urlscan.io logo urlscan.io
SecurityTrails logo

www.user-shield.com Open in urlscan Pro
2606:4700:3035::ac43:c9d1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://user-shield.com/
Effective URL: https://www.user-shield.com/
Submission Tags: tranco_l324
Submission: On May 08 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3035::ac43:c9d1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.user-shield.com.
TLS certificate: Issued by GTS CA 1P5 on March 18th 2024. Valid for: 3 months.
This is the only time www.user-shield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 18 172.67.201.209 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
25 5
6    2606:4700:3035::ac43:c9d1 (United States)

ASN13335 (CLOUDFLARENET, US)
user-shield.com
www.user-shield.com
1    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    172.67.201.209 (United States)

ASN13335 (CLOUDFLARENET, US)
www.user-shield.com
user-shield.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
24 user-shield.com
user-shield.com
www.user-shield.com
1017 KB
2 gstatic.com
fonts.gstatic.com
46 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
832 B
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230
11 KB
25 4
Domain Requested by
21 www.user-shield.com www.user-shield.com
3 user-shield.com 3 redirects
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.user-shield.com
1 use.fontawesome.com www.user-shield.com
25 5

This site contains links to these domains. Also see Links.

Domain
yoomanies.com
vyprvpn.com
www.facebook.com
instagram.com
Subject Issuer Validity Valid
user-shield.com
GTS CA 1P5		 2024-03-18 -
2024-06-16		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.user-shield.com/
Frame ID: 103C404193091B875D44E79B7228857D
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ExpressVPN – User Shield

Page URL History Show full URLs

  1. http://user-shield.com/ HTTP 307
    https://user-shield.com/ HTTP 301
    https://www.user-shield.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

92 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

1073 kB
Transfer

1238 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://user-shield.com/ HTTP 307
    https://user-shield.com/ HTTP 301
    https://www.user-shield.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png HTTP 301
  • https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
Request Chain 23
  • https://user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png HTTP 301
  • https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.user-shield.com/
Redirect Chain
  • http://user-shield.com/
  • https://user-shield.com/
  • https://www.user-shield.com/
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c9d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb717accaad2a6a11af960186212e0a21c57c80be06834e47fa0c2161c4bd0fe

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8806253078f22c7b-FRA
content-encoding
br
content-type
text/html
date
Wed, 08 May 2024 02:50:58 GMT
last-modified
Sun, 02 May 2021 14:21:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=336ywTkXS9QVLr8knCpEYFWu5Fy%2B82dZIIsEms1aAmjb4%2FFHfLpoiuU2YI%2FDz9g17Oo4XfgO5f%2BCVcyjlVvtwXEkKblE1ll1jeMGfVYzlZL%2FH6F3PzEKA2W1lB6VF7t0JeoL8mgut0iMwU60CEq5h315"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-amz-id-2
w2dPN2FLP4BRe8+IYT2TKZxI/YQR1uhLrW4dJENZE+xyNJf184Hi8et57IDzqOgkCdvzTZ5NFCk=
x-amz-request-id
T7RZ7Z787VBWXSRP

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=259200
cf-cache-status
MISS
cf-ray
8806252fd88c2c7b-FRA
content-length
0
date
Wed, 08 May 2024 02:50:57 GMT
location
https://www.user-shield.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=umVcpapxOXqacZBAfT5f8m3SECWbxvhaWAXXioOU5rL%2F4xGMsi%2FHEwkH8NZwDQPCoK%2FvFo5nXd2mCW%2FOlSwtKyXYn1vWGJjE1pFgdaZNHordORHfBr%2BEQNpCu2QK92H3ux5sQjQsZahtsc5%2FGT0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
262wNnHxjWpBAKE583w6dzvZRaRgaVx2cBKVOdYNmGjP5qFqG8STjHZGqwkKvtEAucaCnZeNqOY=
x-amz-request-id
805ZPNZSBZ7FE65X
all.css
use.fontawesome.com/releases/v5.3.1/css/ 		48 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Origin
https://www.user-shield.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"10519cfd3206802f58315b877a9beab5"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XxHsKsLWmeUD7jgzyOL1CKoqAizzGiKJf29%2BuoUMTpsXmn9w0DJRGzW13F9S3Bus9VciDVg8cl5ybk5x52ov5UBpeNhYfuY1FHtpfXYhgjLaltBrpAOWeOn0zgxnrZrjhCJNZLyeX93KjmhUlGRQhD%2Fu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
880625315c592bf5-FRA
alt-svc
h3=":443"; ma=86400
style.min.css
www.user-shield.com/css/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.user-shield.com/css/style.min.css
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c9d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0954c5f6eefa10effbda76d0bee1b3a9b5f0c8979e0fb7570900eec46ff97c95

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
T7RTB8QT9V9GJ0BC
etag
W/"7faae07c7646174a3b7c1f3bfbe6ddd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NuIhYhdeqyHcw4HAXh%2FS5CkgCu9X6%2B2CPAgp8nYibO6Wdlsl5od7V5fanETyBbqX8RIwdwpW6I86olZG7EpoIEisdOnG47bg%2B72Lgo1xq0sNaaEwuKPUD8WZwaPSHisbCZfVU2HUFcAF7eXsjZ99AO%2FP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=259200
cf-ray
8806253139322c7b-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9nOr0vvXFgebiZzJEHPEkQ0oplvC6rC/lyPWi7yitgU4InQv0J5AW43r341Vg89v29s4FmDLxhs=
style.css
www.user-shield.com/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.user-shield.com/css/style.css
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c9d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29182a95446eebdd114d27a733a9503457356bb25e5fafb5db48af6cc17f872d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
T7RHNFHZN2HTW3QX
etag
W/"2a7077812db96f4c32e917ffd6d757dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lplA1Ftyhw54hsFn2oAetLTmtVhAW88a6%2BgdmjPeDdMRtVwDuUuTiW%2FKg75hqVwONw3ol4cLzXm%2FPjdf2uS4bOfHEleE2dvhK6M%2BjiyPqA8IhtSfGXfTB2gBGkbSdLGke4tELcg0X3ynzJaab9ENF0Tt"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=259200
cf-ray
8806253139332c7b-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KDf56jA4pdj1UGBxNO8t0JEWmKtOGUrQBnzRKb+gICcO0yBOuEMClsOPd4WzwvFHQ9UnMnK3EEI=
css2
fonts.googleapis.com/ 		1 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.6
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 May 2024 02:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 May 2024 02:02:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 May 2024 02:50:58 GMT
logo.png
www.user-shield.com/css/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.user-shield.com/css/logo.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c9d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab6927f972019bdf9dce65e83ff922516959844889dd7f5a275d6c0cee10ae9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T7RXEBFSE9P6WGW7
alt-svc
h3=":443"; ma=86400
content-length
23817
x-amz-id-2
BaC3THFbHAJ1lMKGlXd/JRrcuqoDep+XJlatc7qJimBb2VC2lD7pZ7z/WtE0DCPledgrUp2rSR8=
last-modified
Sun, 02 May 2021 14:21:31 GMT
server
cloudflare
etag
"34f405e6593dd834219764d101f3b1b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cMTW55byeiIOg2ZRGPD9xQrih8EVf9IZC1bISFUznnt48uW8B%2Bu7GSv59Gr3L%2FEWlZeO4BLopqhzj3pRX9YeBbLO9OzwGefqyie3RJpePzKU4TFeF2rvY7Dlr3OfUFSze1E5PCYSL2gChoEHOY6YpiSG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8806253139342c7b-FRA
sipka_dolu.svg
www.user-shield.com/css/ 		430 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.user-shield.com/css/sipka_dolu.svg
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c9d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00ed0aee33e8c27a383ea5bacaefd6e1bc850b65d818dd2d8cee4e1d7ea612d8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
T7RMH8J1RDGJVSYK
etag
W/"8bad87734ac6c834243fa4eb96cc1fe1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whvq%2FOhkOpu3Yabw1llbooR3As9E0P79g1jqtFgPCJlpRVj7Q%2FO7UXePOyC6T32%2BsMI9I%2BLPr5%2FhedWxUj2XlHCB6iS7Ah1DHsqqjdTs0Z9ndj9Wepq5Y%2Bdclr8U%2B5nxxRyVo%2BDDHWVCiFRcmbpt%2FWSS"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=259200
cf-ray
8806253139352c7b-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
REqaQsyYzBb6X8B4QkYjM77TFeqfxJIrE53LedPhSv4vIXsiKjmu4NZtUz7RKLVChoVM13OejWE=
check.svg
www.user-shield.com/css/ 		475 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.user-shield.com/css/check.svg
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba67f982489b6f325892d0598f370197e0ab4a72e3d63bb0b49464a1d610c281

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
T7RGAD6Y71N2X3ZT
etag
W/"751dc47835c0dcd08c9bccf2dd7338f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6PDeqorexsevInecrmQDHjqvpN4ZE7Utj1OwtzI2yir9Hsn04RfgVwxX7PPhLJUNcV0aOmoKBBzb5X2f7SwB8ptZnV%2BtbIcZD%2BVBNrTQmJHG4BXw%2FrSwnblXzq%2BzOtxvUcAEk%2F5b"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=259200
cf-ray
880625315c796abb-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
iVjYmTSffBKwm+wZO/3tLzzchijjGziuIdger/Mz2iEUSdy5nNEvaeas3wZ1sM6LpvD0i2EK2Uo=
hin2.png
www.user-shield.com/css/ 		820 KB
821 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.user-shield.com/css/hin2.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
767c37343152f2a04304e27082125e7d7c97e1a5b591111eb2f3037a8c0c33c6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T7RT4QHM79M281JY
alt-svc
h3=":443"; ma=86400
content-length
839572
x-amz-id-2
RgFd1+0Ig0+9Ej7o+0zGE0160HTsD9Cz6NJS40oxghRI+bdVzKh4iedQyhwsWaeNPGClztaeG6k=
last-modified
Sun, 02 May 2021 14:21:47 GMT
server
cloudflare
etag
"906e0da023360abb4d8897103a054a62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDQZrfOQVRr3WH0X18GbBuZBSFj2z5K3nGOPsPNfSVjbS8qU8qRJvaTd0u9vADIup94qa%2Fo9HPozCTGhdl%2BHAWsrCJNXeiEnCHOEB189SSYFFCgyFq8R72Iw1BYsscoc9taMC82I"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
880625315c7a6abb-FRA
image-from-rawpixel-id-517276-jpeg.jpg
www.user-shield.com/css/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.user-shield.com/css/image-from-rawpixel-id-517276-jpeg.jpg
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2291d85c12eeba69489503aa7e612992442ca9b7df8a19de0e834bb1ed7240

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T7RWHYHGSXQPJ4AS
alt-svc
h3=":443"; ma=86400
content-length
5212
x-amz-id-2
8xcwD+Gvr2+cpy6IOh/prPQDzmSriRUYMUn6W07tiPf23D7+hImLNuFhSCTvwqh7J/ISM7G9AxQ=
last-modified
Sun, 02 May 2021 14:21:48 GMT
server
cloudflare
etag
"46afaea5c4b3f9ba457965b7136c75d1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZdG1e5oHnlA9trzsuXo90PXGZqliFwHMBHhieJpcP81ua2npOyRq4VYLJkp3HcJnQm7CqIv7pZNhyJde4SFcHhrpZL1lOJsYghhiGaOhaY1uwIv4wMlS0nzV9RAMWmdNnWDTjCIF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
880625315c7b6abb-FRA
expressvpn-red-horizontal-rgb-a9fa82f51ee51859e9976a866a34409c900cbd7d097ff816053e39022d5d554b.png
www.user-shield.com/css/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.user-shield.com/css/expressvpn-red-horizontal-rgb-a9fa82f51ee51859e9976a866a34409c900cbd7d097ff816053e39022d5d554b.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf3f69848594e246144344257c90ad1ae0c72996558e48230bb510da6e8bbe5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T7RWCFPJWCXTQGGD
alt-svc
h3=":443"; ma=86400
content-length
19088
x-amz-id-2
IB7uxjkjTF2SEjQtx8nYDw2Y530SSMzaQM9vpV4hrSjM1vqPghlPACp5kkKxcgD0tdHoQfUiJjw=
last-modified
Sun, 02 May 2021 14:21:45 GMT
server
cloudflare
etag
"416a40191a644eee75eaf75e1403ce0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FXIT1GxLk3JSRH0N4OHZ1dYCwlequlzmUv%2F4q2kl876qUrPCNPNaSMuUtagOza%2BYoU1zq%2FZPiLxvtlbJoF7gX3kyndp1%2BRVrLJH9ksyLUJ2dErJY%2FYLyv1RxP2B7lDXhMRzVTQEY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
880625315c7c6abb-FRA
nord-logo-horizontal@1x.png
www.user-shield.com/css/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.user-shield.com/css/nord-logo-horizontal@1x.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e4a0abb6713c84cee64df2dde5cce1e6664e88666e72a8295839430320f878e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T7RRGHDBPHV390K4
alt-svc
h3=":443"; ma=86400
content-length
15195
x-amz-id-2
A6muO9qqhpfmh+7Q1tJWvQLrmqu/uw0qROmwrKD4IfDSuiIQ3WfXUOdFdDz8iTjpjA2qJw68wvE=
last-modified
Sun, 02 May 2021 14:21:31 GMT
server
cloudflare
etag
"4bcb5cbb750e000a3aaec4339681294d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1s7LnXjMiO0VtpwboFee%2BWI0RLFGbFhTS3GvE4DkvYF2y92oNFWut%2FmSGi7EF9aiS0Jyc2T9%2Buwbgn%2B%2FlVSrYkwUlONm0x1bItqg%2FbsajSZyya2dH7dXEHT3909E70GiHumvOY%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
880625315c7d6abb-FRA
vyprvpn-logo-2.png
www.user-shield.com/css/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.user-shield.com/css/vyprvpn-logo-2.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b1cb9b225e4c97881b8b9b15dbbe61e6490e06805607687115fc84cf03c854

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T7RN1SF6Q0D1CZD8
alt-svc
h3=":443"; ma=86400
content-length
22632
x-amz-id-2
BUWJi+/H6L70fFUhiFZDaNpss0TSLu+OHUokWzr0ad0ufSiqBXIUMLh9px42RIXCB9KuWDcYQls=
last-modified
Sun, 02 May 2021 14:21:35 GMT
server
cloudflare
etag
"1840de928287d59667206e66cadc590f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KuIhrYLGBDLVDJeMK7wh2tcrVQoGomEueNPBoTLe5Huz3RejMylJGMRaMj7To%2BarhrPMANbmBE9%2Fx0c8w6oq8EtUNhXA9Xk%2FW9tM9TjAhI9%2F%2FR4GyLcIgDmsvLMxKHg7gyPZ8iri"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
880625315c7e6abb-FRA
surfshark-logo-2-e1607026411694.png
www.user-shield.com/css/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.user-shield.com/css/surfshark-logo-2-e1607026411694.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e175117bec697b51e9cdc535726c18cf86edd25ff097e4c98a173f549abc8c3d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
87H0GN6ARR36QSSJ
alt-svc
h3=":443"; ma=86400
content-length
20797
x-amz-id-2
9bikc+bEQECr9wwECHxATilJdsJndnonJW1TJVKMeT3Lu2z2SOOR/Djo9Kxb6b7cdyNqqWZ3PJM=
last-modified
Sun, 02 May 2021 14:21:34 GMT
server
cloudflare
etag
"c55a4c83819b44d0542a0be5f025f84f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Be6SBSvPVFy6eIcjBpNNXDAcDXBG2erFzZvNLi%2FbXBmrQuEOTrM0LvDR6zdTeDmsAxcewrAUGmjs8WlqXD5UPguDjF6DTzWf8VfIH6xTluPrJ9eaXwSwmb0ClaJHZ%2BzIzkh5KIrZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
880625315c7f6abb-FRA
CyberGhost-Logo1.png
www.user-shield.com/css/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.user-shield.com/css/CyberGhost-Logo1.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db973644ca34e16dac4b469ef7ea2393f36204f7782205c7d56ac8b2ab29e2c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T7RJP367QZ2YV82N
alt-svc
h3=":443"; ma=86400
content-length
19648
x-amz-id-2
PLbN8VaiXGOMVPpxSYN7qKO2FsWlBUaEPNELGzXSjq6z8321X9G1N6Cu/FVIeAFHkWqqfd3KWRA=
last-modified
Sun, 02 May 2021 14:21:45 GMT
server
cloudflare
etag
"111c2a1086cb006ed6521e4d17b4f62d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9aMAN0unELYYdS0Dh%2BQFCdYudBA%2FWY9MIbDfZJA8eOJdsPc3D%2BRzAXv6vtn7%2FAb7rwzabehqnQ3NVHIiABql2vAYqW1QhThPfdZmq3Bx51qeuM1Jnrt01qo7sYK1srqvBO3KCnl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
880625315c806abb-FRA
fb.svg
www.user-shield.com/css/ 		627 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.user-shield.com/css/fb.svg
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f163af3109712d394f378cdacdb37b8e064aac256b1ff8ca3aa001bf7c617121

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
T7RPA20X8SMR9TTV
etag
W/"72d89eb0dbcc43a4db538207677bfee5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JyrFuWlQ%2F65wWdh81hB1IC5JxB2TrSU5hqL%2FWmcEJDBus10WqSeyIHJg2RXlNXwSfwb9nePS%2FiE7a3r6GBiHm5jw5xPOMABsIuZzsH4j2CvWbs8ZmfQvo4IbFeDiJSvlkXsApxGN"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=259200
cf-ray
880625315c826abb-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ExD879yjYZMbJ935sKYDdUdDkyQZEdDF5hfgcSfjBoDrPavrRZ1wn1L/Wn5g/VIxaaRiKhWw8BE=
ig.svg
www.user-shield.com/css/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.user-shield.com/css/ig.svg
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e9fa8c7bff1e890d8d1b565d067fb5c74134310a4467ed24164ef8d7d11d82

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
T7RSSW1JGF0776B0
etag
W/"829734b4dd3cc5185d11a8094c43dcf3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kynFggQd6fBT7nbsohS%2FhDVYUxJuOXTEGSL%2FftMXIn%2Fic3rIoOVuZsgsem2bEEa9qFn3qoTosMPWLv4pWbPUQP57S85xWEbXLyOtnVaGVlBt0buzNj%2ByAv%2F1U6%2B%2BT4dWyNvs9LyW"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=259200
cf-ray
880625315c836abb-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Mn0209x3T+yD65qFHJmWADbzin/6V8JnFWsNjcfNmR5bz916ZfSLEArWt+oBxvkcfLMX+Y9dG2A=
rocket-loader.min.js
www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Apr 2024 15:20:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66310c39-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jWKbfHgwOl%2FqVPVYHhEfXYJc%2F9FUeJyqLAXXCgOD9OhxeyynAFwgvxg3rHl3MUdyx6dTGCPTGO6SmCRvd%2FeZLKSi1XmANT7LBq69bRfiQFlOXPGvf4wyl0yGaD1NWYOa4%2F0Tt1JB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
880625315c846abb-FRA
expires
Fri, 10 May 2024 02:50:58 GMT
wp-embed.min.js.download
www.user-shield.com/css/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.user-shield.com/css/wp-embed.min.js.download
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd0e2dc8b2a14ec39296f54b2ec89a9853ba9cfa6b7ea83dff47f4b8729c504

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 02 May 2021 14:21:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
T7RHA2FF82F9S0HV
etag
"0213d275d45337bd69a05685c5c4a787"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PpLJIcVNM%2FRyjczb%2F2yPym%2B1S%2BcPsjFhvyWkUlvpL27GjTonYTHzYaAs2tPV3ajrOk8Bs2Y0iJZwgHMKsDQokFUxD6NnD%2FtUnMLSp6NhaHCtzZvXgQfi5%2B1DQpFmin6e2mkxhfuu"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
cf-ray
880625323cc76abb-FRA
alt-svc
h3=":443"; ma=86400
content-length
1435
x-amz-id-2
tJveoGN9BX6YGiTL7r19tnE/DETsQd2amFZlz12+0RUpXH1jzx3rsxJ2hlUe5wfIEuSntOXjn8w=
ta.js.download
www.user-shield.com/css/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.user-shield.com/css/ta.js.download
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1710ac628798b8634f33cdd6ee64f7ec804290d034f826ebd6328109db542e57

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 02 May 2021 14:21:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
T7RYYNZVSGYTM8MW
etag
"6ec76a68447d4e171e62dfc675b5aa3b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NZqE%2BEgXEDg7qb1RnKBvoTh1hy28%2BFlxks4S7PEGKSxg%2FxeMgAeiRZFRP7BPlDLLpD44dg5sDFkYA%2BFIFSRObqF%2BztxDN3QD%2BINmSqqIw7B819zzroe1X0KT3arOqjTyafCWQ7kY"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
cf-ray
880625323cc86abb-FRA
alt-svc
h3=":443"; ma=86400
content-length
4296
x-amz-id-2
7SyG5aisIeG0aDB6ywb7d7sCyf70qjPzLkr+q0EX3aFMwJd3jfAORmoJDzetVnZ172lT/3JOfVE=
jquery.min.js
www.user-shield.com/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.user-shield.com/js/jquery.min.js
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.user-shield.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
T7RRNH675FS6J1BS
etag
W/"5b5a269bd363e0886c17d855c2aab241"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BK19TTHVzbLaZKtxost%2BUx7EXdwVYyuk%2Br6n3n11ALYapnvh5r3eLdfmAVMd0v%2FY7w5I6mOp6O7XfGLPwWGciLxA1KMPvLdtPjWwPOIm%2BTbx5CHVhE%2FLX%2FPZZwnvTM6SVKYIUB4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=259200
cf-ray
880625323cca6abb-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
57MP6u1V1AasQcggdRe48BeguXHx0J44iLWw+q9DWjk/vzsT9gKxD57gTq31gvcTnHMUDrzWiLk=
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.user-shield.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 08:02:21 GMT
x-content-type-options
nosniff
age
67717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 08:02:21 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.user-shield.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 19:07:30 GMT
x-content-type-options
nosniff
age
287008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 May 2025 19:07:30 GMT
cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
www.user-shield.com/wp-content/uploads/2020/11/
Redirect Chain
  • https://user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
  • https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
403 B
814 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
Protocol
H3
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cf3b015c938339a820e6327c5d3dbcbb0ffddc0cfe39563d65248c205768e92

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
T7RRSFQX60FTMHPG
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTeJ%2FZvUElkdfDR8v74aFPReQxev0W9bj1nYCAfbtVMwyGPBxVjNZZhJ%2BBD2eb8YvEbikYuf2dsV2ELqogSbKBaYepxzHD%2FparPvfk%2FVYFIKZevQuH66KMFzQQbVvEiWxX53nUdS"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=259200
cf-ray
88062533cd626abb-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KqUhDTG7fLNkQJ8bRzPwtdZVt+3hjWtxmIZAAZvYXAkjBVpG5PPRS9B9jio3c5c6CX+0asQmDHE=

Redirect headers

date
Wed, 08 May 2024 02:50:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
T7RXZXVFK0TVWT88
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ku3jIZ8Xg1uMR2SeX7QT7ftWL9nDijjroCJ70VZVYHvE7CXyaGyVtQVJGuk0keC6EF1vAFqIUgE54foikPfyw29%2B4MOwcEVrNO70AwDV%2FUGw2V6ZAEYOE2RyaBbg3fqA8w%3D"}],"group":"cf-nel","max_age":604800}
location
https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
cache-control
max-age=259200
cf-ray
880625335d436abb-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-id-2
pw1oiyyH29wrN9lnwIsq03s4RqOtgu24D00Z20eibmh24/h4sU+q44jQCWmUUjF9DsQshgbc5tY=
cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png
www.user-shield.com/wp-content/uploads/2020/11/
Redirect Chain
  • https://user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png
  • https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png
405 B
807 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png
Protocol
H3
Server
172.67.201.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0f5a67c7164fe97663b8f7b62490087c31abf17be263f1e3827e049c71c7800

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 08 May 2024 02:50:58 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
T7RP36CF4KVBFM2W
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=21pYV6vbpDnq1vl0hCneoRiQqaM9Xu0pABOlCB3%2FIz57eYJ2VGGdLYn2xSRGxxRHdIHVcAkWS3U1c3gsL6MPBUgAXbCJ3eLf%2BMx43JwtpBHn1ZviiOMbW3CaPGxl7UxEKv0scaXc"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=259200
cf-ray
88062534edd06abb-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
uNfZfde0UNjATCWYsaVcbolVdOQSKCJEPC/QgsA3jTozLMeKZuui+w1Deh+VvxnvLySQeCwIALY=

Redirect headers

date
Wed, 08 May 2024 02:50:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
T7RS09HZBHDRZQAJ
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=65bI5AtrpiugFQl0Myjw16me4nKIL0T5Q%2BBGnDoWhEbcCDZVtSsUv6Uuc4L5vp%2FqL6r6sFbpkdb8Eb4E57lA5Q6ZgY6I0wzEVjBXGBnEVOf2%2BSzL4OotEkIOCjYP4YcPKmI%3D"}],"group":"cf-nel","max_age":604800}
location
https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png
cache-control
max-age=259200
cf-ray
880625347d996abb-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-id-2
otvVtTgEcA+a0DX1j1EesL07Z1/k2cJbeDcUTam8mAyCaIVq/FEa6gJ4568LgR+BSEeRTYQhyd8=

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR function| $ function| jQuery function| createCookie function| readCookie object| thirsty_global_vars object| thirstyFunctions object| wp boolean| __cfRLUnblockHandlers

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
use.fontawesome.com
user-shield.com
www.user-shield.com
172.67.201.209
2606:4700:3035::ac43:c9d1
2606:4700:3036::6815:1b98
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
00ed0aee33e8c27a383ea5bacaefd6e1bc850b65d818dd2d8cee4e1d7ea612d8
0954c5f6eefa10effbda76d0bee1b3a9b5f0c8979e0fb7570900eec46ff97c95
1710ac628798b8634f33cdd6ee64f7ec804290d034f826ebd6328109db542e57
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
29182a95446eebdd114d27a733a9503457356bb25e5fafb5db48af6cc17f872d
2db973644ca34e16dac4b469ef7ea2393f36204f7782205c7d56ac8b2ab29e2c
4e4a0abb6713c84cee64df2dde5cce1e6664e88666e72a8295839430320f878e
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
767c37343152f2a04304e27082125e7d7c97e1a5b591111eb2f3037a8c0c33c6
8cf3b015c938339a820e6327c5d3dbcbb0ffddc0cfe39563d65248c205768e92
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a2291d85c12eeba69489503aa7e612992442ca9b7df8a19de0e834bb1ed7240
ba67f982489b6f325892d0598f370197e0ab4a72e3d63bb0b49464a1d610c281
bb717accaad2a6a11af960186212e0a21c57c80be06834e47fa0c2161c4bd0fe
c0f5a67c7164fe97663b8f7b62490087c31abf17be263f1e3827e049c71c7800
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d5b1cb9b225e4c97881b8b9b15dbbe61e6490e06805607687115fc84cf03c854
dab6927f972019bdf9dce65e83ff922516959844889dd7f5a275d6c0cee10ae9
e175117bec697b51e9cdc535726c18cf86edd25ff097e4c98a173f549abc8c3d
eaf3f69848594e246144344257c90ad1ae0c72996558e48230bb510da6e8bbe5
efd0e2dc8b2a14ec39296f54b2ec89a9853ba9cfa6b7ea83dff47f4b8729c504
f163af3109712d394f378cdacdb37b8e064aac256b1ff8ca3aa001bf7c617121
f8e9fa8c7bff1e890d8d1b565d067fb5c74134310a4467ed24164ef8d7d11d82