userscloud.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://userscloud.com/ypfp51pryp3q
Submission: On June 04 via manual (June 4th 2022, 10:28:14 am UTC) from US — Scanned from IS

Summary HTTP 67 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 67 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is userscloud.com. The Cisco Umbrella rank of the primary domain is 488929.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2021. Valid for: a year.

This is the only time userscloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
1	172.64.156.26 172.64.156.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
4	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
3	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
3	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
6	172.67.218.221 172.67.218.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	13.32.121.7 13.32.121.7	16509 (AMAZON-02) (AMAZON-02)
4	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK)
2	142.250.186.173 142.250.186.173	15169 (GOOGLE) (GOOGLE)
3	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
3	52.85.6.79 52.85.6.79	16509 (AMAZON-02) (AMAZON-02)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
67	18

13 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.156.26 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

betotodilea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.218.221 (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.121.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-7.fra60.r.cloudfront.net

dorderstar.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

quiremuken.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.173 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.6.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-6-79.sof50.r.cloudfront.net

d1e9rtdi67kart.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	google.com docs.google.com — Cisco Umbrella Rank: 150 apis.google.com — Cisco Umbrella Rank: 100 accounts.google.com — Cisco Umbrella Rank: 78	203 KB
13	userscloud.com userscloud.com — Cisco Umbrella Rank: 488929	252 KB
7	dorderstar.xyz dorderstar.xyz	8 KB
6	freychang.fun freychang.fun — Cisco Umbrella Rank: 24503	303 KB
4	quiremuken.xyz quiremuken.xyz	1 KB
3	cloudfront.net d1e9rtdi67kart.cloudfront.net	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	betotodilea.com betotodilea.com — Cisco Umbrella Rank: 68392	31 KB
3	googleapis.com content.googleapis.com — Cisco Umbrella Rank: 1759	1 KB
3	gstatic.com www.gstatic.com ssl.gstatic.com	479 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11060	543 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	39 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1125	5 KB
67	14

	Domain	Requested by
13	userscloud.com	userscloud.com static.cloudflareinsights.com
9	docs.google.com	userscloud.com docs.google.com www.gstatic.com
7	dorderstar.xyz	userscloud.com
6	freychang.fun	userscloud.com
4	quiremuken.xyz
4	apis.google.com	docs.google.com apis.google.com content.googleapis.com
3	d1e9rtdi67kart.cloudfront.net	dorderstar.xyz
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	betotodilea.com	userscloud.com betotodilea.com
3	content.googleapis.com	apis.google.com
2	accounts.google.com
2	www.gstatic.com	docs.google.com
1	my.rtmark.net	betotodilea.com
1	www.facebook.com
1	ssl.gstatic.com	www.gstatic.com
1	www.googletagmanager.com	userscloud.com
1	static.cloudflareinsights.com	userscloud.com
67	17

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
betotodilea.com R3	`2022-05-02` - `2022-07-31`	3 months	crt.sh
dorderstar.xyz Amazon	`2022-05-31` - `2023-06-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-13` - `2022-06-11`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://userscloud.com/ypfp51pryp3q
Frame ID: DEF55791D6A6FA70AB964FA98AA7BFF1
Requests: 38 HTTP requests in this frame

Frame: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true
Frame ID: 88892E70E6DBA37660E3356CCA1FBBD4
Requests: 18 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.44fecNXM0ME.O%2Fd%3D1%2Frs%3DAHpOoo8yjJueAoSz8N2-MupD1-UV4q2FwQ%2Fm%3D__features__
Frame ID: FBD25C95291141F3741DF6AF6280A64C
Requests: 5 HTTP requests in this frame

Frame: https://dorderstar.xyz/d1VYQncWNzsvSBZoOmQCBTllZ0UxcGoEE0YwYTADEzxudRwWJyxsFBs6LSYRBTo2NlkZMCxnRTE5O3M1AAAzISYnLWxyEjY2bQQwTi0JcDUzDDYMITgyFXs8JhssCB4iGh5wOTUXaxcAPQQZKRMdYSkBPyYvGxYlOQw1BxE6B2xzEhsAaQodMWMJLC4lGzEUOC0TAS85DyJvFiQQLR8WPjUFHBc2OAQKcjofHywKI0dsHygAFBhqCDUxPg56E0YPMRM/GCIfKEMiBQwDNhMAEis8JjFpExo9ZwlxQjYxaxMPEwASKzo1On1wNSU4AismNR8OGz8UGQIpWiViASkxEBALC0Q/Lw0KOQ4AAQ0mJWY8FiEbBGoUByYSAhQuPzE6DQ8QOBMqTkYEMAQeJgIZITgOIg8mIj08EQAuDRIicwIhOBIDOiRtGhIPR2YBKTIgBh82ByZmbQcuL2wTJBwTMgEpMRAUIg8fMjwRGBNEAGkYIjk5ORc1GgMxJkEmMn4oBBg7KH8hABw8cUYiZxs3BwFkFTgP
Frame ID: 9461CB12DE7553D3D07812EDF125C5B2
Requests: 2 HTTP requests in this frame

Frame: https://dorderstar.xyz/amhKOTYLCilUCQtVKB9DGAR3HAQsTXh/UlsNc0tCDgF8Dl0LGj4XVQYHP11QGAckTRgEDT4cBCwvK21aPzwcWn08AiVLVyhZG3R+KA8daHABDQ1vZj8RKVB5OAMPfFgdMQhuUV8qGWh4IhELCntbOQBaXy9aCAgDGgkwcH49BSYBVTsALndYKAIeCQYBISBBYzsRA1d4OAASc1xeTXh7fjhQInVxBS0cUAIBJz1vbwkwcmtuKAwhWHE8Mg9qewEnGwhhIxJ/QGEdA3x2biAKCW5gUw0cUlUwH3NAYR0DIHNyBg4OYXBPWgh/Yx0kEH1gAjAYe04MWilwZTlFG1F7Al0pd18zTXh7fjgQJ3oEIAkOV0ZPWghgYx0kEH5jUikfCQMjMABbUwQubwtwMB8caGYTADNuQQESAX1nKT4kCFkwPiZYZi5QfntwEhAsQXA4KQJJDw8+enJUIjp/YVEeECwLVQs/DnBFIDkLWmwNHCNuUV9eLFRwOjwNVQ5MAjlWWBpVDAh5BjkncUUO
Frame ID: DE616780B9A8ADD06A23755AC299267A
Requests: 2 HTTP requests in this frame

Frame: https://dorderstar.xyz/OWNBaVVYASIEalheI08gSw98TGd/RnMvMQgGeBshXQp3Xj5YETVHNlUMNA0zSwwvHXtXBjVMZ38OJTwATjcvBgJyD3UGB2gmMj8ddyATIRhzBhQFAXVTDAETeDV1PCJ0AQgxDwAoOQ40dxQDBhFeWyktDQwABjoHXCgUDQFwJXUdBwkxKzwGVjoSIRBuLCYGNHUEcVkRe1svOAZ4KgMALXwCAFEAXCVxARR7FDExFgAFEx4YfzoEGQRdFAMEEWsUMz8WfC0DBBR6BSk4F2AiC0xnezBxPyd4JDUjGwsiAg8yCQAKHg8PO3EwHX87OSIRYS4EM2QAKyU/eHxGcysWUQgmOyxKOgkALXwCcQ4vWiIPXAN8OTsvDUEoGTpgYCwpCg9gIggnDQkHcDEWWjEELhR6BSlZBHMPMgEACCFyKBYJMAMQJV0ocFAdeBQpWgN8NTMrHQggFS4mcQUHUB1dNgwfHXsycj4CTSoMWhR9Bhc7ElobGF4HCTJnAyZWDTFUNnQCFVoYXAEuG2U
Frame ID: B43DD6FCD8CD2201537AB5BDB8E5377C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Userscloud

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

96 %
HTTPS

0 %
IPv6

14
Domains

17
Subdomains

18
IPs

4
Countries

1346 kB
Transfer

3368 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ypfp51pryp3q Show response
userscloud.com/ 350 KB
102 KB 574ms
358ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/ypfp51pryp3q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3113ccf70cb45bfd87165c46e1eec2f1eab56f7750208e78c68ac3f6d824277d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 715ffae80d326b36-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 04 Jun 2022 10:28:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 03 Jun 2022 10:28:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrDAka%2BrLFTjHqvutsMnantiRfqj6wUWzFjTwRFu0mRkNYMbxJrJRl7p2qDd%2FFv047Cn0eEIy6OxAqfsDaRjaJJUmpNc3okczx8RRXO7sbeJYA9YY%2FSGdPOGXfLvcX%2FNNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 font-awesome.min.css
userscloud.com/uc/vendor/ 23 KB
6 KB 176ms
175ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/ypfp51pryp3q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1654912
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:50:50 GMT
server: cloudflare
etag: W/"5ff0965a-5c79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9Y4SNrtXQ9z6wMkj%2Flu7gtbzH%2FvPm%2F40rsl1x1%2FwaW1rIOkG6oFReWQFWEfl%2F7IHdPv%2BC7UZP0FmS2uUbqil5%2BNhII2AqQK9F43tmdPRKiDrwegfmGUSSxIZZ7eT4ozuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 715ffaea49f96b36-AMS
access-control-allow-headers: X-Requested-With
expires: Wed, 15 Jun 2022 06:46:17 GMT

GET
H2 200 bootstrap.css
userscloud.com/css/vendor/ 110 KB
20 KB 177ms
176ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/vendor/bootstrap.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/ypfp51pryp3q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 285409
cf-polished: origSize=113031
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 May 2017 15:12:22 GMT
server: cloudflare
etag: W/"591db9d6-1b987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbBxcLDOvwjqgGPPFZBjMIrdBus7BhDL%2Bf6VHHZGptZ85nGnXe2vGQTOW4%2Fa4E6Hv45hd%2BuoJdJcE1NMzsnUSyXuSjzwF4yt08wpvd43mbl0v1%2BoZxJFqmsg%2FRYVRUttZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Fri, 01 Jul 2022 03:11:20 GMT
cache-control: max-age=2592000
cf-ray: 715ffaea49fa6b36-AMS
access-control-allow-headers: X-Requested-With
cf-bgj: minify

GET
H2 200 essentials.css
userscloud.com/css/app/ 46 KB
8 KB 176ms
175ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/essentials.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/ypfp51pryp3q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176748
cf-polished: origSize=47095
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 May 2017 15:13:10 GMT
server: cloudflare
etag: W/"591dba06-b7f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5M6TqyQ5app3O%2FG2NIpjlqnA3iAijMAfkmzlryg8Jd0ddUDtIT%2F2bC6VwntaW8L3Ed4Mb3J5eooQaoTuUlc3vNegT0VclEuARt2eqPXu64rvN7zOD7yHeU6ZHWmDwlWRww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Sat, 02 Jul 2022 09:22:20 GMT
cache-control: max-age=2592000
cf-ray: 715ffaea49fb6b36-AMS
access-control-allow-headers: X-Requested-With
cf-bgj: minify

GET
H2 200 layout.min.css
userscloud.com/css/app/ 6 KB
2 KB 176ms
176ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/layout.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/ypfp51pryp3q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176748
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:52:04 GMT
server: cloudflare
etag: W/"5ff096a4-17d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HV9lhbUR%2FhL1ZFd8pn7WjYxdV0UoR7y%2BCecyI4HaNgviOAMk9B03febBc1CM%2BXHkQySVgYO0NkktqhsrLkLTsTAClMlJ6pj8%2FgG77pnr6nZYr0zNrqsESDce1nZBowHm6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 715ffaea49fe6b36-AMS
access-control-allow-headers: X-Requested-With
expires: Sat, 02 Jul 2022 09:22:21 GMT

GET
H2 200 navbar.css
userscloud.com/css/app/ 21 KB
4 KB 134ms
134ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/navbar.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/ypfp51pryp3q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1358534
cf-polished: origSize=21572
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 May 2017 15:14:54 GMT
server: cloudflare
etag: W/"591dba6e-5444"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xG77LPmXntZuthX21uGzkBuOWKasTWhnSWDl7N%2BTnv80wauKkVBOTQVNvIY6BxRhdK3sndfHp5CuJGo6Eot86YSypfTkq8a%2BKtGEn4krcrviA2EV0JsqJL0IpA0iTsm7Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Sat, 18 Jun 2022 17:05:55 GMT
cache-control: max-age=2592000
cf-ray: 715ffaea4a016b36-AMS
access-control-allow-headers: X-Requested-With
cf-bgj: minify

GET
H2 200 gview Show response
docs.google.com/ Frame 8889 9 KB
4 KB 628ms
404ms Document
text/html 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true

Requested by

Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

GSE /

Resource Hash

b9296c5dfafacb79be85caf2afff98b018258e68a826e656fccc5208022663e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ubN_958SAuCkq6zGTtQkkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ubN_958SAuCkq6zGTtQkkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
date: Sat, 04 Jun 2022 10:28:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 logo_s.jpg
userscloud.com/images/ 2 KB
2 KB 119ms
119ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://userscloud.com/images/logo_s.jpg
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/ypfp51pryp3q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:10 GMT
access-control-allow-methods: GET,POST,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176749
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1624
last-modified: Thu, 17 Dec 2020 16:14:49 GMT
server: cloudflare
etag: "5fdb83f9-658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n52E%2FFviULTceCIetqiK4mn2S0iTECAvl9wTYZ5F%2BoshSQ7YAXuukuf8hQFketm8uUQF1iTT4%2FHxX8XF3tRiuCTa3nc47K%2Bqd5HJe%2BRGdWlP9JFCfkIwnOxbxHsx5JYpGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 715ffaeb7f820c81-AMS
access-control-allow-headers: X-Requested-With
expires: Sat, 02 Jul 2022 09:22:21 GMT

GET
H3 200 rocket-loader.min.js Show response
userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 103ms
102ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/ypfp51pryp3q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 May 2022 19:22:11 GMT
server: cloudflare
etag: W/"629124e3-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOnVitjIXlhHb4ZCU2aNdT31ZviAFctRLWzaVeIW9t2ebJKI%2BN7kH6DBi2rA3vyxO1MltUpmn2e5ZhnnGSvhUnobNEu%2F4zPq1%2FPSCRkWoz9p2mR5o4A2w%2FPpk8WN0GyQew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 715ffaeb7f890c81-AMS
vary: Accept-Encoding
expires: Mon, 06 Jun 2022 10:28:10 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 355ms
146ms Script
text/javascript 172.64.156.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.156.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://userscloud.com/
Origin: https://userscloud.com
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:10 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 715ffaecc8ca4be9-AMS

GET
H3 200 fontawesome-webfont.woff2
userscloud.com/uc/fonts/ 55 KB
56 KB 116ms
115ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: userscloud.com
URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://userscloud.com/uc/vendor/font-awesome.min.css
Origin: https://userscloud.com
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:10 GMT
access-control-allow-methods: GET,POST,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1654702
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56780
last-modified: Mon, 14 Dec 2020 20:14:38 GMT
server: cloudflare
etag: "5fd7c7ae-ddcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhJ9pbl30yLOdrle703SrLq8aRvLyI%2Bujm4%2BQRsH%2BfyUl4v4ffmEiBRbeL%2BnYD5KaP6SDlYyNrpG8dC3WJmJRzyQFlnRzmhX%2BnLPX7nT9ZVuVp%2FW%2BRlzUltLsTLM4UKgdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 715ffaebdff30c81-AMS
access-control-allow-headers: X-Requested-With
expires: Wed, 15 Jun 2022 06:49:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 338ms
121ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-70768172-1

Requested by

Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c8296a6364060744b293f6ba76f8b7cdb36ed7556902a2fc47209c855709620a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39630
x-xss-protection: 0
last-modified: Sat, 04 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 04 Jun 2022 10:28:10 GMT

GET
H3 200 bootstrap.js Show response
userscloud.com/ 35 KB
10 KB 163ms
162ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/bootstrap.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/ypfp51pryp3q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 794
cf-polished: origSize=35778
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Dec 2020 13:26:43 GMT
server: cloudflare
etag: W/"8bc2-5b75dfde473c8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FY7HuEgvJaemGZfV%2FIGAZCvChR6zFKoQ3qYx1986mHLeQchdflbtLaLa8C2EpdT7MX59Eg01Mw39YO2A4Znkpvw8njMLBaiKwhI02UipObB%2B6YlTjzjwg1qzPp%2BHX4O%2B7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=259200
cf-ray: 715ffaec283c0c81-AMS
access-control-allow-headers: X-Requested-With
cf-bgj: minify

GET
H3 200 de.min.js Show response
userscloud.com/js/ 10 KB
5 KB 278ms
277ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/js/de.min.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf57ad31292cf2771a7126437a37465a818dfb3e98520671db8da48e3212e4e

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/ypfp51pryp3q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1644954
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 09 Feb 2022 08:13:30 GMT
server: cloudflare
etag: W/"620377aa-29fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FXInHHA86aNfpE3500ISLsMPBMaSguFUdUzzHD2DmJzmr0rHyWNj43iOmPIWSl4PRpNgHJWi%2BuQ46njbJcUM04BSWbpLkmzWDgPeOWAGNdZhwHh7brST2nrt7oQSO5RwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 715ffaec283d0c81-AMS
access-control-allow-headers: X-Requested-With
expires: Wed, 15 Jun 2022 09:32:16 GMT

GET
H3 200 jquery.min.js Show response
userscloud.com/assets/library/jquery/ 91 KB
34 KB 290ms
289ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/library/jquery/jquery.min.js?v=v2.0.0-rc8&sv=v0.0.1.2
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/ypfp51pryp3q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1358533
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 May 2014 12:12:31 GMT
server: cloudflare
etag: W/"5381de2f-16b88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQbQCaF004h%2BteHddNWL7v%2FbCWfwsEu%2FjAnE72gF0u%2FQe03xav2y6z9iGiNVpEg8nDSxiV%2FmLtwrzZ1PEbuiFBOVVVBQw0v8EIkmoAcjCccYCDJG5Yd5oXzPXr%2Bra2ebvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 715ffaec28400c81-AMS
access-control-allow-headers: X-Requested-With
expires: Sat, 18 Jun 2022 17:05:57 GMT

GET
H2 200 rs=AC2dHML7Rc67pd_-nXbJ8E-AyMGIKFLeoQ
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.z_Dd01Hddw0.L.W.O/d=0/ Frame 8889 178 KB
27 KB 325ms
105ms Stylesheet
text/css 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.z_Dd01Hddw0.L.W.O/d=0/rs=AC2dHML7Rc67pd_-nXbJ8E-AyMGIKFLeoQ

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

eb0ae67d9bc0794b73d798c9eede30e2b06c5a67233e7a2bce124671f2b5c747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 May 2022 21:24:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27175
x-xss-protection: 0
last-modified: Fri, 27 May 2022 13:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 May 2023 21:24:50 GMT

GET
H3 200 thumb
docs.google.com/viewerng/ Frame 8889 17 KB
17 KB 375ms
164ms Image
image/png 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.google.com/viewerng/thumb?ds=AON1mFw06ex8ZVBX9ro7sAp53QTpEv7Ksm3Yb1lej0HDOUWykfnYf2xHor2B81Lqx1_rEjnhT1N07Z_oTQTReetcpd2j74_28ADemcLQA4jFZjyIwLZxJwBxyiBbYiu2NMsAguHa7saLxyrhYIbmtn8Z8UCQItJuLPJ4KxhwlkKeQ9QTut_W_u-LUlPsuM_6PKdrgHL3Nx415Km0SCiGRPyGV_MSKoKYVAP-AysWevE5UK-MoJFicK5YF0h9pkg0j8nFNqoYEMMDlmF8Ax23h95ncd5U_u0DupT9OM8uMiIBY22b3YAm806fwXgIt_11E9eLnckucNsFr8XP7-HF_iKvi2tHyXQ3BQ-EvAFHPlN0nnbf9DnyV4Q%3D&ck=lantern&authuser&w=800&webp=true&p=proj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

GSE /

Resource Hash

4fe7f4faa1789783c973fa566b8931b93416b8df53da880946c6bab8ecb09b6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nb4ORv7d6Bc_AW3H64_pkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:11 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: private, max-age=300
content-security-policy: script-src 'report-sample' 'nonce-nb4ORv7d6Bc_AW3H64_pkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Sat, 04 Jun 2022 10:28:11 GMT

GET
H2 200 m=main Show response
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.96b0tnS8-6M.O/d=1/rs=AC2dHMJh5Z-LFC3If3eTnVxsYWGLRWXNnA/ Frame 8889 1 MB
405 KB 436ms
216ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.96b0tnS8-6M.O/d=1/rs=AC2dHMJh5Z-LFC3If3eTnVxsYWGLRWXNnA/m=main

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

43e40c50217ac1684db7e64ab75cacb245b50d0584772ab6449c393180ba61a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 22:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 414702
x-xss-protection: 0
last-modified: Thu, 26 May 2022 19:10:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Jun 2023 22:36:05 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ Frame 8889 14 KB
6 KB 335ms
115ms Script
text/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

sffe /

Resource Hash

a91d217f00629c39a24869c5f35c254832ba77961d5758d77816924a4cd897e0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Sat, 04 Jun 2022 10:28:11 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "b052df1f3bb3ec91"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jun 2022 10:28:11 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.44fecNXM0ME.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8yjJueAoSz8N2-MupD1-UV4q2FwQ/ Frame 8889 313 KB
106 KB 318ms
106ms Script
text/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.44fecNXM0ME.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8yjJueAoSz8N2-MupD1-UV4q2FwQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

sffe /

Resource Hash

29f368a987a26cffc3e1d357d978df9f161f0cb8871b6c40198d571003ac2ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 May 2022 21:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108277
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 15:21:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 May 2023 21:45:44 GMT

GET
H2 200 v-sprite43.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 8889 106 KB
47 KB 330ms
105ms Image
image/svg+xml 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite43.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.z_Dd01Hddw0.L.W.O/d=0/rs=AC2dHML7Rc67pd_-nXbJ8E-AyMGIKFLeoQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

9957cdb6efb34b018994223d4317d7ab45f2d7168bcc319f04fa373e23dc8c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 29 May 2022 12:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 512335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47363
x-xss-protection: 0
last-modified: Sat, 05 Mar 2022 00:28:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Mon, 29 May 2023 12:09:16 GMT

GET
H3 200 meta Show response
docs.google.com/viewerng/ Frame 8889 36 B
84 B 127ms
127ms XHR
application/json 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/meta?id=ACFrOgDNjaNW-7ylSpbu39KerB42XMEHIeL1QaKxa7I-Z4NvpwUPvpzU48reFyW3h4OkPqBEA0Dgcfexa__FmB1Ebn8jfmh0B8sS8WWauGuqN1PcSL7lRbcDGZGZx6sHFsK8jpgamG_LDqr01r-B

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.96b0tnS8-6M.O/d=1/rs=AC2dHMJh5Z-LFC3If3eTnVxsYWGLRWXNnA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

GSE /

Resource Hash

879e47078b44290bfb92fd5b6d3cbd3bbff6f8fb3b15279d4ce991cc8b731ac6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IH4OHoQ9uwtSfcByePzxxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 10:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-IH4OHoQ9uwtSfcByePzxxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 8889 17 KB
17 KB 165ms
165ms XHR
image/png 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/img?id=ACFrOgDNjaNW-7ylSpbu39KerB42XMEHIeL1QaKxa7I-Z4NvpwUPvpzU48reFyW3h4OkPqBEA0Dgcfexa__FmB1Ebn8jfmh0B8sS8WWauGuqN1PcSL7lRbcDGZGZx6sHFsK8jpgamG_LDqr01r-B&page=0&w=800&webp=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.96b0tnS8-6M.O/d=1/rs=AC2dHMJh5Z-LFC3If3eTnVxsYWGLRWXNnA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

GSE /

Resource Hash

4fe7f4faa1789783c973fa566b8931b93416b8df53da880946c6bab8ecb09b6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YoDhKfUYc7xeHIMT4tGr4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 10:28:11 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-YoDhKfUYc7xeHIMT4tGr4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 8889 2 KB
517 B 129ms
129ms XHR
application/json 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/presspage?id=ACFrOgDNjaNW-7ylSpbu39KerB42XMEHIeL1QaKxa7I-Z4NvpwUPvpzU48reFyW3h4OkPqBEA0Dgcfexa__FmB1Ebn8jfmh0B8sS8WWauGuqN1PcSL7lRbcDGZGZx6sHFsK8jpgamG_LDqr01r-B&page=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.96b0tnS8-6M.O/d=1/rs=AC2dHMJh5Z-LFC3If3eTnVxsYWGLRWXNnA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

GSE /

Resource Hash

c16c0675c9510036f5d65b69e1cf447a4a69977b3ae3372887d673645183d011

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pk8gs9RT34twQ-_xtqxiUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 10:28:11 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-pk8gs9RT34twQ-_xtqxiUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 8889 19 KB
19 KB 206ms
205ms XHR
image/png 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.96b0tnS8-6M.O/d=1/rs=AC2dHMJh5Z-LFC3If3eTnVxsYWGLRWXNnA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

GSE /

Resource Hash

1ace3c2c48c540029efed09b59e724436d62d612130ce12dbd1d74855569b9b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iF8zNe-GAkUDfxM7RL1xSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 10:28:11 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-iF8zNe-GAkUDfxM7RL1xSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 8889 2 KB
672 B 131ms
130ms XHR
application/json 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.96b0tnS8-6M.O/d=1/rs=AC2dHMJh5Z-LFC3If3eTnVxsYWGLRWXNnA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

GSE /

Resource Hash

68a5ecd49c3d32f40cde252466e03762ebfadf78287a105db4525bf1c7731fc6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qSiFrXTbKe7l2_J13P6BqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-qSiFrXTbKe7l2_J13P6BqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
date: Sat, 04 Jun 2022 10:28:11 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 8889 4 KB
4 KB 246ms
245ms XHR
image/png 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.96b0tnS8-6M.O/d=1/rs=AC2dHMJh5Z-LFC3If3eTnVxsYWGLRWXNnA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

GSE /

Resource Hash

3d850f37779530548bb5eae98edf965619c56e47ced7d37d4bc1b542d82ed6d7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5xDqKzgul-uKto2Q9-3a3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 10:28:11 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-5xDqKzgul-uKto2Q9-3a3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 8889 168 B
130 B 245ms
244ms XHR
application/json 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.96b0tnS8-6M.O/d=1/rs=AC2dHMJh5Z-LFC3If3eTnVxsYWGLRWXNnA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

GSE /

Resource Hash

7721b5136298355781353fca7c761da7f6a5b3123a82ce3f6bd189b7f493755e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Oo-7ZnSAy4RmyJ-c0TEtpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-Oo-7ZnSAy4RmyJ-c0TEtpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
date: Sat, 04 Jun 2022 10:28:11 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8889 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
BLOB 200
OK c0593ec6-4cf4-4638-83ee-d314bf958051
https://docs.google.com/ Frame 8889 17 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/c0593ec6-4cf4-4638-83ee-d314bf958051
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fe7f4faa1789783c973fa566b8931b93416b8df53da880946c6bab8ecb09b6e

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 17466
Content-Type: image/png

GET
BLOB 200
OK d2943532-6e88-493e-820b-fa7a889ae0c3
https://docs.google.com/ Frame 8889 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/d2943532-6e88-493e-820b-fa7a889ae0c3
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d850f37779530548bb5eae98edf965619c56e47ced7d37d4bc1b542d82ed6d7

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 4237
Content-Type: image/png

GET
BLOB 200
OK 17d04dc6-fdb4-4637-a3f4-1adc356be346
https://docs.google.com/ Frame 8889 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/17d04dc6-fdb4-4637-a3f4-1adc356be346
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/4bpnlt2h54jcv2by4wlipeiedoxa2fk6f652zmhf3y46aikwsrztuvq/ypfp51pryp3q.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ace3c2c48c540029efed09b59e724436d62d612130ce12dbd1d74855569b9b0

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 19937
Content-Type: image/png

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame FBD2 382 B
1 KB 337ms
111ms Document
text/html 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.44fecNXM0ME.O%2Fd%3D1%2Frs%3DAHpOoo8yjJueAoSz8N2-MupD1-UV4q2FwQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.44fecNXM0ME.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8yjJueAoSz8N2-MupD1-UV4q2FwQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

sffe /

Resource Hash

51ddb5a7a1921fee97aba0c38f0f1574a65eb0e41e15034c8831389cbee7ba09

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-ZuKDKdrU9frptod-6XSrKA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 271
content-security-policy: script-src 'nonce-ZuKDKdrU9frptod-6XSrKA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Jun 2022 10:28:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 17 Jul 2020 22:45:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame FBD2 14 KB
5 KB 116ms
116ms Script
text/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.44fecNXM0ME.O%2Fd%3D1%2Frs%3DAHpOoo8yjJueAoSz8N2-MupD1-UV4q2FwQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

sffe /

Resource Hash

8217bcbf0b24286baf23960f755470b8452b85db560938b0b4c1a7d36385e989

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Sat, 04 Jun 2022 10:28:12 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "c27db8e2a9cac38a"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jun 2022 10:28:12 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.44fecNXM0ME.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8yjJueAoSz8N2-MupD1-UV4q2FwQ/ Frame FBD2 66 KB
23 KB 106ms
105ms Script
text/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.44fecNXM0ME.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8yjJueAoSz8N2-MupD1-UV4q2FwQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

sffe /

Resource Hash

02daa6c42e828526b52bf02b8be97d4c4c788da5b8b6bfad7375d9c553e95e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 May 2022 22:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23319
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 15:21:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 May 2023 22:36:07 GMT

GET
H2 200 4859604 Show response
betotodilea.com/400/ 78 KB
31 KB 449ms
224ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://betotodilea.com/400/4859604

Requested by

Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

41e37041acb7af4edf1734abe239c479429e321552c0d2f8be99f971c5dcc53c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 169c93160d7555756007a128984435ee
pragma: no-cache
date: Sat, 04 Jun 2022 10:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 426ms
212ms Fetch
binary/octet-stream 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:13 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 04 Jun 2022 08:35:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOHtLeN561YUPDDjJJa1Lfq4hLwdCrx%2FGEho6nUtzH5Qk1JTUarDUqjumz33Xgi%2BIfnLb7Q%2F8yAQONM6PlSrBUt0iYk98JxlOr22c2KzK0WIY7EZExRMJqnxOi566t%2Fr"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 715ffafd7e1388a9-LHR
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
383 B 426ms
213ms Fetch
text/plain 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94487dc921d187d8d0e37e8193ec95aa6c30e7bb578c6320c9a762f00a41b167

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wpXQ7XuGkve8G5qveCa70zKqlsPCvCjFR%2B%2FvPZFfyOcPGZFHvOrXqR74y0NypRoMRKmTJm1546wew7ZDEZo95KJd%2FSppjqYdtIPwmBPBzqtTdgYInaOz5cOyNwS%2F5xQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 715ffafd7e1488a9-LHR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
dorderstar.xyz/ 0
489 B 471ms
214ms XHR
text/plain 13.32.121.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dorderstar.xyz/utx?cb=82J7OEAN5mS0&top=userscloud.com&tid=600304
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-7.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 10:28:13 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: NTU28cDhn8nnGnWFdJOAc2I7TMkaWrcKo7t1AqSVHuFCM8zzlWllVg==

GET
H2 200 Lw0KOQ4AAQ0mJWY8FiEbBGoUByYSAhQuPzE6DQ8QOBMqTkYEMAQeJgIZITgOIg8mIj08EQAuDRIicwIhOBIDOiRtGhIPR2YBKTIgBh82ByZmbQcuL2wTJBwTMgEpMRAUIg8fMjwRGBNEAGkYIjk5ORc1GgMxJkEmMn4oBBg7KH8hABw8cUYiZxs3BwFkFTgP Show response
dorderstar.xyz/d1VYQncWNzsvSBZoOmQCBTllZ0UxcGoEE0YwYTADEzxudRwWJyxsFBs6LSYRBTo2NlkZMCxnRTE5O3M1AAAzISYnLWxyEjY2bQQwTi0JcDUzDDYMITgyFXs8JhssCB4iGh5wOTUXaxcAPQQZKRMdYSkBPyYvGxYlOQw1BxE6B2xzEhsAaQodMW... Frame 9461 3 KB
2 KB 448ms
217ms Document
text/html 13.32.121.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dorderstar.xyz/d1VYQncWNzsvSBZoOmQCBTllZ0UxcGoEE0YwYTADEzxudRwWJyxsFBs6LSYRBTo2NlkZMCxnRTE5O3M1AAAzISYnLWxyEjY2bQQwTi0JcDUzDDYMITgyFXs8JhssCB4iGh5wOTUXaxcAPQQZKRMdYSkBPyYvGxYlOQw1BxE6B2xzEhsAaQodMWMJLC4lGzEUOC0TAS85DyJvFiQQLR8WPjUFHBc2OAQKcjofHywKI0dsHygAFBhqCDUxPg56E0YPMRM/GCIfKEMiBQwDNhMAEis8JjFpExo9ZwlxQjYxaxMPEwASKzo1On1wNSU4AismNR8OGz8UGQIpWiViASkxEBALC0Q/Lw0KOQ4AAQ0mJWY8FiEbBGoUByYSAhQuPzE6DQ8QOBMqTkYEMAQeJgIZITgOIg8mIj08EQAuDRIicwIhOBIDOiRtGhIPR2YBKTIgBh82ByZmbQcuL2wTJBwTMgEpMRAUIg8fMjwRGBNEAGkYIjk5ORc1GgMxJkEmMn4oBBg7KH8hABw8cUYiZxs3BwFkFTgP
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-7.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: daa4b21c7030e62346cda17c6926159bb2ac655345c3b152cd3c2c0dbfc73d81

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1243
content-type: text/html
date: Sat, 04 Jun 2022 10:28:13 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-id: upgJynmJN0xloaD0IOszOIv8FJUhnNO9TaVPTFcDL8UhSiBVoIuj-Q==
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
101 KB 293ms
108ms Fetch
binary/octet-stream 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:13 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 04 Jun 2022 08:35:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MppqlE53apZbB91%2BvkhWmmunrEIWnOPI6cg3x1g5Cul6X7aPaK0X6YAysl1uerDyvvrK3%2FaJ5KGZge%2FQp2r2Tmq7ZL9w74QJmf61TyncZlNCa0HLywd7dTUIOe04n4%2Fe"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 715ffafd7e1888a9-LHR
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
352 B 398ms
213ms Fetch
text/plain 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f51e3871e234e6cf987d6742480bb359dd6bfd7ad95c1acda1e4a5af5d4949

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H21ajkGIIfX75xAuXamID9mLWa3m8zQ6WY2qEVJ4A6s9%2F4322B7r7pJkbESmkRfMka%2FJYlDcwaHUppNc42BooLYgJ8nD7%2FVHR3Gx6n3FdyuhLoI89JG67nxhh17WB%2FpF"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 715ffafd7e1b88a9-LHR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
dorderstar.xyz/ 0
488 B 442ms
213ms XHR
text/plain 13.32.121.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dorderstar.xyz/utx?cb=wem5vyJPywUu&top=userscloud.com&tid=708052
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-7.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 10:28:13 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: c40diJ9N4Tg47waTfGdKkQAZzz8I_fn3kY_uMfr0VL72dYeiEA5s3A==

GET
H2 200 DnBFIDkLWmwNHCNuUV9eLFRwOjwNVQ5MAjlWWBpVDAh5BjkncUUO Show response
dorderstar.xyz/amhKOTYLCilUCQtVKB9DGAR3HAQsTXh/UlsNc0tCDgF8Dl0LGj4XVQYHP11QGAckTRgEDT4cBCwvK21aPzwcWn08AiVLVyhZG3R+KA8daHABDQ1vZj8RKVB5OAMPfFgdMQhuUV8qGWh4IhELCntbOQBaXy9aCAgDGgkwcH49BSYBVTsALndYKA... Frame DE61 3 KB
2 KB 442ms
221ms Document
text/html 13.32.121.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dorderstar.xyz/amhKOTYLCilUCQtVKB9DGAR3HAQsTXh/UlsNc0tCDgF8Dl0LGj4XVQYHP11QGAckTRgEDT4cBCwvK21aPzwcWn08AiVLVyhZG3R+KA8daHABDQ1vZj8RKVB5OAMPfFgdMQhuUV8qGWh4IhELCntbOQBaXy9aCAgDGgkwcH49BSYBVTsALndYKAIeCQYBISBBYzsRA1d4OAASc1xeTXh7fjhQInVxBS0cUAIBJz1vbwkwcmtuKAwhWHE8Mg9qewEnGwhhIxJ/QGEdA3x2biAKCW5gUw0cUlUwH3NAYR0DIHNyBg4OYXBPWgh/Yx0kEH1gAjAYe04MWilwZTlFG1F7Al0pd18zTXh7fjgQJ3oEIAkOV0ZPWghgYx0kEH5jUikfCQMjMABbUwQubwtwMB8caGYTADNuQQESAX1nKT4kCFkwPiZYZi5QfntwEhAsQXA4KQJJDw8+enJUIjp/YVEeECwLVQs/DnBFIDkLWmwNHCNuUV9eLFRwOjwNVQ5MAjlWWBpVDAh5BjkncUUO
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-7.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: ca6b19ba69284d4777e435457f175c112fe64aa3fc2fd9845c9d07799972c52a

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1227
content-type: text/html
date: Sat, 04 Jun 2022 10:28:13 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-id: QvIaLfYp28-H2w_m8kWpwFkasDXJY7WdkUZpWBQyycE7lOj8OEPOew==
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 387ms
212ms Fetch
binary/octet-stream 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:13 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 04 Jun 2022 08:35:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lrvYU0te5p2RFAYJ%2BMPF%2BLEckwOj3yrFYOS2L6mm59WJZR%2Be1nV4NvOYHO9ozK95x2ESLKvGxHARqwSWbZvWd1yPnqnU0wXVBD5bT6IdgbvEXpqzw0mOxB80ussHULv"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 715ffafd7e1588a9-LHR
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
367 B 388ms
213ms Fetch
text/plain 172.67.218.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c4fb162a3320a03cc7cd7b683b98eb245059d908b86852d9c7068a3ff6f43c

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUYl8kol%2BdO0gfe5Fbv7I8spX24F%2Fdp%2Bmdtq6rpEh%2FpKWQzunvFASDOz3wC4N9JIFdFsok%2F1gbmT%2Bu8zwxEuz2kRqYpJL23K7Qd4R%2BaUTRgsb5PF4Aija3DVcQ3BJAni"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 715ffafd7e1788a9-LHR
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
dorderstar.xyz/ 0
489 B 439ms
221ms XHR
text/plain 13.32.121.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dorderstar.xyz/utx?cb=W7m8upwQbgbf&top=userscloud.com&tid=816973
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-7.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 10:28:13 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: kIB13njHkpzPBgEcrwzs0l4XInJzwkd2LsavWygd9Nlxkvou9HnvAQ==

GET
H2 200 eHxGcysWUQgmOyxKOgkALXwCcQ4vWiIPXAN8OTsvDUEoGTpgYCwpCg9gIggnDQkHcDEWWjEELhR6BSlZBHMPMgEACCFyKBYJMAMQJV0ocFAdeBQpWgN8NTMrHQggFS4mcQUHUB1dNgwfHXsycj4CTSoMWhR9Bhc7ElobGF4HCTJnAyZWDTFUNnQCFVoYXAEuG2U Show response
dorderstar.xyz/OWNBaVVYASIEalheI08gSw98TGd/RnMvMQgGeBshXQp3Xj5YETVHNlUMNA0zSwwvHXtXBjVMZ38OJTwATjcvBgJyD3UGB2gmMj8ddyATIRhzBhQFAXVTDAETeDV1PCJ0AQgxDwAoOQ40dxQDBhFeWyktDQwABjoHXCgUDQFwJXUdBwkxKzwGVj... Frame B43D 3 KB
2 KB 426ms
215ms Document
text/html 13.32.121.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dorderstar.xyz/OWNBaVVYASIEalheI08gSw98TGd/RnMvMQgGeBshXQp3Xj5YETVHNlUMNA0zSwwvHXtXBjVMZ38OJTwATjcvBgJyD3UGB2gmMj8ddyATIRhzBhQFAXVTDAETeDV1PCJ0AQgxDwAoOQ40dxQDBhFeWyktDQwABjoHXCgUDQFwJXUdBwkxKzwGVjoSIRBuLCYGNHUEcVkRe1svOAZ4KgMALXwCAFEAXCVxARR7FDExFgAFEx4YfzoEGQRdFAMEEWsUMz8WfC0DBBR6BSk4F2AiC0xnezBxPyd4JDUjGwsiAg8yCQAKHg8PO3EwHX87OSIRYS4EM2QAKyU/eHxGcysWUQgmOyxKOgkALXwCcQ4vWiIPXAN8OTsvDUEoGTpgYCwpCg9gIggnDQkHcDEWWjEELhR6BSlZBHMPMgEACCFyKBYJMAMQJV0ocFAdeBQpWgN8NTMrHQggFS4mcQUHUB1dNgwfHXsycj4CTSoMWhR9Bhc7ElobGF4HCTJnAyZWDTFUNnQCFVoYXAEuG2U
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-7.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 5b08e2fb4631057a73c2a41a788822bdbebe53b536217e0dbbf48c02124c8689

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1232
content-type: text/html
date: Sat, 04 Jun 2022 10:28:13 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-id: P_z6USyMWaSxODFMe8_ie-JFGUdLFleWde7AB_EToTTwhHxi6FHOMw==
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront

GET
H2 204 WAMbeAY9V34AGzEDGH44BEIcHDJYehR7BU9GJy5XXwJ+eVpdFD4jDlQDaDkeCEY7OVdYFCckDAYPaDxXWBx9fkRbBWB6TBwPf2weGVMpd1tPQjo+BlQDeH9eWgF2flNbBXl5
quiremuken.xyz/SmppMk5lVQpBcxM/ 0
250 B 415ms
204ms Image
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quiremuken.xyz/SmppMk5lVQpBcxM/WAMbeAY9V34AGzEDGH44BEIcHDJYehR7BU9GJy5XXwJ+eVpdFD4jDlQDaDkeCEY7OVdYFCckDAYPaDxXWBx9fkRbBWB6TBwPf2weGVMpd1tPQjo+BlQDeH9eWgF2flNbBXl5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQyrE9RFNjYZB%2B%2F8GVtc9xOYNn9wDEpakjjJgTKMc0k48srD0Zq2dHEAcKl0%2BlSPop%2FkT48y38iSIEW4U6q7pylJWSXedQ0D88aRRlPpSv2XwuyIK1o9TYj3jjoHwRwmpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 715ffafdb9720b4f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 792ms
558ms Image
text/html 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-star-mini-shv-02-frt3.facebook.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 396ms
164ms Image
text/html 142.250.186.173
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f13.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 518ms
286ms Image
text/html 142.250.186.173
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f13.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 aWwDfn5iZAc
quiremuken.xyz/WlQ3R0x1a1Q0cQ45YTIeDjgSdQ4MOAZ1DwJhUxB/HwRSdh44MFB/ai49U3p7amwHcn58JF4jcWhtETQ4OyBCNHFrcl4pKjVpETFxa3oHaXliegZhOWdlETM8OzMKdmoqIEMrcWtiAnN/ 0
245 B 418ms
207ms Image
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quiremuken.xyz/WlQ3R0x1a1Q0cQ45YTIeDjgSdQ4MOAZ1DwJhUxB/HwRSdh44MFB/ai49U3p7amwHcn58JF4jcWhtETQ4OyBCNHFrcl4pKjVpETFxa3oHaXliegZhOWdlETM8OzMKdmoqIEMrcWtiAnN/aWwDfn5iZAc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ch7WZFSgK2TlDokta1WOFU3DcosfDU54cuB8c%2F16Bk82hpvv65Vr9E45BCfE2GCjkeXD7P1gw%2F6QNOMLrprm3LXLs8UMKB1gMgXJcWOOrnc75TAe9Knnf8aYYJs2I7ebQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 715ffafdb9750b4f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 YndTUkhNSDAhdQMcBWYsUDEKNA0gMAY+AlojBmscN0QVGBkkHHUmIQZKa2N+W0BgdDgLE25gcUQEJzM8FwRuY24LGTU9dUQBbmNmUllmamZTUSZveUQDIzMvX0Z1IjwWG25jfldDYGFwVk5hanlS
quiremuken.xyz/ 0
485 B 411ms
201ms Image
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quiremuken.xyz/YndTUkhNSDAhdQMcBWYsUDEKNA0gMAY+AlojBmscN0QVGBkkHHUmIQZKa2N+W0BgdDgLE25gcUQEJzM8FwRuY24LGTU9dUQBbmNmUllmamZTUSZveUQDIzMvX0Z1IjwWG25jfldDYGFwVk5hanlS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoU%2BD6rbpJT1EpD6yBnz4gqcGS8w3hqiXGkvk2n61rNqYMpVK%2B6zbC3XpHUCMxluDGJ%2FEhhdIh33QR88tORpd7hbVZzJ%2FQcq36976YfQ%2BimXCzhs8RPrcmysyajOCIiVhg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 715ffafdb9760b4f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rum Show response
userscloud.com/cdn-cgi/ 0
165 B 103ms
103ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://userscloud.com/ypfp51pryp3q
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Sat, 04 Jun 2022 10:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://userscloud.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 715ffafc8daa0c81-AMS
vary: Origin

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame FBD2 0
15 B 421ms
210ms XHR
text/plain 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
Requested by: Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.44fecNXM0ME.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8yjJueAoSz8N2-MupD1-UV4q2FwQ/cb=gapi.loaded_0?le=scs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f10.1e100.net
Software: GSE /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.44fecNXM0ME.O%2Fd%3D1%2Frs%3DAHpOoo8yjJueAoSz8N2-MupD1-UV4q2FwQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 10:28:13 GMT
server: GSE
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame FBD2 0
19 B 519ms
308ms XHR
text/html 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.44fecNXM0ME.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8yjJueAoSz8N2-MupD1-UV4q2FwQ/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.44fecNXM0ME.O%2Fd%3D1%2Frs%3DAHpOoo8yjJueAoSz8N2-MupD1-UV4q2FwQ%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 10:28:13 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 333ms
103ms Script
text/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70768172-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3207
date: Sat, 04 Jun 2022 09:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 04 Jun 2022 11:34:46 GMT

GET
H2 200 popunder.gif
quiremuken.xyz/ 35 B
395 B 107ms
107ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://quiremuken.xyz/popunder.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Sat, 04 Jun 2022 10:28:13 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Jun 2022 01:00:10 GMT
server: cloudflare
age: 34083
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrbW2XbR18RW0s8F7hfE3HcuHpmwgMpHyC64xT9jYLAfP9d2l6uKa8ACyBq%2BSyURjyHTLiMcYnF3aJ9VHO7qaY1TikxtJgNJn8rLDeWI%2F2sHujimdNSKDMc6WsUAgPj60w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 715ffafeba8f0b4f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 323ms
111ms XHR
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1823266435&t=pageview&_s=1&dl=https%3A%2F%2Fuserscloud.com%2Fypfp51pryp3q&ul=en-us&de=UTF-8&dt=Userscloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1179836717&gjid=376570233&cid=513010896.1654338493&tid=UA-70768172-1&_gid=807792549.1654338493&_r=1&gtm=2ou610&z=314722601

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://userscloud.com/
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 10:28:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userscloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 293ms
104ms Image
image/gif 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1823266435&t=timing&_s=2&dl=https%3A%2F%2Fuserscloud.com%2Fypfp51pryp3q&ul=en-us&de=UTF-8&dt=Userscloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3404&pdt=232&dns=10&rrt=0&srt=357&tcp=205&dit=808&clt=1124&_gst=3497&_gbt=3869&_cst=3486&_cbt=3490&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=513010896.1654338493&tid=UA-70768172-1&_gid=807792549.1654338493&gtm=2ou610&z=1681788989

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jun 2022 23:32:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39327
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mdUUwTnoWKl4oRQEsVHNCRHMJeUlTL0MhFAV4UwMbIXZ9KxgaNwBoDg8hDX5cGSReKUdTIF4tR0RjUSoYSHEWOgoaLg00DB8nQSAIBixEaA8UeF0hABwpXC9fRwMFYEpQdwBmDRwrVCENBmACfhQBYAJ+S0VrAGtJN2ACfg0cKwZ6X0YHFXxKDXMEZ19HdV-E+Chk... Show response
d1e9rtdi67kart.cloudfront.net/ Frame B43D 555 B
706 B 661ms
339ms Script
text/plain 52.85.6.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1e9rtdi67kart.cloudfront.net/mdUUwTnoWKl4oRQEsVHNCRHMJeUlTL0MhFAV4UwMbIXZ9KxgaNwBoDg8hDX5cGSReKUdTIF4tR0RjUSoYSHEWOgoaLg00DB8nQSAIBixEaA8UeF0hABwpXC9fRwMFYEpQdwBmDRwrVCENBmACfhQBYAJ+S0VrAGtJN2ACfg0cKwZ6X0YHFXxKDXMEZ19HdV-E+ChkgRysYHixEa0gzcAN5VEZzFXxKXS5YOhcZYAINX0d1XCcREGACfh0QJlshU1B3AC0SBypdK19HAwh3VEVrBH1CTGsHfF9HdUMvHBQ3WWtIM3ADeVRGcxY7R0Q
Requested by: Host: dorderstar.xyz
URL: https://dorderstar.xyz/OWNBaVVYASIEalheI08gSw98TGd/RnMvMQgGeBshXQp3Xj5YETVHNlUMNA0zSwwvHXtXBjVMZ38OJTwATjcvBgJyD3UGB2gmMj8ddyATIRhzBhQFAXVTDAETeDV1PCJ0AQgxDwAoOQ40dxQDBhFeWyktDQwABjoHXCgUDQFwJXUdBwkxKzwGVjoSIRBuLCYGNHUEcVkRe1svOAZ4KgMALXwCAFEAXCVxARR7FDExFgAFEx4YfzoEGQRdFAMEEWsUMz8WfC0DBBR6BSk4F2AiC0xnezBxPyd4JDUjGwsiAg8yCQAKHg8PO3EwHX87OSIRYS4EM2QAKyU/eHxGcysWUQgmOyxKOgkALXwCcQ4vWiIPXAN8OTsvDUEoGTpgYCwpCg9gIggnDQkHcDEWWjEELhR6BSlZBHMPMgEACCFyKBYJMAMQJV0ocFAdeBQpWgN8NTMrHQggFS4mcQUHUB1dNgwfHXsycj4CTSoMWhR9Bhc7ElobGF4HCTJnAyZWDTFUNnQCFVoYXAEuG2U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.6.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-6-79.sof50.r.cloudfront.net
Software: /
Resource Hash: c702c084c8ae6fcedbae1b4cb73bcd6858997eb27bc35890f9885ac597f7197d

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://dorderstar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:13 GMT
content-encoding: gzip
x-amz-cf-pop: SOF50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 431
via: 1.1 8f15499c15ad42b311a079c8ccdcc48a.cloudfront.net (CloudFront)
x-amz-cf-id: Y7u14aPD62WWgSCs72f2ubDd3NSKXu5u2PGLbuxS7r6Tq6_iIrTk1Q==

GET
H2 200 lc1BwUkcQPx40eAc5FG9xQ2BDYnNVOgM9KQNtJiUOF2NBB3UwJQAkdj4qCHQzCTRNYmEfMR41elU1HjF6QnYRNiVOZFYmNxw7TSgxGTIBPDUAOQR0MhJtHT09GjwcM2JBFkV8d1ZiQHowGj4UPTAAdUJiKQd1QmJ2Q35Ad3QxdUJiMBo+RmZiQBJVYHcLZk-R7YkF... Show response
d1e9rtdi67kart.cloudfront.net/ Frame 9461 1 KB
1 KB 786ms
470ms Script
text/plain 52.85.6.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1e9rtdi67kart.cloudfront.net/lc1BwUkcQPx40eAc5FG9xQ2BDYnNVOgM9KQNtJiUOF2NBB3UwJQAkdj4qCHQzCTRNYmEfMR41elU1HjF6QnYRNiVOZFYmNxw7TSgxGTIBPDUAOQR0MhJtHT09GjwcM2JBFkV8d1ZiQHowGj4UPTAAdUJiKQd1QmJ2Q35Ad3QxdUJiMBo+RmZiQBJVYHcLZk-R7YkFgESI3HzUHNyUYOQR3dTVlQ2VpQGZVYHdbOxgmKh91QhFiQWAcOywWdUJiIBYzGz1uVmJAMS8BPx03YkEWSGtpQ35EYX9KfkdgYkFgAzMhEiIZd3U1ZUNlaUBmVid6Qg
Requested by: Host: dorderstar.xyz
URL: https://dorderstar.xyz/d1VYQncWNzsvSBZoOmQCBTllZ0UxcGoEE0YwYTADEzxudRwWJyxsFBs6LSYRBTo2NlkZMCxnRTE5O3M1AAAzISYnLWxyEjY2bQQwTi0JcDUzDDYMITgyFXs8JhssCB4iGh5wOTUXaxcAPQQZKRMdYSkBPyYvGxYlOQw1BxE6B2xzEhsAaQodMWMJLC4lGzEUOC0TAS85DyJvFiQQLR8WPjUFHBc2OAQKcjofHywKI0dsHygAFBhqCDUxPg56E0YPMRM/GCIfKEMiBQwDNhMAEis8JjFpExo9ZwlxQjYxaxMPEwASKzo1On1wNSU4AismNR8OGz8UGQIpWiViASkxEBALC0Q/Lw0KOQ4AAQ0mJWY8FiEbBGoUByYSAhQuPzE6DQ8QOBMqTkYEMAQeJgIZITgOIg8mIj08EQAuDRIicwIhOBIDOiRtGhIPR2YBKTIgBh82ByZmbQcuL2wTJBwTMgEpMRAUIg8fMjwRGBNEAGkYIjk5ORc1GgMxJkEmMn4oBBg7KH8hABw8cUYiZxs3BwFkFTgP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.6.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-6-79.sof50.r.cloudfront.net
Software: /
Resource Hash: 79973d6dda5b60489afac09eb5b1596a0afb84c46bb0d8b97af4184bdb2e33a9

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://dorderstar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:13 GMT
content-encoding: gzip
x-amz-cf-pop: SOF50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 762
via: 1.1 8f15499c15ad42b311a079c8ccdcc48a.cloudfront.net (CloudFront)
x-amz-cf-id: brvWiRhd6BizHSVP-YD9Gwv7SXD9OXSE_wTaVOIL0xQi8kbgfUiMHw==

GET
H2 200 ZwVQPyhyWwkzKDQCVn1oZVlaPD84BFxxfxFRAHp9eV0KbHR5Xgtxf2caWDIsJQAcZgtiWg56fmFPTGl8 Show response
d1e9rtdi67kart.cloudfront.net/GaTlUTVcKVjoraB1QMHBgWQFkeGVPUyciORkEEnwYBWg5BSQNHyA3M1QJciE2B15pazIHWml8cQhdNnBjT00kIjxUQyInNRhXJj4+HR8hLGoEVi4kOwVYcX8RXBdkaGVZESMkOQ1WIz5yWwk6OXJbCWV9eVkcZw9yWwkjJD... Frame DE61 569 B
716 B 650ms
337ms Script
text/plain 52.85.6.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1e9rtdi67kart.cloudfront.net/GaTlUTVcKVjoraB1QMHBgWQFkeGVPUyciORkEEnwYBWg5BSQNHyA3M1QJciE2B15pazIHWml8cQhdNnBjT00kIjxUQyInNRhXJj4+HR8hLGoEVi4kOwVYcX8RXBdkaGVZESMkOQ1WIz5yWwk6OXJbCWV9eVkcZw9yWwkjJDlfDXF+FUwLZDVhXRBxf2cISS-QhMh5cNiY+HRxmC2JaDnp+YUwLZGU8AU05IXJbenF/ZwVQPyhyWwkzKDQCVn1oZVlaPD84BFxxfxFRAHp9eV0KbHR5Xgtxf2caWDIsJQAcZgtiWg56fmFPTGl8
Requested by: Host: dorderstar.xyz
URL: https://dorderstar.xyz/amhKOTYLCilUCQtVKB9DGAR3HAQsTXh/UlsNc0tCDgF8Dl0LGj4XVQYHP11QGAckTRgEDT4cBCwvK21aPzwcWn08AiVLVyhZG3R+KA8daHABDQ1vZj8RKVB5OAMPfFgdMQhuUV8qGWh4IhELCntbOQBaXy9aCAgDGgkwcH49BSYBVTsALndYKAIeCQYBISBBYzsRA1d4OAASc1xeTXh7fjhQInVxBS0cUAIBJz1vbwkwcmtuKAwhWHE8Mg9qewEnGwhhIxJ/QGEdA3x2biAKCW5gUw0cUlUwH3NAYR0DIHNyBg4OYXBPWgh/Yx0kEH1gAjAYe04MWilwZTlFG1F7Al0pd18zTXh7fjgQJ3oEIAkOV0ZPWghgYx0kEH5jUikfCQMjMABbUwQubwtwMB8caGYTADNuQQESAX1nKT4kCFkwPiZYZi5QfntwEhAsQXA4KQJJDw8+enJUIjp/YVEeECwLVQs/DnBFIDkLWmwNHCNuUV9eLFRwOjwNVQ5MAjlWWBpVDAh5BjkncUUO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.6.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-6-79.sof50.r.cloudfront.net
Software: /
Resource Hash: f6fec01495162ca4e655e8d94431224d9ce4f9b1d6405328c3ce06b0cb522209

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://dorderstar.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:13 GMT
content-encoding: gzip
x-amz-cf-pop: SOF50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 440
via: 1.1 8f15499c15ad42b311a079c8ccdcc48a.cloudfront.net (CloudFront)
x-amz-cf-id: a0EyM38Xvb8rYMLarVrDCx9xrshfUloI0tLpyIhEWeN9WpCA0-ztCw==

GET
H2 200 multi Show response
dorderstar.xyz/ 3 KB
2 KB 314ms
313ms XHR
text/plain 13.32.121.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dorderstar.xyz/multi?cs=N1VqWDMHZllrAwdtX2wFAmRfawU&abt=0&red=1&sm=76&k=userscloud%20free%20cloud%20storage%20unlimited&v=1.0.58.1&sts=0&prn=0&emb=0&tid=708052&fs=1&ref=https%3A%2F%2Fuserscloud.com%2Fypfp51pryp3q&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&tzd=0&uloc=&if=0&_Th5l=1654338493290&crc=1
Requested by: Host: userscloud.com
URL: https://userscloud.com/ypfp51pryp3q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-7.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 76bed3c384de8027d55a46210d2543e259eb02d928d91de6e9164b87b1c9058e

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jun 2022 10:28:13 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1488
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-id: njOe-47JBP0pOCVFIy0mkCI5x80NEOW19P7M3GIH3vVU2EL8tSqqaQ==

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 334ms
108ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: betotodilea.com
URL: https://betotodilea.com/400/4859604

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8df91ee5a6d3a7f1af4ba2e2bedf7586f6619012a0ee622d23810105315db0e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 10:28:13 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://userscloud.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 204 4859604 Show response
betotodilea.com/500/ 0
460 B 112ms
112ms XHR
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://betotodilea.com/500/4859604?excludes=&oaid=8232a751cdcc4178868c5cfeb1162a2d&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fuserscloud.com%2Fypfp51pryp3q&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: betotodilea.com
URL: https://betotodilea.com/400/4859604

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://userscloud.com/
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 060901b5ef43339f8682f99cc073bfe6
pragma: no-cache
date: Sat, 04 Jun 2022 10:28:14 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: https://userscloud.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 4859604
betotodilea.com/500/ Frame 0
0 374ms
148ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://userscloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://userscloud.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Sat, 04 Jun 2022 10:28:14 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 07:55:49	Name: NID Value: 511=q6Y4StKVx9HLBvdWYd6ba4XXyg_7YCQoXTiwMNbGRUjjeJkAugn4pgOE0FGY-LjHpNuROcYM4zwHCLciPvD4LRtzXYIQRdldJsIBfLR6MHYGhqEb7W1Eu4S5N2TtUMUM1xTEtrbAWOm3yA2KyiS3IjyO42kkMzFeskw_fDpaq4Q
freychang.fun/	1970-01-20 12:10:42	Name: csu Value: 1811570512778451@1@1654338493
betotodilea.com/	1970-01-20 12:17:54	Name: OAID Value: 4716172cc2b748ee80ece60351667ae5
.userscloud.com/	1970-01-20 21:03:30	Name: _ga Value: GA1.2.513010896.1654338493
.userscloud.com/	1970-01-20 03:33:44	Name: _gid Value: GA1.2.807792549.1654338493
.userscloud.com/	1970-01-20 03:32:18	Name: _gat_gtag_UA_70768172_1 Value: 1
my.rtmark.net/	1970-01-20 12:17:54	Name: ID Value: 8232a751cdcc4178868c5cfeb1162a2d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
betotodilea.com
content.googleapis.com
d1e9rtdi67kart.cloudfront.net
docs.google.com
dorderstar.xyz
freychang.fun
my.rtmark.net
quiremuken.xyz
ssl.gstatic.com
static.cloudflareinsights.com
userscloud.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
13.32.121.7
139.45.195.8
139.45.197.237
142.250.181.227
142.250.185.168
142.250.185.206
142.250.186.138
142.250.186.163
142.250.186.173
142.250.186.174
157.240.20.35
172.217.18.14
172.64.156.26
172.67.218.221
188.114.96.3
188.114.97.3
52.85.6.79
02daa6c42e828526b52bf02b8be97d4c4c788da5b8b6bfad7375d9c553e95e0a
0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc
1ace3c2c48c540029efed09b59e724436d62d612130ce12dbd1d74855569b9b0
29f368a987a26cffc3e1d357d978df9f161f0cb8871b6c40198d571003ac2ef6
3113ccf70cb45bfd87165c46e1eec2f1eab56f7750208e78c68ac3f6d824277d
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf
3d850f37779530548bb5eae98edf965619c56e47ced7d37d4bc1b542d82ed6d7
41e37041acb7af4edf1734abe239c479429e321552c0d2f8be99f971c5dcc53c
43e40c50217ac1684db7e64ab75cacb245b50d0584772ab6449c393180ba61a9
45f51e3871e234e6cf987d6742480bb359dd6bfd7ad95c1acda1e4a5af5d4949
4fe7f4faa1789783c973fa566b8931b93416b8df53da880946c6bab8ecb09b6e
51ddb5a7a1921fee97aba0c38f0f1574a65eb0e41e15034c8831389cbee7ba09
5b08e2fb4631057a73c2a41a788822bdbebe53b536217e0dbbf48c02124c8689
68a5ecd49c3d32f40cde252466e03762ebfadf78287a105db4525bf1c7731fc6
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76bed3c384de8027d55a46210d2543e259eb02d928d91de6e9164b87b1c9058e
7721b5136298355781353fca7c761da7f6a5b3123a82ce3f6bd189b7f493755e
79973d6dda5b60489afac09eb5b1596a0afb84c46bb0d8b97af4184bdb2e33a9
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977
8217bcbf0b24286baf23960f755470b8452b85db560938b0b4c1a7d36385e989
82c4fb162a3320a03cc7cd7b683b98eb245059d908b86852d9c7068a3ff6f43c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
879e47078b44290bfb92fd5b6d3cbd3bbff6f8fb3b15279d4ce991cc8b731ac6
8df91ee5a6d3a7f1af4ba2e2bedf7586f6619012a0ee622d23810105315db0e9
94487dc921d187d8d0e37e8193ec95aa6c30e7bb578c6320c9a762f00a41b167
9957cdb6efb34b018994223d4317d7ab45f2d7168bcc319f04fa373e23dc8c1b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a91d217f00629c39a24869c5f35c254832ba77961d5758d77816924a4cd897e0
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9296c5dfafacb79be85caf2afff98b018258e68a826e656fccc5208022663e8
c16c0675c9510036f5d65b69e1cf447a4a69977b3ae3372887d673645183d011
c702c084c8ae6fcedbae1b4cb73bcd6858997eb27bc35890f9885ac597f7197d
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137
c8296a6364060744b293f6ba76f8b7cdb36ed7556902a2fc47209c855709620a
ca6b19ba69284d4777e435457f175c112fe64aa3fc2fd9845c9d07799972c52a
caf57ad31292cf2771a7126437a37465a818dfb3e98520671db8da48e3212e4e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc
daa4b21c7030e62346cda17c6926159bb2ac655345c3b152cd3c2c0dbfc73d81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0ae67d9bc0794b73d798c9eede30e2b06c5a67233e7a2bce124671f2b5c747
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6fec01495162ca4e655e8d94431224d9ce4f9b1d6405328c3ce06b0cb522209
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

userscloud.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

96 %HTTPS

0 %IPv6

14 Domains

17 Subdomains

18 IPs

4 Countries

1346 kBTransfer

3368 kBSize

7 Cookies

0 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

userscloud.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

96 %
HTTPS

0 %
IPv6

14
Domains

17
Subdomains

18
IPs

4
Countries

1346 kB
Transfer

3368 kB
Size

7
Cookies

67 HTTP transactions
1 data transactions