userscloud.com Open in urlscan Pro
188.114.97.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://userscloud.com/edwpyhwi2hs4
Submission: On May 23 via manual (May 23rd 2022, 1:51:10 am UTC) from SE — Scanned from IS

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 14 domains to perform 63 HTTP transactions. The main IP is 188.114.97.10, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is userscloud.com. The Cisco Umbrella rank of the primary domain is 498267.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2021. Valid for: a year.

This is the only time userscloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	188.114.97.10 188.114.97.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
1	172.64.156.26 172.64.156.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
3	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
4	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
3	172.217.23.106 172.217.23.106	15169 (GOOGLE) (GOOGLE)
3	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
6	104.21.45.207 104.21.45.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.66.248.38 18.66.248.38	16509 (AMAZON-02) (AMAZON-02)
4	188.114.96.10 188.114.96.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	157.240.236.35 157.240.236.35	32934 (FACEBOOK) (FACEBOOK)
2	142.250.185.109 142.250.185.109	15169 (GOOGLE) (GOOGLE)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
3	13.224.194.145 13.224.194.145	16509 (AMAZON-02) (AMAZON-02)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
63	17

13 188.114.97.10 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.156.26 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f10.1e100.net

content.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

betotodilea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.21.45.207 (None, )

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.248.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-38.dus51.r.cloudfront.net

wfordsgoo.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.96.10 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

dinterperson.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.109 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.194.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-145.fra2.r.cloudfront.net

d1nubxdgom3wqt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	google.com docs.google.com — Cisco Umbrella Rank: 127 apis.google.com — Cisco Umbrella Rank: 100 accounts.google.com — Cisco Umbrella Rank: 82	434 KB
13	userscloud.com userscloud.com — Cisco Umbrella Rank: 498267	321 KB
7	wfordsgoo.xyz wfordsgoo.xyz	8 KB
6	freychang.fun freychang.fun — Cisco Umbrella Rank: 21790	303 KB
4	dinterperson.xyz dinterperson.xyz	1 KB
3	cloudfront.net d1nubxdgom3wqt.cloudfront.net	2 KB
3	betotodilea.com betotodilea.com — Cisco Umbrella Rank: 60069	31 KB
3	googleapis.com content.googleapis.com — Cisco Umbrella Rank: 1808	1 KB
3	gstatic.com www.gstatic.com ssl.gstatic.com	627 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9438	543 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	39 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1192	5 KB
63	14

	Domain	Requested by
13	userscloud.com	userscloud.com static.cloudflareinsights.com
7	wfordsgoo.xyz	userscloud.com
7	docs.google.com	userscloud.com docs.google.com www.gstatic.com
6	freychang.fun	userscloud.com
4	dinterperson.xyz
4	apis.google.com	docs.google.com apis.google.com content.googleapis.com
3	d1nubxdgom3wqt.cloudfront.net	wfordsgoo.xyz
3	betotodilea.com	userscloud.com betotodilea.com
3	content.googleapis.com	apis.google.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	accounts.google.com
2	www.gstatic.com	docs.google.com
1	my.rtmark.net	betotodilea.com
1	www.facebook.com
1	ssl.gstatic.com	www.gstatic.com
1	www.googletagmanager.com	userscloud.com
1	static.cloudflareinsights.com	userscloud.com
63	17

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
betotodilea.com R3	`2022-05-02` - `2022-07-31`	3 months	crt.sh
wfordsgoo.xyz Amazon	`2022-05-15` - `2023-06-13`	a year	crt.sh
*.dinterperson.xyz E1	`2022-04-28` - `2022-07-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-01` - `2022-05-30`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://userscloud.com/edwpyhwi2hs4
Frame ID: 9DD271BC3D48BDB4517295DC591267B9
Requests: 37 HTTP requests in this frame

Frame: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
Frame ID: 574D2718F319F29EEBEA890D6E060F42
Requests: 15 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.8taxElQtOO0.O%2Fd%3D1%2Frs%3DAHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A%2Fm%3D__features__
Frame ID: 9397C9633E3EC8BF20E8048243E53E68
Requests: 5 HTTP requests in this frame

Frame: https://wfordsgoo.xyz/TE50eFItLBcVbS1zFl4nPiJJXWAKa0Y+Nn0gARoqKCkbFWE7PwBWMSAhARw0PiEaDHwiKwBdYAoDFj0iHgEzFwIGGk0dBB4pHjYDGi0sMCIlDTJNGQUNPiAQDjZHKGJ4ez4CIiMoJUBkAxkhHRokFwEaEyQDNTshaXwyIGMoBTgCay4YRUkhAQgDMQcUe0csECMKPS8qFgYlPT0cCDU2FiYDRDA6dAAQAioUCzUtPxwYGCgKKzYfPj48BBE/Fx0GJS05AhgXHBp+dx47Ex0XFkofBRlFADkVHEUiHiF3HjsQfAg+PzEBGkVAGygPBBkUBDYYPQd1KxESfw4HMx8TOgQYSBsONzkUGhopBR5gBR4mPmt0KjUIMx4NMU0GDS01GmACeSBJZ3oeIj0QDxlNEhENfj4zBjwWJUg+eBciCxEEJyFAChl3ETwVJwwmPionFCUMARoZJhURJ3cRHTsGFDA5YngBNkkLByBNERZ8HBIeGigAIkliaiQHFzw8cxoOAQc+TT03Gj1A
Frame ID: 0E8C4B0A706E63D64A343C08E430E711
Requests: 2 HTTP requests in this frame

Frame: https://wfordsgoo.xyz/OUFMM2dYIy9eWFh8LhUSSy1xFlV/ZH51AwgvOVEfXSYjXlROMDgdBFUuOVcBSy4iR0lXJDgWVX8lGAELbRQhBxR7K3wDMm0yDX1VABsqAiFTG31LF3g4DQomfXgZfiB0JgNKCAwPfUQxdRAoAyBTFAJRCnMIBUQAAA8afRd9BXxLMgp0HH4NYAwvX1YICyQHAHgseEkgaggAYw1WCwBhJgslDkASbwV4CiF6GApjHXcNKmBeVCcKBhZucwIFIGoYBH0dCRscdh9RGCtyUG0GClo/CngEalRdJQhmH1EYJFgKe3MaXjQKNj5XCnskAgJeVyR8R15uFWF6DnEoAX4tfSIBeSZ4LygCEHMZC3ELaAk0VQNUAylpEHB2BlQqUxULdjVqcn1pN0MyCngMQSkVVAxIAiZUXmtzPFE+QwQLYzZgZH5xKQk1dX9VTTMde15xG351MF0qKFg+fDV1ZDR4Ow9wU1sOIlcEehc0VD1sA3RrVGwvGQBTHys/XAlJfC8CKU0CJlZVYwUY
Frame ID: AACA1474523F5A618159255C0E1BDE99
Requests: 2 HTTP requests in this frame

Frame: https://wfordsgoo.xyz/RVphNW4kOAJYUSRnAxMbNzZcEFwDf1NzCnQ0FFcWIT0OWF0yKxUbDSk1FFEINzUPQUArPxUQXAM5N2JfNQs2eFwEPQJbNgYfJHE2PTg7cxoUPg13FAciDkAqFgwweCo2LTF2HQgcIA0DBwkJWyg8YitjJgMcLmQZDRANABQGGwJcNigILXYtEBgAcwIVFDN4WAc2MFIoAT0xdy0uHy9NPwgAGWxeEBswQCkRLSN3PQcdO0waJjhQexkdaw1FKAEtJXE9cQ8rXgYnOTAFBhYcFU07KAwlYjkXCycFBic5M2RWBGtYBDwoAxdhJgsOLWMaITskbwAdC0xSFgAgCnwmLAsjZQkUPjtzKxENJ0VcEQ07VzoNFDVTPxwYL2RacAknRi0XNwVRLBY9KHgrLTgCZD8yHgZ8GxY0I1M5FhMtfxkMHytwNCsRUHNaEQ03cTYdEANXKws/AgU0KwIzWgkHDjBTLwIIM3BfLTsFXl8oDVENXh03MBMENjUPRVMcIDJcKCAPDUYGBA
Frame ID: 3E0385EACD9F12202C21058DECC63254
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Userscloud

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

97 %
HTTPS

0 %
IPv6

14
Domains

17
Subdomains

17
IPs

5
Countries

1793 kB
Transfer

3833 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request edwpyhwi2hs4 Show response
userscloud.com/ 453 KB
171 KB 597ms
388ms Document
text/html 188.114.97.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/edwpyhwi2hs4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7abb447a7894fb16ecfd240eb6555ad431656e7b82065d9b7e6073480936004e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70fa24f9adc2975d-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 01:51:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sun, 22 May 2022 01:51:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXW4eJKPPqY98N9aZ%2Fo%2F7igEelF7LV54NOWmauDLMg%2BCwcmOhwd%2FItkb1uUNKr9Y5sBIgpbWWMfHTbhOyBuwkaYcOoSMgRk733uSDFSNWk1rblLYYOZiMyzzMXRl49YaNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0;includeSubDomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 font-awesome.min.css
userscloud.com/uc/vendor/ 23 KB
6 KB 154ms
153ms Stylesheet
text/css 188.114.97.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/edwpyhwi2hs4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 587088
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:50:50 GMT
server: cloudflare
etag: W/"5ff0965a-5c79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDlYtyE%2BS4pJVik0r5h9wnjj6Llo8P50CaK17FetQZ55ENIUcRJmeVBUKwW6Z5YFY9lfMyr7xMJsZg0iJm4eFevTG2HeZqb1aIdNLLdVAitZwG0HN6Pp3gfMAlOG7SMHvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 70fa24fc3842975d-AMS
access-control-allow-headers: X-Requested-With
expires: Wed, 15 Jun 2022 06:46:17 GMT

GET
H2 200 bootstrap.css
userscloud.com/css/vendor/ 110 KB
20 KB 155ms
154ms Stylesheet
text/css 188.114.97.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/vendor/bootstrap.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/edwpyhwi2hs4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 587100
cf-polished: origSize=113031
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 May 2017 15:12:22 GMT
server: cloudflare
etag: W/"591db9d6-1b987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhmxELOeiZdcaMh7CJjPzxioQGWzfy0EgbP%2FWNFYle5FqJQjyFWApSD6wz8X7YN0wukBGktwr%2BBrT20X%2BGp2qvmTbAHssjSknAY7WEfY8DTQTI0TjKUOeyLA6WGv%2BRbieA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Wed, 15 Jun 2022 06:46:05 GMT
cache-control: max-age=2592000
cf-ray: 70fa24fc3843975d-AMS
access-control-allow-headers: X-Requested-With
cf-bgj: minify

GET
H2 200 essentials.css
userscloud.com/css/app/ 46 KB
8 KB 154ms
154ms Stylesheet
text/css 188.114.97.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/essentials.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/edwpyhwi2hs4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1700939
cf-polished: origSize=47095
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 May 2017 15:13:10 GMT
server: cloudflare
etag: W/"591dba06-b7f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBgGr6RVT9e%2FZVrxmKmEPNr9nYZKnzjPQIVe08bvrq3KCcdvA4jcQPbjUfY341plBwGw4fVQV%2BdFZ%2FK7GgUMf44agtEwskuULaFnMLYH8YZCxcaXaP74FsVgaNxada3iNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Thu, 02 Jun 2022 09:22:06 GMT
cache-control: max-age=2592000
cf-ray: 70fa24fc3844975d-AMS
access-control-allow-headers: X-Requested-With
cf-bgj: minify

GET
H2 200 layout.min.css
userscloud.com/css/app/ 6 KB
2 KB 154ms
153ms Stylesheet
text/css 188.114.97.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/layout.min.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/edwpyhwi2hs4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1700939
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 02 Jan 2021 15:52:04 GMT
server: cloudflare
etag: W/"5ff096a4-17d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAjcFh2cqF2G4XqLfKMy%2BXWRnTpEXyRNkracZ6yWtP8HrebscV9c5SvR94ER9JHjEa62amAiT3rEW6mHJLdRJPwtWA8Gz%2BPJsX4rhYTy2XGLYoiA83XjA46KgIuSuNp07Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 70fa24fc3846975d-AMS
access-control-allow-headers: X-Requested-With
expires: Thu, 02 Jun 2022 09:22:06 GMT

GET
H2 200 navbar.css
userscloud.com/css/app/ 21 KB
4 KB 154ms
154ms Stylesheet
text/css 188.114.97.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/css/app/navbar.css
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/edwpyhwi2hs4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290710
cf-polished: origSize=21572
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 May 2017 15:14:54 GMT
server: cloudflare
etag: W/"591dba6e-5444"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adA3MtxPp5yXHUTIlMYbSDQ0r59rgXWyliI1SIFHJRln%2FgSZD0tGSDuCn0euXJZZKJSKL8nShKtqUS1cNucMSlT6WCDSi1X6%2BujSXTfc9TmrmzAMmdsQsViqoOv9sAjXAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Sat, 18 Jun 2022 17:05:55 GMT
cache-control: max-age=2592000
cf-ray: 70fa24fc3848975d-AMS
access-control-allow-headers: X-Requested-With
cf-bgj: minify

GET
H2 200 gview Show response
docs.google.com/ Frame 574D 9 KB
4 KB 614ms
392ms Document
text/html 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true

Requested by

Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

GSE /

Resource Hash

1e4761a2891bcea0fe7c1d190004e9b86eac17f78114fd8f104f9e1d929f02e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sUTLlPqeXd7v5P69APOkOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sUTLlPqeXd7v5P69APOkOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
date: Mon, 23 May 2022 01:51:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 logo_s.jpg
userscloud.com/images/ 2 KB
2 KB 106ms
106ms Image
image/jpeg 188.114.97.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://userscloud.com/images/logo_s.jpg
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/edwpyhwi2hs4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:05 GMT
access-control-allow-methods: GET,POST,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1700939
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1624
last-modified: Thu, 17 Dec 2020 16:14:49 GMT
server: cloudflare
etag: "5fdb83f9-658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyo2Kf9O4lKshrhT3rOdaSDZpQnHHn1bRpE5uqrv0cDf6scIcFveYW58kT1cxuvCicIbm5%2BMzVO0VI7RdR1w%2FTpHrsvVBZ9H3drTGBNzeUIOCMvmEOfhp1qI4yd271iglg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 70fa24fdd8aa979d-AMS
access-control-allow-headers: X-Requested-With
expires: Thu, 02 Jun 2022 09:22:06 GMT

GET
H3 200 rocket-loader.min.js Show response
userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 198ms
198ms Script
application/javascript 188.114.97.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/edwpyhwi2hs4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 May 2022 19:29:40 GMT
server: cloudflare
etag: W/"6283f7a4-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7%2FZzmcyAYYTlXW2akCEJRMxDD7whkMHQdy4pNk9r9EGR1M0sR%2BYvu1o0iCd%2FdaQguO22FpyXJ7U8D4lxLw8vTEcR9j6RSJUl%2FHxxUUUVDbASyAWF%2FlTVIrtHMP%2BuQDCBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70fa24fdd8b5979d-AMS
vary: Accept-Encoding
expires: Wed, 25 May 2022 01:51:05 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 333ms
125ms Script
text/javascript 172.64.156.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.156.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://userscloud.com/
Origin: https://userscloud.com
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:06 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 70fa24ff28df0099-AMS

GET
H3 200 fontawesome-webfont.woff2
userscloud.com/uc/fonts/ 55 KB
56 KB 113ms
113ms Font
font/woff2 188.114.97.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/uc/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: userscloud.com
URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://userscloud.com/uc/vendor/font-awesome.min.css
Origin: https://userscloud.com
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:05 GMT
access-control-allow-methods: GET,POST,OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 586877
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56780
last-modified: Mon, 14 Dec 2020 20:14:38 GMT
server: cloudflare
etag: "5fd7c7ae-ddcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbEv%2FIDGbE8yCOMFHpeV5vPL5%2B9u1Mrla3Zk5LzxbH%2BALqIWuY7%2F2olMWgn00QDPVVPgarcNgwuibwfwb9iQR7tbdLe7hVsM4sWFSd7YwfOqN5tGO8w8XWhNnwG9g2wBkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 70fa24fde8b9979d-AMS
access-control-allow-headers: X-Requested-With
expires: Wed, 15 Jun 2022 06:49:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 334ms
116ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-70768172-1

Requested by

Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e7493cd8a31ae229762ea360bd4332492861a2a4ee6c3e232a086df61757383f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39161
x-xss-protection: 0
last-modified: Mon, 23 May 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 23 May 2022 01:51:06 GMT

GET
H3 200 bootstrap.js Show response
userscloud.com/ 35 KB
10 KB 107ms
107ms Script
application/javascript 188.114.97.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/bootstrap.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/edwpyhwi2hs4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5894
cf-polished: origSize=35778
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Dec 2020 13:26:43 GMT
server: cloudflare
etag: W/"8bc2-5b75dfde473c8-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oG2PMkBYAWoJulIEqCfaiwQBHNSddPJ3dXAwNC5rhUMlF3bXAMjnp%2BY7dB8Nth6fW%2F4Mv3MkXoABhDVKh%2Bb6EvXqZUSltrt04x%2F2yS3DFIf7jyUPb3AcAdc4iMwQQD7Emg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=259200
cf-ray: 70fa24ff3991979d-AMS
access-control-allow-headers: X-Requested-With
cf-bgj: minify

GET
H3 200 de.min.js Show response
userscloud.com/js/ 10 KB
5 KB 106ms
106ms Script
application/javascript 188.114.97.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/js/de.min.js
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf57ad31292cf2771a7126437a37465a818dfb3e98520671db8da48e3212e4e

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/edwpyhwi2hs4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577130
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 09 Feb 2022 08:13:30 GMT
server: cloudflare
etag: W/"620377aa-29fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDDg6bQRDA56uVMzCyV%2BvQhxmelEOL8Me1jb4IGXideboOWuBXGbss92cmgvTP50udjmtzv9ZigludN%2BFSZNmZ%2F2y4W7VKi%2Bc2%2BY8SMuKh5GXRSU1OcBQVGUUXoQ4pxZ7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 70fa24ff3992979d-AMS
access-control-allow-headers: X-Requested-With
expires: Wed, 15 Jun 2022 09:32:16 GMT

GET
H3 200 jquery.min.js Show response
userscloud.com/assets/library/jquery/ 91 KB
34 KB 118ms
118ms Script
application/javascript 188.114.97.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userscloud.com/assets/library/jquery/jquery.min.js?v=v2.0.0-rc8&sv=v0.0.1.2
Requested by: Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/edwpyhwi2hs4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290709
access-control-allow-methods: GET,POST,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 May 2014 12:12:31 GMT
server: cloudflare
etag: W/"5381de2f-16b88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxgoQT1YZsVqcEGAnTLArK%2Bzm9iJ3P54oJ888xHZUBuOXW40jcHz6BBaEMLTF%2FyZ1sGcYfbU7Z7YgqzTdm4kWRiDq3YoNmQBHYfVOcmr26tM%2BXDrST1bwmSoRJeXr5glug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 70fa24ff3993979d-AMS
access-control-allow-headers: X-Requested-With
expires: Sat, 18 Jun 2022 17:05:57 GMT

GET
H2 200 rs=AC2dHMKI48TJdAI8ZM6PWvGLspr4l916Yg
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.dft-w7U5DvY.L.W.O/d=0/ Frame 574D 174 KB
175 KB 329ms
105ms Stylesheet
text/css 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.dft-w7U5DvY.L.W.O/d=0/rs=AC2dHMKI48TJdAI8ZM6PWvGLspr4l916Yg

Requested by

Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

1397f43efd4895302bfbde46e8a59ba41bcb17db65205377b5fead4b881408e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 May 2022 19:06:07 GMT
x-content-type-options: nosniff
age: 542699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 178671
x-xss-protection: 0
last-modified: Thu, 12 May 2022 19:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 May 2023 19:06:07 GMT

GET
H3 200 thumb
docs.google.com/viewerng/ Frame 574D 115 KB
115 KB 376ms
167ms Image
image/png 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://docs.google.com/viewerng/thumb?ds=AON1mFwnESSi9J56SSX-hegZWB7hO4BJ21eBW1AXp14KM6_FFqARPPbBUkeU_HMC9B9gtggJfSNQXvEIit3kmDDoFQRPlkWHgcBIGUarJdVRAOkFg7R61uDH-fC25vu68I80iZcrzpl9mIbi7ti2CPyDSOu20xvF4IwFthANOtB7QIcV7LKVMff4690eNpioci5DiIMSBOcAFf9AGb0I8KnQj-7det-wvgUtDAeoJOzyf3p3cM7k9OnF7XS_rSiWprrW_YuZYv9TihCvzuJ8wHw7MdexjGI9gfIk7WwmMX_yRRt0xghMgjuo7JSvdgrdxg5hFQJP6Eugbuu3BvJYTIDGY1BtLTRzQYj7wSfUF92VjSSHxfSvhUQ%3D&ck=lantern&authuser&w=800&webp=true&p=proj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

GSE /

Resource Hash

b602f60086baca8ea3702b236977564903e94e7cc6ab373c7fa1a7f09676637f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w2OPe3Y9bnrHngqQUHqq-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:06 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: private, max-age=300
content-security-policy: script-src 'report-sample' 'nonce-w2OPe3Y9bnrHngqQUHqq-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 23 May 2022 01:51:06 GMT

GET
H2 200 m=main Show response
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/ Frame 574D 1 MB
405 KB 656ms
433ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/m=main

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

7707e6a89da61b6a3d8444083979ce915046842e05ca151bf4f652cfc6776dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:44:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 414058
x-xss-protection: 0
last-modified: Thu, 12 May 2022 13:08:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-viewer"
vary: Accept-Encoding
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 May 2023 08:44:32 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ Frame 574D 14 KB
6 KB 335ms
114ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

sffe /

Resource Hash

3598a9ee778aeaeb5293e246e3d2939d92edc82889becca991d5be56f9ab1568

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Mon, 23 May 2022 01:51:06 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "bf0d2e739b795f09"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 May 2022 01:51:06 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/ Frame 574D 313 KB
106 KB 325ms
106ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

sffe /

Resource Hash

d55db21d4ee05507a028a1d46c52ca0bdb7d1db711cbcb5040233a865d25bf08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 May 2022 03:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108243
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 May 2023 03:31:46 GMT

GET
H2 200 v-sprite43.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 574D 106 KB
47 KB 112ms
106ms Image
image/svg+xml 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite43.svg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.dft-w7U5DvY.L.W.O/d=0/rs=AC2dHMKI48TJdAI8ZM6PWvGLspr4l916Yg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

9957cdb6efb34b018994223d4317d7ab45f2d7168bcc319f04fa373e23dc8c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 May 2022 12:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47363
x-xss-protection: 0
last-modified: Sat, 05 Mar 2022 00:28:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Mon, 22 May 2023 12:09:16 GMT

GET
H3 200 meta Show response
docs.google.com/viewerng/ Frame 574D 36 B
85 B 130ms
130ms XHR
application/json 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/meta?id=ACFrOgA69hH_Ipk7K6EUSEJXuMxUwkzCFTKvgC6bvFm-DkFnji22LKjcqgA71oRC34TCyHkahIE3krVHn1B_WDb7GKlzqce3oJd0g-hmqTug9ssLvhnTaSqNWINJkOeYZWxziDshBOSpb5ZZuFfT

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

GSE /

Resource Hash

450f6ca98d98ad460909a056162d17b1e267d3251c1a4150d79c879d2fcc3304

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JnF33yPDvXkpsJKQ_1a2lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 01:51:07 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-JnF33yPDvXkpsJKQ_1a2lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 574D 115 KB
115 KB 186ms
186ms XHR
image/png 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/img?id=ACFrOgA69hH_Ipk7K6EUSEJXuMxUwkzCFTKvgC6bvFm-DkFnji22LKjcqgA71oRC34TCyHkahIE3krVHn1B_WDb7GKlzqce3oJd0g-hmqTug9ssLvhnTaSqNWINJkOeYZWxziDshBOSpb5ZZuFfT&page=0&w=800&webp=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

GSE /

Resource Hash

b602f60086baca8ea3702b236977564903e94e7cc6ab373c7fa1a7f09676637f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zdT_tEg2cNrkOJH51Mx0Bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 01:51:07 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-zdT_tEg2cNrkOJH51Mx0Bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 574D 17 KB
5 KB 133ms
133ms XHR
application/json 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/viewerng/presspage?id=ACFrOgA69hH_Ipk7K6EUSEJXuMxUwkzCFTKvgC6bvFm-DkFnji22LKjcqgA71oRC34TCyHkahIE3krVHn1B_WDb7GKlzqce3oJd0g-hmqTug9ssLvhnTaSqNWINJkOeYZWxziDshBOSpb5ZZuFfT&page=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

GSE /

Resource Hash

a704058c72cb7923898e027047e41364c0c42948cf9a080889ceb56a0a9a1fc5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZbyEXywGnbT7hKjaGOckPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 01:51:07 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-ZbyEXywGnbT7hKjaGOckPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img Show response
docs.google.com/viewerng/ Frame 574D 52 KB
52 KB 164ms
164ms XHR
image/png 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

GSE /

Resource Hash

cf6f1e041ab94351f35418186cab4f72c8853829910c8789251295ab82af5baf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-igYEtruJDxsJ8NCXPwas-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 01:51:07 GMT
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-igYEtruJDxsJ8NCXPwas-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 presspage Show response
docs.google.com/viewerng/ Frame 574D 8 KB
3 KB 133ms
133ms XHR
application/json 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/m=main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

GSE /

Resource Hash

b1d36aa14add1f69a38389524a5e327105c61f050141e448f4893589a61adefd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PGPvIVB6DmdkZIw1Lq40cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 01:51:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="apps-viewer"
x-frame-options: SAMEORIGIN
report-to: {"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-PGPvIVB6DmdkZIw1Lq40cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="apps-viewer"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 574D 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
BLOB 200
OK 5df78269-50e7-4c2a-ad82-1ccc68f75ee0
https://docs.google.com/ Frame 574D 52 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/5df78269-50e7-4c2a-ad82-1ccc68f75ee0
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf6f1e041ab94351f35418186cab4f72c8853829910c8789251295ab82af5baf

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 53340
Content-Type: image/png

GET
BLOB 200
OK e594f05e-a0c9-49e7-bc9c-1558cbdd647c
https://docs.google.com/ Frame 574D 115 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://docs.google.com/e594f05e-a0c9-49e7-bc9c-1558cbdd647c
Requested by: Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b602f60086baca8ea3702b236977564903e94e7cc6ab373c7fa1a7f09676637f

Request headers

accept-language: is-IS,is;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 117800
Content-Type: image/png

GET
H2 200 proxy.html Show response
content.googleapis.com/static/ Frame 9397 382 B
1 KB 342ms
112ms Document
text/html 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.8taxElQtOO0.O%2Fd%3D1%2Frs%3DAHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f10.1e100.net

Software

sffe /

Resource Hash

8a8ad832c8566a3f775751ea130760e30047a3628c2167f3566fe4998d0e5396

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-_0uDbTyBMTSoWFZmeXir_g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 271
content-security-policy: script-src 'nonce-_0uDbTyBMTSoWFZmeXir_g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 01:51:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 17 Jul 2020 22:45:00 GMT
pragma: no-cache
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame 9397 14 KB
5 KB 114ms
114ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.8taxElQtOO0.O%2Fd%3D1%2Frs%3DAHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

sffe /

Resource Hash

c53a25c1a5c781b430b6eff3624cdfd8d0e26268878d08daf54a41a42b16263a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Mon, 23 May 2022 01:51:08 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7e4c585d161c60d6"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 May 2022 01:51:08 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/ Frame 9397 66 KB
23 KB 105ms
105ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

sffe /

Resource Hash

df65a54b38edd28d5bf3cbcf90eebe4dedb4659cccd065fa3fc5e7e1735de059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://content.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 May 2022 10:59:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23277
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 May 2023 10:59:34 GMT

GET
H2 200 4859604 Show response
betotodilea.com/400/ 77 KB
30 KB 457ms
219ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://betotodilea.com/400/4859604

Requested by

Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a292096fd61a012c9a5dcddcc45e09ca5b2099fde80e0e8c291efb469cc1e889

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 66b33299414dbf30832510ecc6aecbba
pragma: no-cache
date: Mon, 23 May 2022 01:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
101 KB 318ms
107ms Fetch
binary/octet-stream 104.21.45.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:08 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4194
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 23 May 2022 00:41:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOsNEzGlnn%2FCyPNtN%2FD1mCbNcOKVGWZ1g%2F%2Bb8JksAiE%2FqR94g9rKDbqpKAXHvfwp%2FcuT7o545noLpL5POwut%2B9546ijVH3mBBlgdhhjhm0h%2FWS1DF5UwAnsAcqtSpYB8"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 70fa25107b64977c-AMS
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 26 B
373 B 421ms
211ms Fetch
text/plain 104.21.45.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d52ffc74da6614fa53c49bf50817a6e2f36182020f4b7049e0bfbed694e032

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWAkY%2Feh3zOG%2BsuVeR2w3jRYkBQTw3iSgz6b%2BSoeeosFgFTN5XDz9KpNNF0kc5d0rWoQzWyx%2B%2BKxvZ8pFuv4KMFTtdlUeViBGWn2zdtLvpCqAzJQ%2BsjTv14C9pIJKApy"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 70fa25107b67977c-AMS
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
wfordsgoo.xyz/ 0
490 B 448ms
206ms XHR
text/plain 18.66.248.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wfordsgoo.xyz/utx?cb=3OtO3EUGvB9l&top=userscloud.com&tid=600304
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-38.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 01:51:08 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: w5nYzF9unUWJoSZMUiHmJDIBlD9BkzDwr3b-Bv_YOuJ50gAm0DxQPA==

GET
H2 200 Fx0GJS05AhgXHBp+dx47Ex0XFkofBRlFADkVHEUiHiF3HjsQfAg+PzEBGkVAGygPBBkUBDYYPQd1KxESfw4HMx8TOgQYSBsONzkUGhopBR5gBR4mPmt0KjUIMx4NMU0GDS01GmACeSBJZ3oeIj0QDxlNEhENfj4zBjwWJUg+eBciCxEEJyFAChl3ETwVJwwmPionF... Show response
wfordsgoo.xyz/TE50eFItLBcVbS1zFl4nPiJJXWAKa0Y+Nn0gARoqKCkbFWE7PwBWMSAhARw0PiEaDHwiKwBdYAoDFj0iHgEzFwIGGk0dBB4pHjYDGi0sMCIlDTJNGQUNPiAQDjZHKGJ4ez4CIiMoJUBkAxkhHRokFwEaEyQDNTshaXwyIGMoBTgCay4YRUkhAQg... Frame 0E8C 3 KB
2 KB 397ms
213ms Document
text/html 18.66.248.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wfordsgoo.xyz/TE50eFItLBcVbS1zFl4nPiJJXWAKa0Y+Nn0gARoqKCkbFWE7PwBWMSAhARw0PiEaDHwiKwBdYAoDFj0iHgEzFwIGGk0dBB4pHjYDGi0sMCIlDTJNGQUNPiAQDjZHKGJ4ez4CIiMoJUBkAxkhHRokFwEaEyQDNTshaXwyIGMoBTgCay4YRUkhAQgDMQcUe0csECMKPS8qFgYlPT0cCDU2FiYDRDA6dAAQAioUCzUtPxwYGCgKKzYfPj48BBE/Fx0GJS05AhgXHBp+dx47Ex0XFkofBRlFADkVHEUiHiF3HjsQfAg+PzEBGkVAGygPBBkUBDYYPQd1KxESfw4HMx8TOgQYSBsONzkUGhopBR5gBR4mPmt0KjUIMx4NMU0GDS01GmACeSBJZ3oeIj0QDxlNEhENfj4zBjwWJUg+eBciCxEEJyFAChl3ETwVJwwmPionFCUMARoZJhURJ3cRHTsGFDA5YngBNkkLByBNERZ8HBIeGigAIkliaiQHFzw8cxoOAQc+TT03Gj1A
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-38.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: bc4502d4ebb07a2e8c58ccc345a184506c98c22a4c4e3548a1487f0bcef668e0

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1235
content-type: text/html
date: Mon, 23 May 2022 01:51:08 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-amz-cf-id: qrX1-DFu_hAqMizOh97DWrr3-D6lG8QBMSM1K00faH9PUCm2z3esbg==
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 360ms
210ms Fetch
binary/octet-stream 104.21.45.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:08 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4194
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 23 May 2022 00:41:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DisECwLs9HdraaAWiYmIEbhu5VAsUcmeLF6qVMjqT47afyuMRfKKw8fW0zRqrxAAD0pt%2BK1DhZwdXr6XpmF354oNZzHREoyTUQJqFo8FpOEkK9f%2BZYtyd4XvREqyf6l9"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 70fa25107b69977c-AMS
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 26 B
347 B 361ms
211ms Fetch
text/plain 104.21.45.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b348f48d8a36187e4f7b80cf9b3ed94d614b9d20b4facd29ecc7c9af121c01c1

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lCwVTjhnw7XSnUvzea0tp9POi7rW3ytmBDIP8XZ7dI6wGx8%2FlAOnZa0dHGQp7k6tZgZWsKOLvVH9t7Ni4gA2Bc1N36OeMrZyQ0kKd3gaMQghuMQaDh%2BzOagEKnAod1r"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 70fa25107b68977c-AMS
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
wfordsgoo.xyz/ 0
489 B 388ms
207ms XHR
text/plain 18.66.248.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wfordsgoo.xyz/utx?cb=k80jrp0gdOFJ&top=userscloud.com&tid=708052
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-38.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 01:51:08 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: UlhNZlKIoZm9D9TASGer6_FzvpPcENYtbUrE2leBcBaU75qQ5ktEEw==

GET
H2 200 XAlJfC8CKU0CJlZVYwUY Show response
wfordsgoo.xyz/OUFMM2dYIy9eWFh8LhUSSy1xFlV/ZH51AwgvOVEfXSYjXlROMDgdBFUuOVcBSy4iR0lXJDgWVX8lGAELbRQhBxR7K3wDMm0yDX1VABsqAiFTG31LF3g4DQomfXgZfiB0JgNKCAwPfUQxdRAoAyBTFAJRCnMIBUQAAA8afRd9BXxLMgp0HH4NYAw... Frame AACA 3 KB
2 KB 378ms
207ms Document
text/html 18.66.248.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wfordsgoo.xyz/OUFMM2dYIy9eWFh8LhUSSy1xFlV/ZH51AwgvOVEfXSYjXlROMDgdBFUuOVcBSy4iR0lXJDgWVX8lGAELbRQhBxR7K3wDMm0yDX1VABsqAiFTG31LF3g4DQomfXgZfiB0JgNKCAwPfUQxdRAoAyBTFAJRCnMIBUQAAA8afRd9BXxLMgp0HH4NYAwvX1YICyQHAHgseEkgaggAYw1WCwBhJgslDkASbwV4CiF6GApjHXcNKmBeVCcKBhZucwIFIGoYBH0dCRscdh9RGCtyUG0GClo/CngEalRdJQhmH1EYJFgKe3MaXjQKNj5XCnskAgJeVyR8R15uFWF6DnEoAX4tfSIBeSZ4LygCEHMZC3ELaAk0VQNUAylpEHB2BlQqUxULdjVqcn1pN0MyCngMQSkVVAxIAiZUXmtzPFE+QwQLYzZgZH5xKQk1dX9VTTMde15xG351MF0qKFg+fDV1ZDR4Ow9wU1sOIlcEehc0VD1sA3RrVGwvGQBTHys/XAlJfC8CKU0CJlZVYwUY
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-38.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: c2b282c35ab3c15a07f9d65227f0823e84cde933ac12ce84c1307360520f61fa

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1235
content-type: text/html
date: Mon, 23 May 2022 01:51:08 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-amz-cf-id: LnbY6-YAADMGemKPKsaPAJO8p1nKdKcZZSQQd077H3a80TEq1CLrKw==
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 247ms
111ms Fetch
binary/octet-stream 104.21.45.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:08 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4194
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 23 May 2022 00:41:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5bnn%2FmBQxUDy3AhK73LODaJeBAkIphzzNjgUAXJqYROnuj8Pu5dmEOKQtgS6wvEXzdjJd856FsX7Akv0b4ZxofVjn1pYNX0LyrXwqiQPxdmgl6ue1FpIPLJoO3VOWse"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://userscloud.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 70fa25107b6a977c-AMS
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
350 B 347ms
211ms Fetch
text/plain 104.21.45.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 290d3b6f4132ec0bd6f5c0b66e56a22f486f915aa57421f8664d6ab0798eeabe

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://userscloud.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItFBdew%2BTa2ixRDoRtHUMS7VeErNlomwCmx3djkDtaRld1D2D6RCDgKXZRLzSIHqemmucOHOxgw%2FIk19WgCjZJtm4gMs%2BA%2FPp8KAnxG03fQKak5JAcTf9sNJeBEYfoiR"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 70fa25107b6b977c-AMS
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
wfordsgoo.xyz/ 0
491 B 374ms
206ms XHR
text/plain 18.66.248.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wfordsgoo.xyz/utx?cb=acAquhwZ1lHI&top=userscloud.com&tid=816973
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-38.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 01:51:08 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: S22OfxZ3EuCQC-TR2q-QalDUJ8JmiAVEVQFIyFECf1PXNyIqvKOgzQ==

GET
H2 200 AgU0KwIzWgkHDjBTLwIIM3BfLTsFXl8oDVENXh03MBMENjUPRVMcIDJcKCAPDUYGBA Show response
wfordsgoo.xyz/RVphNW4kOAJYUSRnAxMbNzZcEFwDf1NzCnQ0FFcWIT0OWF0yKxUbDSk1FFEINzUPQUArPxUQXAM5N2JfNQs2eFwEPQJbNgYfJHE2PTg7cxoUPg13FAciDkAqFgwweCo2LTF2HQgcIA0DBwkJWyg8YitjJgMcLmQZDRANABQGGwJcNigILXYtEBg... Frame 3E03 3 KB
2 KB 374ms
216ms Document
text/html 18.66.248.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wfordsgoo.xyz/RVphNW4kOAJYUSRnAxMbNzZcEFwDf1NzCnQ0FFcWIT0OWF0yKxUbDSk1FFEINzUPQUArPxUQXAM5N2JfNQs2eFwEPQJbNgYfJHE2PTg7cxoUPg13FAciDkAqFgwweCo2LTF2HQgcIA0DBwkJWyg8YitjJgMcLmQZDRANABQGGwJcNigILXYtEBgAcwIVFDN4WAc2MFIoAT0xdy0uHy9NPwgAGWxeEBswQCkRLSN3PQcdO0waJjhQexkdaw1FKAEtJXE9cQ8rXgYnOTAFBhYcFU07KAwlYjkXCycFBic5M2RWBGtYBDwoAxdhJgsOLWMaITskbwAdC0xSFgAgCnwmLAsjZQkUPjtzKxENJ0VcEQ07VzoNFDVTPxwYL2RacAknRi0XNwVRLBY9KHgrLTgCZD8yHgZ8GxY0I1M5FhMtfxkMHytwNCsRUHNaEQ03cTYdEANXKws/AgU0KwIzWgkHDjBTLwIIM3BfLTsFXl8oDVENXh03MBMENjUPRVMcIDJcKCAPDUYGBA
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-38.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 671e4903095489b36dea2a0826f4b0971bfb9ef76ae92fb02478baa4b69baebd

Request headers

Referer: https://userscloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: is-IS,is;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1232
content-type: text/html
date: Mon, 23 May 2022 01:51:08 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-amz-cf-id: eSypdh5SdmrAOrbiaUFEhtkkYb7dqdcDzKViJtmwpcFmCjbt4xYdWg==
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront

GET
H2 204 WTVxdXV2ChIGSDpgGg8WD1E4EBIfdigwJy53GhEeC20GNiRrbFcBHD0IR0VFagVFUwUwUUxEUypBEAEAKghAUxw3Ux5IUy8IQFtGbRtDQ1tpEwRIRH9BARQSZARXBQEtWUxEQ2wGQ0JFbwNJQ0dp
dinterperson.xyz/ 0
486 B 394ms
185ms Image
text/plain 188.114.96.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/WTVxdXV2ChIGSDpgGg8WD1E4EBIfdigwJy53GhEeC20GNiRrbFcBHD0IR0VFagVFUwUwUUxEUypBEAEAKghAUxw3Ux5IUy8IQFtGbRtDQ1tpEwRIRH9BARQSZARXBQEtWUxEQ2wGQ0JFbwNJQ0dp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBaurRr5HYdIS2xrHM1%2FFCyj9aEqls%2BmixjxIdjHFgOqyghfNOv3sSYFSrKItPUbNfuOpr6B%2BfC5oYI8%2FKq6jinMr9ORcFTHPRywQ6DQkwDTVIFC%2BBzRe%2BkNcl5oE1H2%2F2GH"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 70fa251109d94c19-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 412ms
195ms Image
text/html 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-star-mini-shv-02-frx5.facebook.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 378ms
154ms Image
text/html 142.250.185.109
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.109 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f13.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 625ms
401ms Image
text/html 142.250.185.109
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.109 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f13.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 Y00zOTlMclBKBDQjV39jNHRabVcpKWtUDCIpdWtfARh5C28lIhVNUAdwBAkBU3gBH0kKKQ4LAEU+R1hNFj4OCB8KI1VWBEU7DggXU2MGARdTa0YECEU5Q1heXnwVSU0XIQ4ID1Z+AQ4JVXsLDw5b
dinterperson.xyz/ 0
249 B 401ms
192ms Image
text/plain 188.114.96.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/Y00zOTlMclBKBDQjV39jNHRabVcpKWtUDCIpdWtfARh5C28lIhVNUAdwBAkBU3gBH0kKKQ4LAEU+R1hNFj4OCB8KI1VWBEU7DggXU2MGARdTa0YECEU5Q1heXnwVSU0XIQ4ID1Z+AQ4JVXsLDw5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzmnjXr5Swtnwc64%2F0jrzKbC4E5%2FPgHItFJdSWalbsoe2RJ%2FWmS7AC6kVNz7%2BWl16YyllpsyF2IgoeYzzdhZJVLCVUqRXMpI2NODatemH3%2FOEmlaRuHS%2BErIEnvkaSB8grUb"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 70fa251109db4c19-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 Wn8OSCMMZEseMh8tFgVzXWxJCnVbb0wAdFJo
dinterperson.xyz/WXo4Qmt2RVsxVg0tbgAmNzAPFFgYOGpxXj0ZeRgoPzxycSgyOx42Aj1HAHNdYE0LZBswHgVwUn8JTCMfLAkFc00wFF4tVn8MBXNFaVQNekVpXE1/ 0
244 B 400ms
191ms Image
text/plain 188.114.96.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/WXo4Qmt2RVsxVg0tbgAmNzAPFFgYOGpxXj0ZeRgoPzxycSgyOx42Aj1HAHNdYE0LZBswHgVwUn8JTCMfLAkFc00wFF4tVn8MBXNFaVQNekVpXE1/Wn8OSCMMZEseMh8tFgVzXWxJCnVbb0wAdFJo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufUbp48zFFNsYP4EQMuMiefn2eFGjZv3DokYPoayisUPWR7gy9cDyZqJBbIAZZElNvstmqm7LXrPXnz%2FH7mb6swgB9Wn72a5iwTNNGYDPCxunJVTsEMPoDgG%2FSdz2hy7s7Ya"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 70fa251109dc4c19-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rum Show response
userscloud.com/cdn-cgi/ 0
165 B 104ms
104ms XHR
text/plain 188.114.97.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://userscloud.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://userscloud.com/edwpyhwi2hs4
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Mon, 23 May 2022 01:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://userscloud.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 70fa250fce79979d-AMS
vary: Origin

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 9397 0
15 B 436ms
223ms XHR
text/plain 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
Requested by: Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/cb=gapi.loaded_0?le=scs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f10.1e100.net
Software: GSE /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.8taxElQtOO0.O%2Fd%3D1%2Frs%3DAHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Mon, 23 May 2022 01:51:09 GMT
server: GSE
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 viewerimpressions Show response
content.googleapis.com/drive/v2internal/ Frame 9397 0
15 B 450ms
238ms XHR
text/plain 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
Requested by: Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/cb=gapi.loaded_0?le=scs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f10.1e100.net
Software: GSE /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://docs.google.com
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.8taxElQtOO0.O%2Fd%3D1%2Frs%3DAHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Goog-AuthUser: 0
X-Referer: https://docs.google.com

Response headers

pragma: no-cache
date: Mon, 23 May 2022 01:51:09 GMT
server: GSE
etag: "vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin, X-Origin
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 322ms
104ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70768172-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 982
date: Mon, 23 May 2022 01:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 23 May 2022 03:34:46 GMT

GET
H2 200 popunder.gif
dinterperson.xyz/ 35 B
396 B 105ms
104ms Image
image/gif 188.114.96.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinterperson.xyz/popunder.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 01:51:09 GMT
cf-cache-status: HIT
last-modified: Sat, 21 May 2022 18:07:45 GMT
server: cloudflare
age: 114204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svME7WCMwlWbl9C%2BUNVnhgYGTvMLKiTxb9hzQB7ne4wy7bCe0F9lT2hfr972tWxb6M2%2F1c4JaqZa1Qn0JWKrzeXsf0fHjl%2BTP%2BT7%2FP4YMcxYMmqdrnB5RgmXkapIfpzOnn2V"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70fa2511fa524c19-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dT2lTUm4sBj00UTsAN29Zf1FjZ1xpAyA9AD9UMGMgOyo5N1wVLQd0GjUNbmJIIwg9NVNpDD0xU35PMjYMcl11Jh4gAm4zGSILPjoJLRA2dBsuVD49FCYFPzNLfS9mfF5qW2N6GSYHNz0ZPExhYgA7TGFiX39HY3ddDUxhYhkmB2VmS3wrdmBeN19ne0t9WT-IiHiM... Show response
d1nubxdgom3wqt.cloudfront.net/ Frame AACA 575 B
722 B 483ms
254ms Script
text/plain 13.224.194.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nubxdgom3wqt.cloudfront.net/dT2lTUm4sBj00UTsAN29Zf1FjZ1xpAyA9AD9UMGMgOyo5N1wVLQd0GjUNbmJIIwg9NVNpDD0xU35PMjYMcl11Jh4gAm4zGSILPjoJLRA2dBsuVD49FCYFPzNLfS9mfF5qW2N6GSYHNz0ZPExhYgA7TGFiX39HY3ddDUxhYhkmB2VmS3wrdmBeN19ne0t9WT-IiHiMMJDcMJAAnd1wJXGBlQHxfdmBeZwI7JgMjTGERS31ZPzsFKkxhYgkqCjg9R2pbYzEGPQY+N0t9L2trQH9HZ2FWdkdkYEt9WSAzCC4bOndcCVxgZUB8X3UnU34
Requested by: Host: wfordsgoo.xyz
URL: https://wfordsgoo.xyz/OUFMM2dYIy9eWFh8LhUSSy1xFlV/ZH51AwgvOVEfXSYjXlROMDgdBFUuOVcBSy4iR0lXJDgWVX8lGAELbRQhBxR7K3wDMm0yDX1VABsqAiFTG31LF3g4DQomfXgZfiB0JgNKCAwPfUQxdRAoAyBTFAJRCnMIBUQAAA8afRd9BXxLMgp0HH4NYAwvX1YICyQHAHgseEkgaggAYw1WCwBhJgslDkASbwV4CiF6GApjHXcNKmBeVCcKBhZucwIFIGoYBH0dCRscdh9RGCtyUG0GClo/CngEalRdJQhmH1EYJFgKe3MaXjQKNj5XCnskAgJeVyR8R15uFWF6DnEoAX4tfSIBeSZ4LygCEHMZC3ELaAk0VQNUAylpEHB2BlQqUxULdjVqcn1pN0MyCngMQSkVVAxIAiZUXmtzPFE+QwQLYzZgZH5xKQk1dX9VTTMde15xG351MF0qKFg+fDV1ZDR4Ow9wU1sOIlcEehc0VD1sA3RrVGwvGQBTHys/XAlJfC8CKU0CJlZVYwUY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-145.fra2.r.cloudfront.net
Software: /
Resource Hash: 767b19650ad16e2d656093c0e1588d0bd0f8497eeb30dbc870e6825e391ccad6

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://wfordsgoo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:09 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 446
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-id: uGB221yllRk2MfTRZKsy8Anc6grZM_3502rgEvRTMbGdij1Z-UTzAg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 328ms
110ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1954152625&t=pageview&_s=1&dl=https%3A%2F%2Fuserscloud.com%2Fedwpyhwi2hs4&ul=en-us&de=UTF-8&dt=Userscloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2070507668&gjid=1877205185&cid=1691629319.1653270669&tid=UA-70768172-1&_gid=1236880666.1653270669&_r=1&gtm=2ou5b0&z=1080891681

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://userscloud.com/
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 May 2022 01:51:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userscloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 X1dKLz9bV11sMFwIUX53TBoDIWxZHQEoPFANDjM0Hh8NdzxXEAUmPVlPXgxkFlpJeGEQHQUkNVcdH29jCAQYb2MIW1xkYR1ZLm9jCB0FJGcMT18IdApaFHxlEU9eej-BIGgAvJl0IByMlHVgqf2IPRF98dApaRCE5TAcAb2N7T156PVEBCW9jCA0JKTpXQ0l4YVsC... Show response
d1nubxdgom3wqt.cloudfront.net/MbEpROGoPJT9eVRgjNQVcXHpiCF5KICJXBBx3P045JzpofQ86OWUeHhYubAhMACs/ Frame 0E8C 1 KB
1012 B 470ms
253ms Script
text/plain 13.224.194.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nubxdgom3wqt.cloudfront.net/MbEpROGoPJT9eVRgjNQVcXHpiCF5KICJXBBx3P045JzpofQ86OWUeHhYubAhMACs/X1dKLz9bV11sMFwIUX53TBoDIWxZHQEoPFANDjM0Hh8NdzxXEAUmPVlPXgxkFlpJeGEQHQUkNVcdH29jCAQYb2MIW1xkYR1ZLm9jCB0FJGcMT18IdApaFHxlEU9eej-BIGgAvJl0IByMlHVgqf2IPRF98dApaRCE5TAcAb2N7T156PVEBCW9jCA0JKTpXQ0l4YVsCHiU8XU9eDGkBRFxkZQtSVWRmCk9eeiJZDA04OB1YKn9iD0RffHdNV10
Requested by: Host: wfordsgoo.xyz
URL: https://wfordsgoo.xyz/TE50eFItLBcVbS1zFl4nPiJJXWAKa0Y+Nn0gARoqKCkbFWE7PwBWMSAhARw0PiEaDHwiKwBdYAoDFj0iHgEzFwIGGk0dBB4pHjYDGi0sMCIlDTJNGQUNPiAQDjZHKGJ4ez4CIiMoJUBkAxkhHRokFwEaEyQDNTshaXwyIGMoBTgCay4YRUkhAQgDMQcUe0csECMKPS8qFgYlPT0cCDU2FiYDRDA6dAAQAioUCzUtPxwYGCgKKzYfPj48BBE/Fx0GJS05AhgXHBp+dx47Ex0XFkofBRlFADkVHEUiHiF3HjsQfAg+PzEBGkVAGygPBBkUBDYYPQd1KxESfw4HMx8TOgQYSBsONzkUGhopBR5gBR4mPmt0KjUIMx4NMU0GDS01GmACeSBJZ3oeIj0QDxlNEhENfj4zBjwWJUg+eBciCxEEJyFAChl3ETwVJwwmPionFCUMARoZJhURJ3cRHTsGFDA5YngBNkkLByBNERZ8HBIeGigAIkliaiQHFzw8cxoOAQc+TT03Gj1A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-145.fra2.r.cloudfront.net
Software: /
Resource Hash: 7148600909f624fcf846b6b41b0e90700590ad4c00ba9e481b1f3606eb80796c

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://wfordsgoo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:09 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 735
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-id: HjZHWYgq_HKk63S0X9GKTDzYd5vxLzJ3_aQMJ8milIRo54A_7qd9Qw==

GET
H2 200 cVW1pQWM2AgcnXCEEDXxbZFtQdlBzBxouDSVQMDswPCsMFA8mBShnFy8JVHFFOQwHJl5zCAciXmRLCCUBaFlPNRM6BlQgFDgPBCkENxQMZxY0UAQuGTwBBSBGZytcb1NwX1lpFDwDDS4UJkhbcQ0hSFtxUmVDWWRQF0hbcRQ8A191RmYvTHNTLVtdaEZnXQ-gxEzk... Show response
d1nubxdgom3wqt.cloudfront.net/ Frame 3E03 559 B
706 B 462ms
247ms Script
text/plain 13.224.194.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1nubxdgom3wqt.cloudfront.net/cVW1pQWM2AgcnXCEEDXxbZFtQdlBzBxouDSVQMDswPCsMFA8mBShnFy8JVHFFOQwHJl5zCAciXmRLCCUBaFlPNRM6BlQgFDgPBCkENxQMZxY0UAQuGTwBBSBGZytcb1NwX1lpFDwDDS4UJkhbcQ0hSFtxUmVDWWRQF0hbcRQ8A191RmYvTHNTLVtdaEZnXQ-gxEzkIHiQBPgQdZFETWFp2TWZbTHNTfQYBNQ45SFsCRmddBSgIMEhbcQQwDgIuSnBfWSILJwIEJEZnK1F4TWVDXXJbbENec0ZnXRogBTQfAGRRE1hadk1mW080XmQ
Requested by: Host: wfordsgoo.xyz
URL: https://wfordsgoo.xyz/RVphNW4kOAJYUSRnAxMbNzZcEFwDf1NzCnQ0FFcWIT0OWF0yKxUbDSk1FFEINzUPQUArPxUQXAM5N2JfNQs2eFwEPQJbNgYfJHE2PTg7cxoUPg13FAciDkAqFgwweCo2LTF2HQgcIA0DBwkJWyg8YitjJgMcLmQZDRANABQGGwJcNigILXYtEBgAcwIVFDN4WAc2MFIoAT0xdy0uHy9NPwgAGWxeEBswQCkRLSN3PQcdO0waJjhQexkdaw1FKAEtJXE9cQ8rXgYnOTAFBhYcFU07KAwlYjkXCycFBic5M2RWBGtYBDwoAxdhJgsOLWMaITskbwAdC0xSFgAgCnwmLAsjZQkUPjtzKxENJ0VcEQ07VzoNFDVTPxwYL2RacAknRi0XNwVRLBY9KHgrLTgCZD8yHgZ8GxY0I1M5FhMtfxkMHytwNCsRUHNaEQ03cTYdEANXKws/AgU0KwIzWgkHDjBTLwIIM3BfLTsFXl8oDVENXh03MBMENjUPRVMcIDJcKCAPDUYGBA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-145.fra2.r.cloudfront.net
Software: /
Resource Hash: e40ef3eeddb65ea3be773aa5b21f5786d540ac52db4e498d0d91ef1f88462bc0

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://wfordsgoo.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:09 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 430
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-id: 0O4uDk2yXETHAzk1EQzGfQYq0M5j34KlWsd7oTQY6spKwpiAiHE8Ug==

GET
H2 200 multi Show response
wfordsgoo.xyz/ 3 KB
2 KB 208ms
208ms XHR
text/plain 18.66.248.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wfordsgoo.xyz/multi?cs=Y2NYc3NbWm9LQldUaUJDVFZrQkY&abt=0&red=1&sm=76&k=userscloud%20free%20cloud%20storage%20unlimited&v=1.0.58.0&sts=0&prn=0&emb=0&tid=708052&u=943284664760499&agec=1653270668&fs=1&mbkb=190.11406844106463&ref=https%3A%2F%2Fuserscloud.com%2Fedwpyhwi2hs4&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&tzd=0&uloc=&if=0&_6jUI=1653270669175&crc=1
Requested by: Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-38.dus51.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: b3955f7fc25ece4e0f84e45c11f179786b10c07f011c70aed3c641a7413d4cdc

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 01:51:09 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://userscloud.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: text/plain
content-length: 1409
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-amz-cf-id: h52UsR_Wr9kklhtTEU35JqjtFgwO4FzPQ7EV88GE8jRbhZstGSpikw==

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 335ms
108ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: betotodilea.com
URL: https://betotodilea.com/400/4859604

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

085d614c2bae00f74cc8a61443599d8dad50fc2bc5a1292bfc2b7173761662c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: is-IS,is;q=0.9
Referer: https://userscloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:51:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://userscloud.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 4859604 Show response
betotodilea.com/500/ 10 B
501 B 136ms
135ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://betotodilea.com/500/4859604?excludes=&oaid=e9ef1f75dbdc487a9fbebc78d5aa0a43&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fuserscloud.com%2Fedwpyhwi2hs4&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: betotodilea.com
URL: https://betotodilea.com/400/4859604

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://userscloud.com/
accept-language: is-IS,is;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 3062045321281f79dfd5a183694dc2ed
pragma: no-cache
date: Mon, 23 May 2022 01:51:10 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://userscloud.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
content-length: 10
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 4859604
betotodilea.com/500/ Frame 0
0 325ms
108ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://userscloud.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://userscloud.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Mon, 23 May 2022 01:51:09 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 07:38:01	Name: NID Value: 511=vAyrx-5RXw2H7JSod1JEOBBCr5sqCNME1u15lrBpndGBBQ_gw5Vb7NvfO2iT_HnmyLXODApJzyKFhC35qaq3IFMYA28hIIIlc04CVtxb6bZt5YdrKR0v1RORNH5J0wQH_c74EOxkamYZTyy_xXF8r_CVvmUEEFqGh3x3YoXbdQY
freychang.fun/	1970-01-20 11:52:54	Name: csu Value: 943284664760499@1@1653270668
betotodilea.com/	1970-01-20 12:00:06	Name: OAID Value: 47f2394e0c4047b08f22a2bb56a99185
.userscloud.com/	1970-01-20 20:45:42	Name: _ga Value: GA1.2.1691629319.1653270669
.userscloud.com/	1970-01-20 03:15:57	Name: _gid Value: GA1.2.1236880666.1653270669
.userscloud.com/	1970-01-20 03:14:30	Name: _gat_gtag_UA_70768172_1 Value: 1
my.rtmark.net/	1970-01-20 12:00:06	Name: ID Value: e9ef1f75dbdc487a9fbebc78d5aa0a43

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0;includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
betotodilea.com
content.googleapis.com
d1nubxdgom3wqt.cloudfront.net
dinterperson.xyz
docs.google.com
freychang.fun
my.rtmark.net
ssl.gstatic.com
static.cloudflareinsights.com
userscloud.com
wfordsgoo.xyz
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.21.45.207
13.224.194.145
139.45.195.8
139.45.197.237
142.250.181.227
142.250.184.206
142.250.185.109
142.250.185.168
142.250.185.78
142.250.186.142
157.240.236.35
172.217.23.106
172.64.156.26
18.66.248.38
188.114.96.10
188.114.97.10
085d614c2bae00f74cc8a61443599d8dad50fc2bc5a1292bfc2b7173761662c2
0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc
1397f43efd4895302bfbde46e8a59ba41bcb17db65205377b5fead4b881408e8
1e4761a2891bcea0fe7c1d190004e9b86eac17f78114fd8f104f9e1d929f02e7
290d3b6f4132ec0bd6f5c0b66e56a22f486f915aa57421f8664d6ab0798eeabe
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4
3598a9ee778aeaeb5293e246e3d2939d92edc82889becca991d5be56f9ab1568
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf
450f6ca98d98ad460909a056162d17b1e267d3251c1a4150d79c879d2fcc3304
671e4903095489b36dea2a0826f4b0971bfb9ef76ae92fb02478baa4b69baebd
67d52ffc74da6614fa53c49bf50817a6e2f36182020f4b7049e0bfbed694e032
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7148600909f624fcf846b6b41b0e90700590ad4c00ba9e481b1f3606eb80796c
767b19650ad16e2d656093c0e1588d0bd0f8497eeb30dbc870e6825e391ccad6
7707e6a89da61b6a3d8444083979ce915046842e05ca151bf4f652cfc6776dae
7abb447a7894fb16ecfd240eb6555ad431656e7b82065d9b7e6073480936004e
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a8ad832c8566a3f775751ea130760e30047a3628c2167f3566fe4998d0e5396
9957cdb6efb34b018994223d4317d7ab45f2d7168bcc319f04fa373e23dc8c1b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a292096fd61a012c9a5dcddcc45e09ca5b2099fde80e0e8c291efb469cc1e889
a704058c72cb7923898e027047e41364c0c42948cf9a080889ceb56a0a9a1fc5
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d36aa14add1f69a38389524a5e327105c61f050141e448f4893589a61adefd
b348f48d8a36187e4f7b80cf9b3ed94d614b9d20b4facd29ecc7c9af121c01c1
b3955f7fc25ece4e0f84e45c11f179786b10c07f011c70aed3c641a7413d4cdc
b602f60086baca8ea3702b236977564903e94e7cc6ab373c7fa1a7f09676637f
bc4502d4ebb07a2e8c58ccc345a184506c98c22a4c4e3548a1487f0bcef668e0
c2b282c35ab3c15a07f9d65227f0823e84cde933ac12ce84c1307360520f61fa
c53a25c1a5c781b430b6eff3624cdfd8d0e26268878d08daf54a41a42b16263a
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137
caf57ad31292cf2771a7126437a37465a818dfb3e98520671db8da48e3212e4e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf6f1e041ab94351f35418186cab4f72c8853829910c8789251295ab82af5baf
d55db21d4ee05507a028a1d46c52ca0bdb7d1db711cbcb5040233a865d25bf08
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc
df65a54b38edd28d5bf3cbcf90eebe4dedb4659cccd065fa3fc5e7e1735de059
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40ef3eeddb65ea3be773aa5b21f5786d540ac52db4e498d0d91ef1f88462bc0
e7493cd8a31ae229762ea360bd4332492861a2a4ee6c3e232a086df61757383f
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

userscloud.com Open in urlscan Pro 188.114.97.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

97 %HTTPS

0 %IPv6

14 Domains

17 Subdomains

17 IPs

5 Countries

1793 kBTransfer

3833 kBSize

7 Cookies

0 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

userscloud.com Open in urlscan Pro
188.114.97.10 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

97 %
HTTPS

0 %
IPv6

14
Domains

17
Subdomains

17
IPs

5
Countries

1793 kB
Transfer

3833 kB
Size

7
Cookies

63 HTTP transactions
1 data transactions