urlscan.io logo urlscan.io
SecurityTrails logo

www.onlineusershielder.com Open in urlscan Pro
2606:4700:3031::ac43:b355  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://1337x.to/anoydl9-Adobe+Acrobat+Pro+DC+v2022.001.20142+(x86/x64)+Multilingual+Pre-Activated
Effective URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Submission Tags: falconsandbox
Submission: On September 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 10 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3031::ac43:b355, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.onlineusershielder.com.
TLS certificate: Issued by E1 on September 11th 2022. Valid for: 3 months.
This is the only time www.onlineusershielder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    104.31.16.118 (United States)

ASN13335 (CLOUDFLARENET, US)
1337x.to
22    2606:4700:3031::ac43:b355 (United States)

ASN13335 (CLOUDFLARENET, US)
www.onlineusershielder.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    37.48.65.182 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
extreme-ip-lookup.com
Apex Domain
Subdomains		 Transfer
22 onlineusershielder.com
www.onlineusershielder.com
1 MB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
222 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
111 KB
1 extreme-ip-lookup.com
extreme-ip-lookup.com — Cisco Umbrella Rank: 18258
742 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6352
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
548 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
16 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
47 KB
1 1337x.to
1337x.to — Cisco Umbrella Rank: 94605
492 B
32 10
Domain Requested by
22 www.onlineusershielder.com www.onlineusershielder.com
2 www.facebook.com www.onlineusershielder.com
2 connect.facebook.net www.onlineusershielder.com
connect.facebook.net
1 extreme-ip-lookup.com www.onlineusershielder.com
1 www.google.de www.onlineusershielder.com
1 www.google.com www.onlineusershielder.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com www.onlineusershielder.com
1 1337x.to 1 redirects
32 10

This site contains links to these domains. Also see Links.

Domain
hhrsecure.com
Subject Issuer Validity Valid
*.onlineusershielder.com
E1		 2022-09-11 -
2022-12-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-03 -
2022-10-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
t1.extreme-dm.com
R3		 2022-08-14 -
2022-11-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Frame ID: 7BF325DA3DFE4B4D1AAE6C7A0572523F
Requests: 31 HTTP requests in this frame

Frame: https://www.onlineusershielder.com/common/common_b.html
Frame ID: 63912891144FA0EEE6E8FFB401C915A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Safety Downloading

Page URL History Show full URLs

  1. https://1337x.to/anoydl9-Adobe+Acrobat+Pro+DC+v2022.001.20142+(x86/x64)+Multilingual+Pre-Acti... HTTP 302
    https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

70 %
IPv6

10
Domains

10
Subdomains

9
IPs

5
Countries

1374 kB
Transfer

1997 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://1337x.to/anoydl9-Adobe+Acrobat+Pro+DC+v2022.001.20142+(x86/x64)+Multilingual+Pre-Activated HTTP 302
    https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.onlineusershielder.com/download-guard/
Redirect Chain
  • https://1337x.to/anoydl9-Adobe+Acrobat+Pro+DC+v2022.001.20142+(x86/x64)+Multilingual+Pre-Activated
  • https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73c07068fe600dbf2af6efa8becfc569ccfacd9e3531db83c524b51de513c9cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74f95277fda99012-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Sep 2022 06:04:21 GMT
last-modified
Sun, 11 Sep 2022 06:18:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56fNV0hdAidz7nhB30PV0ElIJie1VBL0Iwo53%2BERmnQesDsFr2PPn7Mw5qCFJ5Ukiq%2FMckK0UEFuVnutcVMQTzl1rTMq%2Bfu6ITRkxJRQPa2FHNc6T31xlneuWIgJMcutFRcOeJA%2FkbczXJexNOT2u5ZY3ajqfcJt7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
diQJ2qOUbJdIL7CzrJI/rCGb8EwctsbBYAjgKkRJC8f+4qp6wYL02uy1jqwd0E6ZJ25jSFwXZL8=
x-amz-request-id
KDFZ1P91QZS19YEZ

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74f952757e7f9a06-FRA
content-type
text/html
date
Sat, 24 Sep 2022 06:04:20 GMT
location
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AQOvDq1TiTIzmxXsliNFSu81lcQP2HItq64AWD2M917qQLTCQmPclg%2BFAMJS2IVkyuQ%2B1jVnU%2FiFaLlMNLzqTQlSdjeEMMQ5nyLx6TAZWlS2OYke%2BGxEIyx2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
bootstrap.min.css
www.onlineusershielder.com/download-guard/assets/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/download-guard/assets/bootstrap.min.css
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 11 Sep 2022 06:16:46 GMT
server
cloudflare
x-amz-request-id
TBZB3C1RRYJTD5F0
etag
W/"5d5deb4b681ac224054b99f39c9b2a0d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMLtdSNwyXV8f49k%2FQC8JTjc2ni7%2BA2eLslpWLoqF9pQ%2Btw0rAxjHWR9vTAax8%2B1Wiw95TqNPZWSU8C2tpCJoyAtmlvmwJo6ehJC3IP12F2id7DuhjVbEVhB%2F2nY9T5XRreODlKTMDJ8M34Q48N0F%2FYKBqKZF1kakw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74f952781dd99012-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
SiDItW898HXNm7g+2Srf1AJ+4Q/DQ/2PL51zZshfi36TxnhglVTfMOh9KA2+PTtNVmGHkZQhULs=
style.css
www.onlineusershielder.com/download-guard/assets/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/download-guard/assets/style.css
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3324f81daa7084d69d284488e4dfeef5bcead3d8bbfe28de5d2104aed0417fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TBZ972YDJG50Z3G7
cf-polished
origSize=27947
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
5bErJyhF5+0Y/M7JvCouhurEp9HbdMD6LJn0jrL0BYJAV5TXR8mNIcykSZEP+wOLvP7bSPT/DBU=
last-modified
Sun, 11 Sep 2022 06:16:24 GMT
server
cloudflare
etag
W/"c7c87c176c49fd4f68d09eaa352c58fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ay9QMKpc0Q7fuwX4BDmsgyT5CeQAIASflphBwyYphTdnExzgMV8JvyEVaqHU%2Ft1iB4sTKDzGNEWWau%2B%2BT1eiIPM1NdJtVIctCvMLwbUTHkvI%2B1I%2FrRofljathk2ICg1%2BW6Dn%2BNOzvzYn77pQoQMXYJnr1NMhKr7AGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
74f952781ddd9012-FRA
cf-bgj
minify
jquery-3.4.1.min.js
www.onlineusershielder.com/common/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/common/jquery-3.4.1.min.js
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4603
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
EJEK98YX5W6Q203K
x-amz-id-2
dRgdwN60ejLX5bPUaa9wwK7/gsOKGsxEpGfbbYXd5pLlU9zMEYRIx8q0MXprl8/yRhZxzw6kJpA=
last-modified
Sun, 11 Sep 2022 06:17:52 GMT
server
cloudflare
etag
W/"220afd743d9e9643852e31a135a9f3ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwxUxv0Jl7%2FUjxJG7GsggC4%2BtQLIeCALj0EofPzkfTZcYYrVX%2BJTy%2BU45QjwRsVcvFUR%2BIT%2F6F5AQp%2FiRJ4W3DikVy1DkNTSB9%2F7inyV2Te1Nm9yUkMZnlRsTuA8g9YMTsteLiEPNhjC1Wza%2BsBFb0%2FIUWl2dPXygQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
74f952781ddf9012-FRA
utils.js
www.onlineusershielder.com/common/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/common/utils.js
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d118226eef5305cd848ff84e7a7d319a25a934517ee7b6161ebed7372ee4e34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4603
cf-polished
origSize=2432
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
D0B8JTJEFEY840P8
x-amz-id-2
Aw7QKfpY557YlNgPcF0dbVgcmxnJYozd4pm2+XNJ/z8l3DE2Zj958dh6Yn36US+LVWdT9Zub+r4=
last-modified
Sun, 11 Sep 2022 06:17:54 GMT
server
cloudflare
etag
W/"ccc07d3cb2abd5e47646627a35007cd3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9phKNt5lLRm5QufzJ%2FB4ZXJ%2BgJxJcxTacwIodbP90Q03%2FqS96j%2F%2BgTMDm2aN2F6hOewL6sBmwp9Y%2FoawoFOVsKG7g8wrHtVGyR58rLM0T9aL4ki9IIUfNK%2BMuKp3KL2czpvr4%2FttXJ8nMUZp9Ks8Kt1a3OAUs%2FD4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
74f952781de29012-FRA
cf-bgj
minify
common_script.js
www.onlineusershielder.com/common/ 		541 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/common/common_script.js
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa8d23a1972d8edcae27a68fb72c6d34d518b5fce6b3b517d1282b42686bb552

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4603
cf-polished
origSize=618
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
D0B8FNVPSK4YEP88
x-amz-id-2
DVbg6/t53Jh8sgjjadS8VcLrl4m/BEzqzWiSDjv2rSvUMecr4jiwxNh4eOTkniOF0jn/dLJTk2U=
last-modified
Sun, 11 Sep 2022 06:17:51 GMT
server
cloudflare
etag
W/"238a0daa95d468262f36bd4a3f66c71b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QT%2BqeqM5uiCaKnmBGCpEymNO97QMBBAeIemp1dz09a4RCkE93Rxjs1RpKhdctNhlrIb2VPauPhSHq0SeihgGaOK9ERbl8jTTc8Ysj86A1bpQmto3J5x4ZLsF1zgJiEha35oyd3FOTqR23KdEH77emSf%2F6IhrkFC42g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
74f952781de39012-FRA
cf-bgj
minify
img-laptop-torrent.png
www.onlineusershielder.com/download-guard/assets/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlineusershielder.com/download-guard/assets/img-laptop-torrent.png
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f7621b72b7557e441b44d5033a6a90446dbd6bec6761e140d807e572ed96ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TBZ90DP5Z5WP2EYV
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14114
x-amz-id-2
pIzlnsnFJIKytsF5lezkOczRmYW9lfutMnxACP674xM75khOsp5m31PeRsTLWCQ/2wlqijPD9cY=
last-modified
Sun, 11 Sep 2022 06:16:20 GMT
server
cloudflare
etag
"3ef16db20f009171f12df97d687f4e9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7C4OyWJqtB8KLDVzsUZa%2FxwpYLIY6zHkD4oAV68K4fQXoY7cLhvGdn1iUvTp%2B%2FWwCqkaorBmE%2FXiBcd6oDk%2BnS2XrjsOFXMyclca2nI%2BrQY0rgcq2Y6aqf%2FkZas3KzxiWnXzOS9JqIOBJQ3vkVuzhuUwGU1CRqW8CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74f95278cc47bb86-FRA
shield.png
www.onlineusershielder.com/download-guard/assets/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlineusershielder.com/download-guard/assets/shield.png
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb57697f52d12f3a6f807c8856bed3cb6e182c78b5d3d9bed4ef9069214012f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TBZ8WP57JDW2Z31P
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36328
x-amz-id-2
WUGdwsnRFIWkhrfxG093TXeVopbvY+ePWruMvWE+Kj7TYMMbGtDrA4M5Ws86UfHMsxJVRTvlGEw=
last-modified
Sun, 11 Sep 2022 06:16:22 GMT
server
cloudflare
etag
"fb5786d1fdaac2654b0ed0f35bdcfc18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHrmSniUb1se6QiIHJnOZzTnr4XzKejTfnVWyLGvkt1cy1S9WGw0o1QY0jzobby5VS4V5CdEflCbzQLpUr3RT4wJAsliMITKFKWrcHP8HgROc%2FCutxBtAsLcGupll0DmRIMH2V5qeOpJW%2BJpCjgI8TPEZGqnzxkxZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74f95278cc49bb86-FRA
ic-no-logs.png
www.onlineusershielder.com/download-guard/assets/ 		663 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlineusershielder.com/download-guard/assets/ic-no-logs.png
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71b4d13762307641f096f5c3af8a0f6ea349af53b3def1e31c1d702f1dd0f4fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TBZ913S3HRN5X74E
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
663
x-amz-id-2
NFvWOPWQ+eDSNkV81U7rlZaIB9DaiVjVv7tKLG+u/WUykug7lRNG9+V7vUKDwEiwmfHbqegoi4A=
last-modified
Sun, 11 Sep 2022 06:16:47 GMT
server
cloudflare
etag
"982410eaf230e66a971c439b7acbb62d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkcPsABKhktar%2F19NtY8NLJfgULDMr9NQndscjUjKI9PRX%2FSv%2FQ7C7P43JTacb0ytHF1ff9kF4iJQK5pCd3JxChYoenZ2Z6LOFZmRwHCoaKZcTCe8pz0iFZW68YT3j8fSCySiFZ1%2BdrRTbcO5%2F%2FlAHf5A3%2FjdUES0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74f95278cc4abb86-FRA
ic-kill-switch.png
www.onlineusershielder.com/download-guard/assets/ 		1002 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlineusershielder.com/download-guard/assets/ic-kill-switch.png
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ad2012c62e6dc10892284a8874a06d47e7957ce58ad3bc6320b448f94c5eb3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TBZBQF6JMKZMNB4Q
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1002
x-amz-id-2
zm5a2jxNu5fVuQFXFMVgPiVCnYv0GtH7BMHMXV+biy6DktJcbz9sRGSeMaRDDE4xnCjC8qLB0Fw=
last-modified
Sun, 11 Sep 2022 06:16:47 GMT
server
cloudflare
etag
"367bfb813d79024dd51778c25034d87c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVEFJC4cVOxDo1%2FZFoiOMXkD%2FWgdMqgIkFzluX6e7hq75g83rrLj98zWcek1L%2BF9AafbhjGNip7zF7%2B9jlENwUXy7MT6ccteVnqWhlPzxRhpxk8oAkN2hrtfZKP2hk9ou%2BD2CMhfFBBtshecNOgdbynBUIyNST%2BpJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74f95278cc4bbb86-FRA
spinner.gif
www.onlineusershielder.com/download-guard/assets/ 		659 KB
660 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlineusershielder.com/download-guard/assets/spinner.gif
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4ec59180ccde83e3bf28fbe8f59cd91b27d39f05f971cd051fc744bb3027a8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8E9VNTP0T63C49C7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
674974
x-amz-id-2
ihHeh/yYrxA7DOZMI6E9ibYF/Ljk3vnxBqJauNZ5Dz+rlLFTTI50lAZzDcZxoCVJn15sKuQROas=
last-modified
Sun, 11 Sep 2022 06:16:23 GMT
server
cloudflare
etag
"17fee242645330331f001ef8da9b04b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3mhWnvlefshC4wEemPEr06dE1m8XI0JT6qabBNZFmHfP%2B8svS1lmQ%2FQiszMXmOJq0dvg%2F4n8m11I2v9NGYXzabRY3lJFXluWQUR9nSEB9eL%2Bu5kNsaEHo%2FSWOtwrjcbMZ1d0lTnKWtjSWMyoAWgzIcU7WX3Hye2Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74f95278cc4dbb86-FRA
common_h.js
www.onlineusershielder.com/common/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/common/common_h.js
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53849598e1618bb12a01f0f3d4ea9f24c23bbec11452f0ce972945b92d90cc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4613
cf-polished
origSize=2083
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
D0B1NGY3MWVPPCPZ
x-amz-id-2
3J2JOMuZVmxPhL+pNF47w9hvhaZ8lsBrKPKi3fXyQdAF1yAy015y4KFhqUmruh6Ha82hrghqH5w=
last-modified
Sun, 11 Sep 2022 06:17:50 GMT
server
cloudflare
etag
W/"3007835e4a1c6e7b09ff885374f72b40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMlq8PVbIuMA1XEaJJNuahcURBau4dJdlFmjSUIBbT4vOnUy4TyzBrImUbkQkFj%2FXAlJwKf%2B3WpLFwjQGz5DSdwri5sCU%2FpVF3bB4Mg%2BlZibsykvmtL20JfaG9rtVJ5Qr7JuTjprFHp3PQpFWOK3SygC7Hbz0707SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
74f952789be5bb86-FRA
cf-bgj
minify
style(1).css
www.onlineusershielder.com/download-guard/assets/ 		623 B
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/download-guard/assets/style(1).css
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0b3bddaf52300556aecf3f085af1fcb9c465bb61e0a4e51b9f81fe2449a901

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TBZ1N30CKPZKPRSF
cf-polished
origSize=790
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
0ljYUWXLorgXCJjEqheHOTfSFxq08+t1tqeNoobcSdzX4uW7FPYlB1Agzpz0gHWadXkO9z0iKGg=
last-modified
Sun, 11 Sep 2022 06:16:23 GMT
server
cloudflare
etag
W/"f6f45ce0f410f973092bb238739a07c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYei3Fxiu4SC6E0vnGDn2NJ%2BYlxwCF3juIvBtJ%2FIBdyGjWoGJ%2BfHw7r4HHI8h8GprhqLn9DiOQivkfRGmmSh1IwNNO8LBXpDIMAoAQFJan9NZrqUNlujPUBlG9wx%2BTiE8LEAtq6KxhkE3iqRlYUNw%2BZPk0hbJ9jsVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
74f95278bc20bb86-FRA
cf-bgj
minify
jquery-2.2.4.min.js
www.onlineusershielder.com/download-guard/assets/ 		83 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/download-guard/assets/jquery-2.2.4.min.js
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6de53799ac7f249679a4f355e51f40144101b0b9d44d6f873f37a1384cc81e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 11 Sep 2022 06:16:21 GMT
server
cloudflare
x-amz-request-id
TBZ4EWHVQMX8B1AQ
etag
W/"02293083a38eb3b0b43f1d6a8a935866"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0Ab9lvbDcnPn7Wbwgb87cEn1%2BBvtOTCgwKqu%2BTKfcq5xZFMIkMdtXaoO0V0awMy8CLPW1poVZR7SLRgqSVQIaMh3nMG%2FklyK6EVOgrjcIF%2BMPKD63csv1LvnRdkyvOrS71DWFB2xFuI9dvpAateVG7OUhpJAfR%2Bcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74f95278cc3cbb86-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
UIQObcTz9XF35XNWpArdQGAeR8w8VJdWmZyuaoUOlbWWbgotBbXXZbDgqV3gPFuhKQqFcFyCG6U=
bootstrap.min.js
www.onlineusershielder.com/download-guard/assets/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/download-guard/assets/bootstrap.min.js
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 11 Sep 2022 06:16:46 GMT
server
cloudflare
x-amz-request-id
4DGBDS1K5F5DBE4D
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QsxAocthBT4ct9RcRcuutfmFNvMDBXPOnM1Bcx76SRe9Xa5%2B143MvsP2c30UNKkGKxRKKeWB7320nypfwiBW0YS%2BUALOEYIWf2JPCs3gSnZNT1hZB5%2BI5WZYr93EXmfsuEdxcflSohVgfkYKHVJgAOfgRJ58BEFOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74f95278cc45bb86-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
S79slqJ4+ouYQJgK15b8gU6lkGmlpHHveXIG5geFMV/bQPRQs6A8tMrNzMJOjgqdH+VrALHYELM=
gtm.js
www.googletagmanager.com/ 		119 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NR45DMZ
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/common/common_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1a42527a4275134de7e0742f0b3e90bd8fcd57f816d110e06fbc865b9d649f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48095
x-xss-protection
0
expires
Sat, 24 Sep 2022 06:04:21 GMT
common_b.html
www.onlineusershielder.com/common/ Frame 6391 		427 B
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/common/common_b.html
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
001261c84f9c9755c62dce3fcb4d13f22d1abf272e81bf4289166b0efbe381e5

Request headers

Referer
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6960
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
74f95278cc4ebb86-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Sep 2022 06:04:21 GMT
last-modified
Sun, 11 Sep 2022 06:17:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w49a%2BnYtA%2F%2BvhBxx5MKjb4LrHXC9CjvHOkdGFmUQyDCut6hDehfQodsTuoPZouu2D9Q03Ty8EEidFyQ%2BYvOmHZY5CZl9aAsF3bK0qBBIsiM1FFXZifibP9Ld4t4yflhgg5NDkrcMK2fY%2FnPAwk2nvWW8Aa%2BaEGXSWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
TpDVo1373GQg+W3ahPD5qTqCnMdxaLc+yTn86ZCguH2NMOsA/DJT0yUufUp4PqLmOGC7RWWqUVE=
x-amz-request-id
D0B7SYEWK5DFN42A
banner-download_desktop.jpg
www.onlineusershielder.com/download-guard/assets/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlineusershielder.com/download-guard/assets/banner-download_desktop.jpg
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4cd8278843c8d9ed9be89746d42028cf92b3f927fdf57119822e4f6542d2dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TBZ7DRXBD6YZFJ6K
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63305
x-amz-id-2
f9iyLqk/zcub9WfI8TyJs2ah1lc1KdliyfG5WfsCBbMfmZVLX+6ll0QczJOLw/3wDqtKJzLgJzU=
last-modified
Sun, 11 Sep 2022 06:16:43 GMT
server
cloudflare
etag
"513d51929507996f411f37dfcc9a5173"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqJ6DtO8kEx5rdQ1uZXizx08nVJSvWOlvdjAKlq%2FLPUewAlPudAGPBngygePa8bUdhR19a6IhAMtrNsgbz6b4fLRe1V7p%2Bhc7rHcKBEIIWjGxlTlhFEirD34PJhAf7LMyCJmZGLvZnnq4CRe%2BmKHdQO4padtCQDg6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74f95278cc4fbb86-FRA
img-cta-torrent.jpg
www.onlineusershielder.com/download-guard/assets/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlineusershielder.com/download-guard/assets/img-cta-torrent.jpg
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2c0d991d3d519c52176e55fe73d5b9d066f0b67c11480d988c00e32248cab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8E9SNFGRY6WG7CPM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34939
x-amz-id-2
u131KRSLQxij17j9VFzTXqe+MXiX/Ryoh4/scIEZd477dzu3YwOHI/9pPQYUyGlEgqr+rkOCrJc=
last-modified
Sun, 11 Sep 2022 06:16:48 GMT
server
cloudflare
etag
"26cfc4a29fd7c648483ebe10564f56d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXRzXf%2BWyDsZBsejGH4mr6Tr7TwhQQWgyHl2oLwMkHJ44Res%2FyZVps0lFpsy5%2BgEsIQCRCXULo0eZSCdfDW4CUuOdVw6OTHFJNEfIlFIW%2F9skAJnNF1j%2Ff9ni8IsfScO%2BVBaAPVn%2B%2Bcd%2BjiuChOY%2BenegpUizYqIOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74f95278cc50bb86-FRA
bg-icon.png
www.onlineusershielder.com/download-guard/assets/ 		610 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlineusershielder.com/download-guard/assets/bg-icon.png
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc7fda2f83d80f5787b062a9cb748247fb0a98297333721f77605bba976e3a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/download-guard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8E9PG6J6XTQ7PH20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
610
x-amz-id-2
vhn4v7tScfFz89hwYUDMTkUo5DM4l6timN4gR+MH/fOa+N8wfvslRm505sxCtZnN2oj8LQ0zJ+U=
last-modified
Sun, 11 Sep 2022 06:16:45 GMT
server
cloudflare
etag
"532526a434ca37ebaadf5b8198cf3794"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWwJpYGR5pvvc3HNr7ECN8QSJpRz6SZ8g2oqnDmO1MArE5Wm6kJzlUbfFuXdUgbQqkPZTFDTJmRfwocl4%2FL%2FIroRKJK4%2B%2FqumMSNfuAxYrD5ixaJNmsFbyCmAUctko4KutcWXY6lbafgiHBHgMy0B9LNSLYkOnJkpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74f952792cffbb86-FRA
ProximaNova-Regular.otf
www.onlineusershielder.com/download-guard/assets/font/ 		92 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/download-guard/assets/font/ProximaNova-Regular.otf
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/assets/style(1).css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae

Request headers

Referer
https://www.onlineusershielder.com/download-guard/assets/style(1).css
Origin
https://www.onlineusershielder.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8E9MYZVERWKPJZ7N
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
94668
x-amz-id-2
jYKQMN6pJghuggbm+N8KKhR7oBpB/rC+jWMDfVpUZd+QOSaZnynMP1Og+RSK3G7G0//e86ZG7ic=
last-modified
Sun, 11 Sep 2022 06:12:40 GMT
server
cloudflare
etag
"410504d49238e955ba7dc23a7f963021"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=id7RLjfNWyL2MWQWWMD7h5YTidu3aJ6Jyl9BlvzA72LsQK4KzXNrIpTZgLPRTAgOznkn17Z%2BifFnlSIq97MV9Mh0vcmIrW7Py2aw6QKMSnDNOPAe13QJjjXT6VgCqmTlZcQXcY0fKVw9rwfHG8NpsvU%2FQ7WN6sKnuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74f952794d54bb86-FRA
ProximaNova-Bold.otf
www.onlineusershielder.com/download-guard/assets/font/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/download-guard/assets/font/ProximaNova-Bold.otf
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/assets/style(1).css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa617e6195b48622cd13742f0a33f41bd0a3f8b5689424c90f6cba97d4679644

Request headers

Referer
https://www.onlineusershielder.com/download-guard/assets/style(1).css
Origin
https://www.onlineusershielder.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8E9NES874KD7X4YM
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
96640
x-amz-id-2
dRICZQ/U5FYysyX2xb60Ul0RnlMm+rb9nD0PTKmh+MCT/1fv1yv4on6w6jwRkv6B15b5cweILy0=
last-modified
Sun, 11 Sep 2022 06:12:39 GMT
server
cloudflare
etag
"62d4d7d369292a9bf23762465ec6d704"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMPW8X7Ed5OQZJ1t2r4%2Bb5HghAUhAdxyUobDplnNiaHDawUuUe3z%2B7yf42Gx3Ob5dxpdlSyw2%2Bll4Rvf%2BXr2bdWwjCb2RV0mKzZtnW8vjlqvq677uUobbxarr7GokQM%2Bx0%2BRXMUER9tWqhHpKZ4yrce8rY2CsUhdEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74f952794d65bb86-FRA
ProximaNova-Semibold.otf
www.onlineusershielder.com/download-guard/assets/font/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlineusershielder.com/download-guard/assets/font/ProximaNova-Semibold.otf
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/assets/style(1).css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b355 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
388be1fb84d1608325ba870797519fe52ad081852a47c66aef5e90eeaf2c425d

Request headers

Referer
https://www.onlineusershielder.com/download-guard/assets/style(1).css
Origin
https://www.onlineusershielder.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8E9TKRFD10DQGEP7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
91904
x-amz-id-2
dGG9CNaEB2vIhOjdpV1TOLgxgwWptd7K18CsWsUzkNRqPqdObyGtezWBgyphypvXwUrIUAuWOEc=
last-modified
Sun, 11 Sep 2022 06:12:41 GMT
server
cloudflare
etag
"6a386899746222073dd64c5f74d1a69d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eEzH7tXTVGOb%2F%2F3hcaqfNv1aPTFHzKMka5QSh7YJh03LMovwdjMDrUnEOqqFvCL8d1AARx1LcL%2BBZT1lyN3qzXXqA9jwd90Dd6%2BZVts42J5aeSDB5SRMJCzFc7%2FWhxtrVV9xoxSxJmwsexFbBXf9W3Hio4jEP3Png%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74f952795d75bb86-FRA
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NR45DMZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
cafe /
Resource Hash
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 06:04:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15697
x-xss-protection
0
server
cafe
etag
1764007376392519731
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 06:04:21 GMT
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
i2bx/veA1kJYXSI3zK+D4opz6F03N1cMOL+fbhZIO3ia53L30HcVi20+neufCGxsDW3i9+VQx9Il6qgKfRS5Ng==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 24 Sep 2022 06:04:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
2099375100220053
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2099375100220053?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
118b198975d904ff023e0febbdbab27afc1a584abb15dccff6d3c1f0868e9e85
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
40yoag8xHutjCwq2NNz+GwkKtuxMDartahiCNUL0qCgpmKFWXLqdFnR+OwN9SqsseTWVjfCPepgg5P76R2hAfQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 24 Sep 2022 06:04:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2099375100220053&ev=PageView&dl=https%3A%2F%2Fwww.onlineusershielder.com%2Fdownload-guard%2F%3Fhm%3Dtrue%26trvid%3D10834%26var1%3D461&rl=&if=false&ts=1663999461501&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663999461500.367399060&it=1663999461401&coo=false&rqm=GET
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sat, 24 Sep 2022 06:04:21 GMT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10835118523/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10835118523/?random=1663999461506&cv=9&fst=1663999461506&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.onlineusershielder.com%2Fdownload-guard%2F%3Fhm%3Dtrue%26trvid%3D10834%26var1%3D461&tiba=Safety%20Downloading&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c1acca70ab8278c74cfdb2329a9321856550a95e80cbddd9dc36ddb1bb5e667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 06:04:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1051
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10835118523/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10835118523/?random=1663999461506&cv=9&fst=1663999200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.onlineusershielder.com%2Fdownload-guard%2F%3Fhm%3Dtrue%26trvid%3D10834%26var1%3D461&tiba=Safety%20Downloading&async=1&fmt=3&is_vtc=1&random=479220180&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 06:04:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10835118523/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10835118523/?random=1663999461506&cv=9&fst=1663999200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.onlineusershielder.com%2Fdownload-guard%2F%3Fhm%3Dtrue%26trvid%3D10834%26var1%3D461&tiba=Safety%20Downloading&async=1&fmt=3&is_vtc=1&random=479220180&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 06:04:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
extreme-ip-lookup.com/json/ 		594 B
742 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://extreme-ip-lookup.com/json/?key=aJbbs4bJut0SjErsJ09G
Requested by
Host: www.onlineusershielder.com
URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.48.65.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
46a70632f59ba7e6a8086cdf3eb96f6a084c718519206063629c16b9330e86d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Sep 2022 06:04:21 GMT
cache-control
max-age=3600
server
nginx
access-control-allow-headers
*
content-length
594
content-type
application/json; charset=utf-8;
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2099375100220053&ev=Microdata&dl=https%3A%2F%2Fwww.onlineusershielder.com%2Fdownload-guard%2F%3Fhm%3Dtrue%26trvid%3D10834%26var1%3D461&rl=&if=false&ts=1663999463012&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Safety%20Downloading%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663999461500.367399060&it=1663999461401&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlineusershielder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sat, 24 Sep 2022 06:04:23 GMT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| getBrowser function| getOS function| setCookie object| dataLayer function| addParams number| w undefined| click_outs function| getQueryParameters string| pixelType object| google_tag_manager object| google_tag_data function| fbq function| _fbq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

3 Cookies

Domain/Path Name / Value
www.onlineusershielder.com/download-guard Name: ck
Value: true
.onlineusershielder.com/ Name: _fbp
Value: fb.1.1663999461500.367399060
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1337x.to
connect.facebook.net
extreme-ip-lookup.com
googleads.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.onlineusershielder.com
104.31.16.118
142.250.201.194
2606:4700:3031::ac43:b355
2a00:1450:4001:808::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:400d:80e::2003
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
37.48.65.182
001261c84f9c9755c62dce3fcb4d13f22d1abf272e81bf4289166b0efbe381e5
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d118226eef5305cd848ff84e7a7d319a25a934517ee7b6161ebed7372ee4e34
118b198975d904ff023e0febbdbab27afc1a584abb15dccff6d3c1f0868e9e85
36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae
388be1fb84d1608325ba870797519fe52ad081852a47c66aef5e90eeaf2c425d
46a70632f59ba7e6a8086cdf3eb96f6a084c718519206063629c16b9330e86d1
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a2c0d991d3d519c52176e55fe73d5b9d066f0b67c11480d988c00e32248cab6
5ad2012c62e6dc10892284a8874a06d47e7957ce58ad3bc6320b448f94c5eb3d
6f0b3bddaf52300556aecf3f085af1fcb9c465bb61e0a4e51b9f81fe2449a901
71b4d13762307641f096f5c3af8a0f6ea349af53b3def1e31c1d702f1dd0f4fe
73c07068fe600dbf2af6efa8becfc569ccfacd9e3531db83c524b51de513c9cd
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7d4cd8278843c8d9ed9be89746d42028cf92b3f927fdf57119822e4f6542d2dc
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
9c1acca70ab8278c74cfdb2329a9321856550a95e80cbddd9dc36ddb1bb5e667
a4ec59180ccde83e3bf28fbe8f59cd91b27d39f05f971cd051fc744bb3027a8b
a53849598e1618bb12a01f0f3d4ea9f24c23bbec11452f0ce972945b92d90cc9
aa8d23a1972d8edcae27a68fb72c6d34d518b5fce6b3b517d1282b42686bb552
abc7fda2f83d80f5787b062a9cb748247fb0a98297333721f77605bba976e3a4
b0f7621b72b7557e441b44d5033a6a90446dbd6bec6761e140d807e572ed96ed
b3324f81daa7084d69d284488e4dfeef5bcead3d8bbfe28de5d2104aed0417fc
b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6de53799ac7f249679a4f355e51f40144101b0b9d44d6f873f37a1384cc81e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb57697f52d12f3a6f807c8856bed3cb6e182c78b5d3d9bed4ef9069214012f
f1a42527a4275134de7e0742f0b3e90bd8fcd57f816d110e06fbc865b9d649f6
fa617e6195b48622cd13742f0a33f41bd0a3f8b5689424c90f6cba97d4679644