	1970-01-20 12:17:09	Name: _dc_gtm_UA-18982026-3 Value: 1
webb-link-ap.node.cloudlets.zone/	1969-12-31 23:59:59	Name: SRVGROUP Value: common
up-mail.clicketcloud.com/	1969-12-31 23:59:59	Name: SRVGROUP Value: common

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: http://up-mail.clicketcloud.com/?999940 Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	error	URL: http://up-mail.clicketcloud.com/index_files/normal_2.html Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

p1.trrsf.com
region1.google-analytics.com
s1.trrsf.com
stats.g.doubleclick.net
up-mail.clicketcloud.com
uqr.to
webb-link-ap.node.cloudlets.zone
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.terra.com.br
webb-link-ap.node.cloudlets.zone
13.58.57.95
2001:4860:4802:34::36
212.127.94.2
2a00:1450:4001:811::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9a
2a02:26f0:3100::1735:28f3
2a02:26f0:480:e::210:f107
2a02:26f0:ab00::b819:328b
2a02:26f0:ab00::b819:32bb
46.30.203.3
044ebbd0a887ffce575bef7a00aa81536aea2d1f8cfa7894c1618f6101067e72
43f2eb925f979937d6984ef06e4b53625c293b4c08f903104fbbe6fbda59fba6
513a6866e48ea8e16265464bf3f99aea0289c53007b57221dfd0dd5e64cb6985
57425ffa63cfde72a41bfccb7102329aa38d2702abc780e494dc07e87e902a9e
5b55292cb19be85439b763dd346ac0e0304ea5f90f244660e554d9384c50bda3
5c5a9efd1aaf8622dba343cc8a028336cddb7fed5c8ec2b4c6df1b918006f333
5deefde8c47b45e95dc75207118fc27f528ff72ce15f4ee1e4bb9833846167ac
6c4ca36b34f5e1bbdde779c9fa7ea66c7ddbb5873b83f73f55b4df0e0f59e96c
7a223174668e40dccd38462d34304503b75e31e700bff92b7e9e8fdda3274670
7b7e1f4612f0718c075c0ee5dded17687a8cbb52f79198e08fe1cb3f9b1cd688
7c77a879c840d5056487ab9ee5ca13cc1c8aae2593f0a99674a4f12cce7890b9
83113ce831f3f1ec8841232d895e17f722444b1939f5230891f7ff17a7c53618
a342613ee0097818cb1d7195811b84cce65d38b9b30850c844ce61f06935d8c5
a579f472163ee6dd5e1e2ba59388b9d1afb19283ff1ee9c41356d985dd09d435
abdfabd3bdc79d4892487c7a172e6081a2c240c50aa908799dea10f28eb7e428
bc03d253ae8bd556dae288f329158a063063e30afa0e8ea7ea13edec2063dd76
c3ef10afe36e1b37a78c10ec71f1367094711470f38210a44bb9bb64a9333334
c50dab21cc8d77be54e50ac80c4449c32fcbaab32ca8e0bfbde67b366fd733b4
cce5b207bafcac198b067c60c7899be700fc0780fa46b7d75773d0f360a45e9e
d386885215fb12d5b2b1d3f07a4691b5654476eae9fdb4ce2a29bba7d28d5462
dd8f593e202f80b15b06b224ce8793dcd0cd40a290892ef9a4a6006d58a0bb38
e5d85771b1d7819b5173f95fa79262187bfd076ffb273be015e774c747d4e112
faa81bbe4fed04fbb1d13c3de548e096ad4597f004bdfb0b490e83a80877321b

up-mail.clicketcloud.com Open in urlscan Pro 46.30.203.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

44 %HTTPS

77 %IPv6

10 Domains

12 Subdomains

13 IPs

5 Countries

692 kBTransfer

1174 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

up-mail.clicketcloud.com Open in urlscan Pro
46.30.203.3 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

44 %
HTTPS

77 %
IPv6

10
Domains

12
Subdomains

13
IPs

5
Countries

692 kB
Transfer

1174 kB
Size

9
Cookies

34 HTTP transactions
0 data transactions