URL: https://userscloud.com/edwpyhwi2hs4
Submission: On May 23 via manual from SE — Scanned from IS

Summary

This website contacted 17 IPs in 5 countries across 14 domains to perform 63 HTTP transactions. The main IP is 188.114.97.10, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is userscloud.com. The Cisco Umbrella rank of the primary domain is 498267.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2021. Valid for: a year.
This is the only time userscloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 188.114.97.10 13335 (CLOUDFLAR...)
7 142.250.184.206 15169 (GOOGLE)
1 172.64.156.26 13335 (CLOUDFLAR...)
1 142.250.185.168 15169 (GOOGLE)
3 142.250.181.227 15169 (GOOGLE)
4 142.250.186.142 15169 (GOOGLE)
3 172.217.23.106 15169 (GOOGLE)
3 139.45.197.237 9002 (RETN-AS)
6 104.21.45.207 13335 (CLOUDFLAR...)
7 18.66.248.38 16509 (AMAZON-02)
4 188.114.96.10 13335 (CLOUDFLAR...)
1 157.240.236.35 32934 (FACEBOOK)
2 142.250.185.109 15169 (GOOGLE)
2 142.250.185.78 15169 (GOOGLE)
3 13.224.194.145 16509 (AMAZON-02)
1 139.45.195.8 9002 (RETN-AS)
63 17
Apex Domain
Subdomains
Transfer
13 google.com
docs.google.com — Cisco Umbrella Rank: 127
apis.google.com — Cisco Umbrella Rank: 100
accounts.google.com — Cisco Umbrella Rank: 82
434 KB
13 userscloud.com
userscloud.com — Cisco Umbrella Rank: 498267
321 KB
7 wfordsgoo.xyz
wfordsgoo.xyz
8 KB
6 freychang.fun
freychang.fun — Cisco Umbrella Rank: 21790
303 KB
4 dinterperson.xyz
dinterperson.xyz
1 KB
3 cloudfront.net
d1nubxdgom3wqt.cloudfront.net
2 KB
3 betotodilea.com
betotodilea.com — Cisco Umbrella Rank: 60069
31 KB
3 googleapis.com
content.googleapis.com — Cisco Umbrella Rank: 1808
1 KB
3 gstatic.com
www.gstatic.com
ssl.gstatic.com
627 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9438
543 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
39 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1192
5 KB
63 14
Domain Requested by
13 userscloud.com userscloud.com
static.cloudflareinsights.com
7 wfordsgoo.xyz userscloud.com
7 docs.google.com userscloud.com
docs.google.com
www.gstatic.com
6 freychang.fun userscloud.com
4 dinterperson.xyz
4 apis.google.com docs.google.com
apis.google.com
content.googleapis.com
3 d1nubxdgom3wqt.cloudfront.net wfordsgoo.xyz
3 betotodilea.com userscloud.com
betotodilea.com
3 content.googleapis.com apis.google.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 accounts.google.com
2 www.gstatic.com docs.google.com
1 my.rtmark.net betotodilea.com
1 www.facebook.com
1 ssl.gstatic.com www.gstatic.com
1 www.googletagmanager.com userscloud.com
1 static.cloudflareinsights.com userscloud.com
63 17

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-07 -
2022-07-06
a year crt.sh
*.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
betotodilea.com
R3
2022-05-02 -
2022-07-31
3 months crt.sh
wfordsgoo.xyz
Amazon
2022-05-15 -
2023-06-13
a year crt.sh
*.dinterperson.xyz
E1
2022-04-28 -
2022-07-27
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-03-01 -
2022-05-30
3 months crt.sh
accounts.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA
2021-11-20 -
2022-11-26
a year crt.sh

This page contains 6 frames:

Primary Page: https://userscloud.com/edwpyhwi2hs4
Frame ID: 9DD271BC3D48BDB4517295DC591267B9
Requests: 37 HTTP requests in this frame

Frame: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
Frame ID: 574D2718F319F29EEBEA890D6E060F42
Requests: 15 HTTP requests in this frame

Frame: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.8taxElQtOO0.O%2Fd%3D1%2Frs%3DAHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A%2Fm%3D__features__
Frame ID: 9397C9633E3EC8BF20E8048243E53E68
Requests: 5 HTTP requests in this frame

Frame: https://wfordsgoo.xyz/TE50eFItLBcVbS1zFl4nPiJJXWAKa0Y+Nn0gARoqKCkbFWE7PwBWMSAhARw0PiEaDHwiKwBdYAoDFj0iHgEzFwIGGk0dBB4pHjYDGi0sMCIlDTJNGQUNPiAQDjZHKGJ4ez4CIiMoJUBkAxkhHRokFwEaEyQDNTshaXwyIGMoBTgCay4YRUkhAQgDMQcUe0csECMKPS8qFgYlPT0cCDU2FiYDRDA6dAAQAioUCzUtPxwYGCgKKzYfPj48BBE/Fx0GJS05AhgXHBp+dx47Ex0XFkofBRlFADkVHEUiHiF3HjsQfAg+PzEBGkVAGygPBBkUBDYYPQd1KxESfw4HMx8TOgQYSBsONzkUGhopBR5gBR4mPmt0KjUIMx4NMU0GDS01GmACeSBJZ3oeIj0QDxlNEhENfj4zBjwWJUg+eBciCxEEJyFAChl3ETwVJwwmPionFCUMARoZJhURJ3cRHTsGFDA5YngBNkkLByBNERZ8HBIeGigAIkliaiQHFzw8cxoOAQc+TT03Gj1A
Frame ID: 0E8C4B0A706E63D64A343C08E430E711
Requests: 2 HTTP requests in this frame

Frame: https://wfordsgoo.xyz/OUFMM2dYIy9eWFh8LhUSSy1xFlV/ZH51AwgvOVEfXSYjXlROMDgdBFUuOVcBSy4iR0lXJDgWVX8lGAELbRQhBxR7K3wDMm0yDX1VABsqAiFTG31LF3g4DQomfXgZfiB0JgNKCAwPfUQxdRAoAyBTFAJRCnMIBUQAAA8afRd9BXxLMgp0HH4NYAwvX1YICyQHAHgseEkgaggAYw1WCwBhJgslDkASbwV4CiF6GApjHXcNKmBeVCcKBhZucwIFIGoYBH0dCRscdh9RGCtyUG0GClo/CngEalRdJQhmH1EYJFgKe3MaXjQKNj5XCnskAgJeVyR8R15uFWF6DnEoAX4tfSIBeSZ4LygCEHMZC3ELaAk0VQNUAylpEHB2BlQqUxULdjVqcn1pN0MyCngMQSkVVAxIAiZUXmtzPFE+QwQLYzZgZH5xKQk1dX9VTTMde15xG351MF0qKFg+fDV1ZDR4Ow9wU1sOIlcEehc0VD1sA3RrVGwvGQBTHys/XAlJfC8CKU0CJlZVYwUY
Frame ID: AACA1474523F5A618159255C0E1BDE99
Requests: 2 HTTP requests in this frame

Frame: https://wfordsgoo.xyz/RVphNW4kOAJYUSRnAxMbNzZcEFwDf1NzCnQ0FFcWIT0OWF0yKxUbDSk1FFEINzUPQUArPxUQXAM5N2JfNQs2eFwEPQJbNgYfJHE2PTg7cxoUPg13FAciDkAqFgwweCo2LTF2HQgcIA0DBwkJWyg8YitjJgMcLmQZDRANABQGGwJcNigILXYtEBgAcwIVFDN4WAc2MFIoAT0xdy0uHy9NPwgAGWxeEBswQCkRLSN3PQcdO0waJjhQexkdaw1FKAEtJXE9cQ8rXgYnOTAFBhYcFU07KAwlYjkXCycFBic5M2RWBGtYBDwoAxdhJgsOLWMaITskbwAdC0xSFgAgCnwmLAsjZQkUPjtzKxENJ0VcEQ07VzoNFDVTPxwYL2RacAknRi0XNwVRLBY9KHgrLTgCZD8yHgZ8GxY0I1M5FhMtfxkMHytwNCsRUHNaEQ03cTYdEANXKws/AgU0KwIzWgkHDjBTLwIIM3BfLTsFXl8oDVENXh03MBMENjUPRVMcIDJcKCAPDUYGBA
Frame ID: 3E0385EACD9F12202C21058DECC63254
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Userscloud

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

97 %
HTTPS

0 %
IPv6

14
Domains

17
Subdomains

17
IPs

5
Countries

1793 kB
Transfer

3833 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request edwpyhwi2hs4
userscloud.com/
453 KB
171 KB
Document
General
Full URL
https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7abb447a7894fb16ecfd240eb6555ad431656e7b82065d9b7e6073480936004e
Security Headers
Name Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70fa24f9adc2975d-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 23 May 2022 01:51:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sun, 22 May 2022 01:51:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXW4eJKPPqY98N9aZ%2Fo%2F7igEelF7LV54NOWmauDLMg%2BCwcmOhwd%2FItkb1uUNKr9Y5sBIgpbWWMfHTbhOyBuwkaYcOoSMgRk733uSDFSNWk1rblLYYOZiMyzzMXRl49YaNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0;includeSubDomains;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
font-awesome.min.css
userscloud.com/uc/vendor/
23 KB
6 KB
Stylesheet
General
Full URL
https://userscloud.com/uc/vendor/font-awesome.min.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/edwpyhwi2hs4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
587088
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 02 Jan 2021 15:50:50 GMT
server
cloudflare
etag
W/"5ff0965a-5c79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDlYtyE%2BS4pJVik0r5h9wnjj6Llo8P50CaK17FetQZ55ENIUcRJmeVBUKwW6Z5YFY9lfMyr7xMJsZg0iJm4eFevTG2HeZqb1aIdNLLdVAitZwG0HN6Pp3gfMAlOG7SMHvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
70fa24fc3842975d-AMS
access-control-allow-headers
X-Requested-With
expires
Wed, 15 Jun 2022 06:46:17 GMT
bootstrap.css
userscloud.com/css/vendor/
110 KB
20 KB
Stylesheet
General
Full URL
https://userscloud.com/css/vendor/bootstrap.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/edwpyhwi2hs4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
587100
cf-polished
origSize=113031
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 May 2017 15:12:22 GMT
server
cloudflare
etag
W/"591db9d6-1b987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhmxELOeiZdcaMh7CJjPzxioQGWzfy0EgbP%2FWNFYle5FqJQjyFWApSD6wz8X7YN0wukBGktwr%2BBrT20X%2BGp2qvmTbAHssjSknAY7WEfY8DTQTI0TjKUOeyLA6WGv%2BRbieA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Wed, 15 Jun 2022 06:46:05 GMT
cache-control
max-age=2592000
cf-ray
70fa24fc3843975d-AMS
access-control-allow-headers
X-Requested-With
cf-bgj
minify
essentials.css
userscloud.com/css/app/
46 KB
8 KB
Stylesheet
General
Full URL
https://userscloud.com/css/app/essentials.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/edwpyhwi2hs4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1700939
cf-polished
origSize=47095
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 May 2017 15:13:10 GMT
server
cloudflare
etag
W/"591dba06-b7f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBgGr6RVT9e%2FZVrxmKmEPNr9nYZKnzjPQIVe08bvrq3KCcdvA4jcQPbjUfY341plBwGw4fVQV%2BdFZ%2FK7GgUMf44agtEwskuULaFnMLYH8YZCxcaXaP74FsVgaNxada3iNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Thu, 02 Jun 2022 09:22:06 GMT
cache-control
max-age=2592000
cf-ray
70fa24fc3844975d-AMS
access-control-allow-headers
X-Requested-With
cf-bgj
minify
layout.min.css
userscloud.com/css/app/
6 KB
2 KB
Stylesheet
General
Full URL
https://userscloud.com/css/app/layout.min.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/edwpyhwi2hs4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1700939
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 02 Jan 2021 15:52:04 GMT
server
cloudflare
etag
W/"5ff096a4-17d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAjcFh2cqF2G4XqLfKMy%2BXWRnTpEXyRNkracZ6yWtP8HrebscV9c5SvR94ER9JHjEa62amAiT3rEW6mHJLdRJPwtWA8Gz%2BPJsX4rhYTy2XGLYoiA83XjA46KgIuSuNp07Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
70fa24fc3846975d-AMS
access-control-allow-headers
X-Requested-With
expires
Thu, 02 Jun 2022 09:22:06 GMT
navbar.css
userscloud.com/css/app/
21 KB
4 KB
Stylesheet
General
Full URL
https://userscloud.com/css/app/navbar.css
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/edwpyhwi2hs4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
290710
cf-polished
origSize=21572
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 May 2017 15:14:54 GMT
server
cloudflare
etag
W/"591dba6e-5444"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adA3MtxPp5yXHUTIlMYbSDQ0r59rgXWyliI1SIFHJRln%2FgSZD0tGSDuCn0euXJZZKJSKL8nShKtqUS1cNucMSlT6WCDSi1X6%2BujSXTfc9TmrmzAMmdsQsViqoOv9sAjXAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Sat, 18 Jun 2022 17:05:55 GMT
cache-control
max-age=2592000
cf-ray
70fa24fc3848975d-AMS
access-control-allow-headers
X-Requested-With
cf-bgj
minify
gview
docs.google.com/ Frame 574D
9 KB
4 KB
Document
General
Full URL
https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
GSE /
Resource Hash
1e4761a2891bcea0fe7c1d190004e9b86eac17f78114fd8f104f9e1d929f02e7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sUTLlPqeXd7v5P69APOkOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://userscloud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-sUTLlPqeXd7v5P69APOkOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy-report-only
require-corp; report-to="apps-viewer"
cross-origin-opener-policy-report-only
same-origin; report-to="apps-viewer"
date
Mon, 23 May 2022 01:51:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
logo_s.jpg
userscloud.com/images/
2 KB
2 KB
Image
General
Full URL
https://userscloud.com/images/logo_s.jpg
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/edwpyhwi2hs4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:05 GMT
access-control-allow-methods
GET,POST,OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1700939
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1624
last-modified
Thu, 17 Dec 2020 16:14:49 GMT
server
cloudflare
etag
"5fdb83f9-658"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyo2Kf9O4lKshrhT3rOdaSDZpQnHHn1bRpE5uqrv0cDf6scIcFveYW58kT1cxuvCicIbm5%2BMzVO0VI7RdR1w%2FTpHrsvVBZ9H3drTGBNzeUIOCMvmEOfhp1qI4yd271iglg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
70fa24fdd8aa979d-AMS
access-control-allow-headers
X-Requested-With
expires
Thu, 02 Jun 2022 09:22:06 GMT
rocket-loader.min.js
userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/edwpyhwi2hs4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 May 2022 19:29:40 GMT
server
cloudflare
etag
W/"6283f7a4-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7%2FZzmcyAYYTlXW2akCEJRMxDD7whkMHQdy4pNk9r9EGR1M0sR%2BYvu1o0iCd%2FdaQguO22FpyXJ7U8D4lxLw8vTEcR9j6RSJUl%2FHxxUUUVDbASyAWF%2FlTVIrtHMP%2BuQDCBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70fa24fdd8b5979d-AMS
vary
Accept-Encoding
expires
Wed, 25 May 2022 01:51:05 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/
14 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.156.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://userscloud.com/
Origin
https://userscloud.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:06 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
70fa24ff28df0099-AMS
fontawesome-webfont.woff2
userscloud.com/uc/fonts/
55 KB
56 KB
Font
General
Full URL
https://userscloud.com/uc/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: userscloud.com
URL: https://userscloud.com/uc/vendor/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
https://userscloud.com/uc/vendor/font-awesome.min.css
Origin
https://userscloud.com
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:05 GMT
access-control-allow-methods
GET,POST,OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
586877
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56780
last-modified
Mon, 14 Dec 2020 20:14:38 GMT
server
cloudflare
etag
"5fd7c7ae-ddcc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbEv%2FIDGbE8yCOMFHpeV5vPL5%2B9u1Mrla3Zk5LzxbH%2BALqIWuY7%2F2olMWgn00QDPVVPgarcNgwuibwfwb9iQR7tbdLe7hVsM4sWFSd7YwfOqN5tGO8w8XWhNnwG9g2wBkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
70fa24fde8b9979d-AMS
access-control-allow-headers
X-Requested-With
expires
Wed, 15 Jun 2022 06:49:48 GMT
js
www.googletagmanager.com/gtag/
99 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-70768172-1
Requested by
Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e7493cd8a31ae229762ea360bd4332492861a2a4ee6c3e232a086df61757383f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39161
x-xss-protection
0
last-modified
Mon, 23 May 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 May 2022 01:51:06 GMT
bootstrap.js
userscloud.com/
35 KB
10 KB
Script
General
Full URL
https://userscloud.com/bootstrap.js
Requested by
Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/edwpyhwi2hs4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5894
cf-polished
origSize=35778
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 26 Dec 2020 13:26:43 GMT
server
cloudflare
etag
W/"8bc2-5b75dfde473c8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oG2PMkBYAWoJulIEqCfaiwQBHNSddPJ3dXAwNC5rhUMlF3bXAMjnp%2BY7dB8Nth6fW%2F4Mv3MkXoABhDVKh%2Bb6EvXqZUSltrt04x%2F2yS3DFIf7jyUPb3AcAdc4iMwQQD7Emg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=259200
cf-ray
70fa24ff3991979d-AMS
access-control-allow-headers
X-Requested-With
cf-bgj
minify
de.min.js
userscloud.com/js/
10 KB
5 KB
Script
General
Full URL
https://userscloud.com/js/de.min.js
Requested by
Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf57ad31292cf2771a7126437a37465a818dfb3e98520671db8da48e3212e4e

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/edwpyhwi2hs4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
577130
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 09 Feb 2022 08:13:30 GMT
server
cloudflare
etag
W/"620377aa-29fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDDg6bQRDA56uVMzCyV%2BvQhxmelEOL8Me1jb4IGXideboOWuBXGbss92cmgvTP50udjmtzv9ZigludN%2BFSZNmZ%2F2y4W7VKi%2Bc2%2BY8SMuKh5GXRSU1OcBQVGUUXoQ4pxZ7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
70fa24ff3992979d-AMS
access-control-allow-headers
X-Requested-With
expires
Wed, 15 Jun 2022 09:32:16 GMT
jquery.min.js
userscloud.com/assets/library/jquery/
91 KB
34 KB
Script
General
Full URL
https://userscloud.com/assets/library/jquery/jquery.min.js?v=v2.0.0-rc8&sv=v0.0.1.2
Requested by
Host: userscloud.com
URL: https://userscloud.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/edwpyhwi2hs4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
290709
access-control-allow-methods
GET,POST,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 25 May 2014 12:12:31 GMT
server
cloudflare
etag
W/"5381de2f-16b88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxgoQT1YZsVqcEGAnTLArK%2Bzm9iJ3P54oJ888xHZUBuOXW40jcHz6BBaEMLTF%2FyZ1sGcYfbU7Z7YgqzTdm4kWRiDq3YoNmQBHYfVOcmr26tM%2BXDrST1bwmSoRJeXr5glug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
70fa24ff3993979d-AMS
access-control-allow-headers
X-Requested-With
expires
Sat, 18 Jun 2022 17:05:57 GMT
rs=AC2dHMKI48TJdAI8ZM6PWvGLspr4l916Yg
www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.dft-w7U5DvY.L.W.O/d=0/ Frame 574D
174 KB
175 KB
Stylesheet
General
Full URL
https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.dft-w7U5DvY.L.W.O/d=0/rs=AC2dHMKI48TJdAI8ZM6PWvGLspr4l916Yg
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
1397f43efd4895302bfbde46e8a59ba41bcb17db65205377b5fead4b881408e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 May 2022 19:06:07 GMT
x-content-type-options
nosniff
age
542699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
178671
x-xss-protection
0
last-modified
Thu, 12 May 2022 19:11:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-viewer"
vary
Accept-Encoding
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 19:06:07 GMT
thumb
docs.google.com/viewerng/ Frame 574D
115 KB
115 KB
Image
General
Full URL
https://docs.google.com/viewerng/thumb?ds=AON1mFwnESSi9J56SSX-hegZWB7hO4BJ21eBW1AXp14KM6_FFqARPPbBUkeU_HMC9B9gtggJfSNQXvEIit3kmDDoFQRPlkWHgcBIGUarJdVRAOkFg7R61uDH-fC25vu68I80iZcrzpl9mIbi7ti2CPyDSOu20xvF4IwFthANOtB7QIcV7LKVMff4690eNpioci5DiIMSBOcAFf9AGb0I8KnQj-7det-wvgUtDAeoJOzyf3p3cM7k9OnF7XS_rSiWprrW_YuZYv9TihCvzuJ8wHw7MdexjGI9gfIk7WwmMX_yRRt0xghMgjuo7JSvdgrdxg5hFQJP6Eugbuu3BvJYTIDGY1BtLTRzQYj7wSfUF92VjSSHxfSvhUQ%3D&ck=lantern&authuser&w=800&webp=true&p=proj
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
GSE /
Resource Hash
b602f60086baca8ea3702b236977564903e94e7cc6ab373c7fa1a7f09676637f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w2OPe3Y9bnrHngqQUHqq-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:06 GMT
cross-origin-embedder-policy-report-only
require-corp; report-to="apps-viewer"
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
image/png
cache-control
private, max-age=300
content-security-policy
script-src 'report-sample' 'nonce-w2OPe3Y9bnrHngqQUHqq-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
cross-origin-opener-policy-report-only
same-origin; report-to="apps-viewer"
expires
Mon, 23 May 2022 01:51:06 GMT
m=main
www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/ Frame 574D
1 MB
405 KB
Script
General
Full URL
https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/m=main
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
7707e6a89da61b6a3d8444083979ce915046842e05ca151bf4f652cfc6776dae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 May 2022 08:44:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
320794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-viewer
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
414058
x-xss-protection
0
last-modified
Thu, 12 May 2022 13:08:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-viewer"
vary
Accept-Encoding
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 May 2023 08:44:32 GMT
client.js
apis.google.com/js/ Frame 574D
14 KB
6 KB
Script
General
Full URL
https://apis.google.com/js/client.js
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
sffe /
Resource Hash
3598a9ee778aeaeb5293e246e3d2939d92edc82889becca991d5be56f9ab1568
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Mon, 23 May 2022 01:51:06 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"bf0d2e739b795f09"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 May 2022 01:51:06 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/ Frame 574D
313 KB
106 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
sffe /
Resource Hash
d55db21d4ee05507a028a1d46c52ca0bdb7d1db711cbcb5040233a865d25bf08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 May 2022 03:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108243
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 May 2023 03:31:46 GMT
v-sprite43.svg
ssl.gstatic.com/docs/common/viewer/v3/ Frame 574D
106 KB
47 KB
Image
General
Full URL
https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite43.svg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/ss/k=apps-viewer.standalone.dft-w7U5DvY.L.W.O/d=0/rs=AC2dHMKI48TJdAI8ZM6PWvGLspr4l916Yg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
9957cdb6efb34b018994223d4317d7ab45f2d7168bcc319f04fa373e23dc8c1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 May 2022 12:09:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
49311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47363
x-xss-protection
0
last-modified
Sat, 05 Mar 2022 00:28:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Mon, 22 May 2023 12:09:16 GMT
meta
docs.google.com/viewerng/ Frame 574D
36 B
85 B
XHR
General
Full URL
https://docs.google.com/viewerng/meta?id=ACFrOgA69hH_Ipk7K6EUSEJXuMxUwkzCFTKvgC6bvFm-DkFnji22LKjcqgA71oRC34TCyHkahIE3krVHn1B_WDb7GKlzqce3oJd0g-hmqTug9ssLvhnTaSqNWINJkOeYZWxziDshBOSpb5ZZuFfT
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/m=main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
GSE /
Resource Hash
450f6ca98d98ad460909a056162d17b1e267d3251c1a4150d79c879d2fcc3304
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JnF33yPDvXkpsJKQ_1a2lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 01:51:07 GMT
cross-origin-embedder-policy-report-only
require-corp; report-to="apps-viewer"
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-JnF33yPDvXkpsJKQ_1a2lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
cross-origin-opener-policy-report-only
same-origin; report-to="apps-viewer"
expires
Mon, 01 Jan 1990 00:00:00 GMT
img
docs.google.com/viewerng/ Frame 574D
115 KB
115 KB
XHR
General
Full URL
https://docs.google.com/viewerng/img?id=ACFrOgA69hH_Ipk7K6EUSEJXuMxUwkzCFTKvgC6bvFm-DkFnji22LKjcqgA71oRC34TCyHkahIE3krVHn1B_WDb7GKlzqce3oJd0g-hmqTug9ssLvhnTaSqNWINJkOeYZWxziDshBOSpb5ZZuFfT&page=0&w=800&webp=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/m=main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
GSE /
Resource Hash
b602f60086baca8ea3702b236977564903e94e7cc6ab373c7fa1a7f09676637f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zdT_tEg2cNrkOJH51Mx0Bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 01:51:07 GMT
cross-origin-embedder-policy-report-only
require-corp; report-to="apps-viewer"
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
image/png
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-zdT_tEg2cNrkOJH51Mx0Bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
cross-origin-opener-policy-report-only
same-origin; report-to="apps-viewer"
expires
Mon, 01 Jan 1990 00:00:00 GMT
presspage
docs.google.com/viewerng/ Frame 574D
17 KB
5 KB
XHR
General
Full URL
https://docs.google.com/viewerng/presspage?id=ACFrOgA69hH_Ipk7K6EUSEJXuMxUwkzCFTKvgC6bvFm-DkFnji22LKjcqgA71oRC34TCyHkahIE3krVHn1B_WDb7GKlzqce3oJd0g-hmqTug9ssLvhnTaSqNWINJkOeYZWxziDshBOSpb5ZZuFfT&page=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/m=main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
GSE /
Resource Hash
a704058c72cb7923898e027047e41364c0c42948cf9a080889ceb56a0a9a1fc5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZbyEXywGnbT7hKjaGOckPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 01:51:07 GMT
cross-origin-embedder-policy-report-only
require-corp; report-to="apps-viewer"
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-ZbyEXywGnbT7hKjaGOckPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
cross-origin-opener-policy-report-only
same-origin; report-to="apps-viewer"
expires
Mon, 01 Jan 1990 00:00:00 GMT
img
docs.google.com/viewerng/ Frame 574D
52 KB
52 KB
XHR
General
Full URL
https://docs.google.com/viewerng/img?id=ACFrOgA69hH_Ipk7K6EUSEJXuMxUwkzCFTKvgC6bvFm-DkFnji22LKjcqgA71oRC34TCyHkahIE3krVHn1B_WDb7GKlzqce3oJd0g-hmqTug9ssLvhnTaSqNWINJkOeYZWxziDshBOSpb5ZZuFfT&page=1&w=800&webp=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/m=main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
GSE /
Resource Hash
cf6f1e041ab94351f35418186cab4f72c8853829910c8789251295ab82af5baf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-igYEtruJDxsJ8NCXPwas-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 01:51:07 GMT
cross-origin-embedder-policy-report-only
require-corp; report-to="apps-viewer"
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
image/png
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-igYEtruJDxsJ8NCXPwas-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
cross-origin-opener-policy-report-only
same-origin; report-to="apps-viewer"
expires
Mon, 01 Jan 1990 00:00:00 GMT
presspage
docs.google.com/viewerng/ Frame 574D
8 KB
3 KB
XHR
General
Full URL
https://docs.google.com/viewerng/presspage?id=ACFrOgA69hH_Ipk7K6EUSEJXuMxUwkzCFTKvgC6bvFm-DkFnji22LKjcqgA71oRC34TCyHkahIE3krVHn1B_WDb7GKlzqce3oJd0g-hmqTug9ssLvhnTaSqNWINJkOeYZWxziDshBOSpb5ZZuFfT&page=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/apps-viewer/_/js/k=apps-viewer.standalone.is.BRuKfEC_Nzw.O/d=1/rs=AC2dHMKfrvRwqkzRs138SarRIakiWeyqnA/m=main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
GSE /
Resource Hash
b1d36aa14add1f69a38389524a5e327105c61f050141e448f4893589a61adefd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PGPvIVB6DmdkZIw1Lq40cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 01:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy-report-only
require-corp; report-to="apps-viewer"
x-frame-options
SAMEORIGIN
report-to
{"group":"apps-viewer","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-viewer"}]}
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-PGPvIVB6DmdkZIw1Lq40cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
cross-origin-opener-policy-report-only
same-origin; report-to="apps-viewer"
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 574D
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
5df78269-50e7-4c2a-ad82-1ccc68f75ee0
https://docs.google.com/ Frame 574D
52 KB
0
Image
General
Full URL
blob:https://docs.google.com/5df78269-50e7-4c2a-ad82-1ccc68f75ee0
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf6f1e041ab94351f35418186cab4f72c8853829910c8789251295ab82af5baf

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
53340
Content-Type
image/png
e594f05e-a0c9-49e7-bc9c-1558cbdd647c
https://docs.google.com/ Frame 574D
115 KB
0
Image
General
Full URL
blob:https://docs.google.com/e594f05e-a0c9-49e7-bc9c-1558cbdd647c
Requested by
Host: docs.google.com
URL: https://docs.google.com/gview?url=https://cloud1.userscloud.com/cgi-bin/dl.cgi/srwnpt237mbsvjdb4kg4zckelyifvjkunswdlaqvfml2ny5n45qedmq/edwpyhwi2hs4.pdf&embedded=true
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b602f60086baca8ea3702b236977564903e94e7cc6ab373c7fa1a7f09676637f

Request headers

accept-language
is-IS,is;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
117800
Content-Type
image/png
proxy.html
content.googleapis.com/static/ Frame 9397
382 B
1 KB
Document
General
Full URL
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.8taxElQtOO0.O%2Fd%3D1%2Frs%3DAHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f10.1e100.net
Software
sffe /
Resource Hash
8a8ad832c8566a3f775751ea130760e30047a3628c2167f3566fe4998d0e5396
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-_0uDbTyBMTSoWFZmeXir_g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
271
content-security-policy
script-src 'nonce-_0uDbTyBMTSoWFZmeXir_g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none'
content-type
text/html
cross-origin-embedder-policy
require-corp; report-to="apiserving"
cross-origin-opener-policy-report-only
same-origin; report-to="apiserving"
cross-origin-resource-policy
cross-origin
date
Mon, 23 May 2022 01:51:08 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Fri, 17 Jul 2020 22:45:00 GMT
pragma
no-cache
report-to
{"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
googleapis.proxy.js
apis.google.com/js/ Frame 9397
14 KB
5 KB
Script
General
Full URL
https://apis.google.com/js/googleapis.proxy.js?onload=startup
Requested by
Host: content.googleapis.com
URL: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.8taxElQtOO0.O%2Fd%3D1%2Frs%3DAHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
sffe /
Resource Hash
c53a25c1a5c781b430b6eff3624cdfd8d0e26268878d08daf54a41a42b16263a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Mon, 23 May 2022 01:51:08 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"7e4c585d161c60d6"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 May 2022 01:51:08 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/ Frame 9397
66 KB
23 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
sffe /
Resource Hash
df65a54b38edd28d5bf3cbcf90eebe4dedb4659cccd065fa3fc5e7e1735de059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://content.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 19 May 2022 10:59:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
312694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23277
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 May 2023 10:59:34 GMT
4859604
betotodilea.com/400/
77 KB
30 KB
Script
General
Full URL
https://betotodilea.com/400/4859604
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a292096fd61a012c9a5dcddcc45e09ca5b2099fde80e0e8c291efb469cc1e889
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
66b33299414dbf30832510ecc6aecbba
pragma
no-cache
date
Mon, 23 May 2022 01:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
asd100.bin
freychang.fun/
100 KB
101 KB
Fetch
General
Full URL
https://freychang.fun/asd100.bin
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:08 GMT
access-control-allow-methods
GET
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4194
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 23 May 2022 00:41:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOsNEzGlnn%2FCyPNtN%2FD1mCbNcOKVGWZ1g%2F%2Bb8JksAiE%2FqR94g9rKDbqpKAXHvfwp%2FcuT7o545noLpL5POwut%2B9546ijVH3mBBlgdhhjhm0h%2FWS1DF5UwAnsAcqtSpYB8"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
access-control-allow-origin
https://userscloud.com
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
70fa25107b64977c-AMS
access-control-allow-headers
X-Requested-With, content-type
/
freychang.fun/
26 B
373 B
Fetch
General
Full URL
https://freychang.fun/
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d52ffc74da6614fa53c49bf50817a6e2f36182020f4b7049e0bfbed694e032

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://userscloud.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWAkY%2Feh3zOG%2BsuVeR2w3jRYkBQTw3iSgz6b%2BSoeeosFgFTN5XDz9KpNNF0kc5d0rWoQzWyx%2B%2BKxvZ8pFuv4KMFTtdlUeViBGWn2zdtLvpCqAzJQ%2BsjTv14C9pIJKApy"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
70fa25107b67977c-AMS
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
wfordsgoo.xyz/
0
490 B
XHR
General
Full URL
https://wfordsgoo.xyz/utx?cb=3OtO3EUGvB9l&top=userscloud.com&tid=600304
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-38.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 01:51:08 GMT
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://userscloud.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
w5nYzF9unUWJoSZMUiHmJDIBlD9BkzDwr3b-Bv_YOuJ50gAm0DxQPA==
Fx0GJS05AhgXHBp+dx47Ex0XFkofBRlFADkVHEUiHiF3HjsQfAg+PzEBGkVAGygPBBkUBDYYPQd1KxESfw4HMx8TOgQYSBsONzkUGhopBR5gBR4mPmt0KjUIMx4NMU0GDS01GmACeSBJZ3oeIj0QDxlNEhENfj4zBjwWJUg+eBciCxEEJyFAChl3ETwVJwwmPionF...
wfordsgoo.xyz/TE50eFItLBcVbS1zFl4nPiJJXWAKa0Y+Nn0gARoqKCkbFWE7PwBWMSAhARw0PiEaDHwiKwBdYAoDFj0iHgEzFwIGGk0dBB4pHjYDGi0sMCIlDTJNGQUNPiAQDjZHKGJ4ez4CIiMoJUBkAxkhHRokFwEaEyQDNTshaXwyIGMoBTgCay4YRUkhAQg... Frame 0E8C
3 KB
2 KB
Document
General
Full URL
https://wfordsgoo.xyz/TE50eFItLBcVbS1zFl4nPiJJXWAKa0Y+Nn0gARoqKCkbFWE7PwBWMSAhARw0PiEaDHwiKwBdYAoDFj0iHgEzFwIGGk0dBB4pHjYDGi0sMCIlDTJNGQUNPiAQDjZHKGJ4ez4CIiMoJUBkAxkhHRokFwEaEyQDNTshaXwyIGMoBTgCay4YRUkhAQgDMQcUe0csECMKPS8qFgYlPT0cCDU2FiYDRDA6dAAQAioUCzUtPxwYGCgKKzYfPj48BBE/Fx0GJS05AhgXHBp+dx47Ex0XFkofBRlFADkVHEUiHiF3HjsQfAg+PzEBGkVAGygPBBkUBDYYPQd1KxESfw4HMx8TOgQYSBsONzkUGhopBR5gBR4mPmt0KjUIMx4NMU0GDS01GmACeSBJZ3oeIj0QDxlNEhENfj4zBjwWJUg+eBciCxEEJyFAChl3ETwVJwwmPionFCUMARoZJhURJ3cRHTsGFDA5YngBNkkLByBNERZ8HBIeGigAIkliaiQHFzw8cxoOAQc+TT03Gj1A
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-38.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
bc4502d4ebb07a2e8c58ccc345a184506c98c22a4c4e3548a1487f0bcef668e0

Request headers

Referer
https://userscloud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1235
content-type
text/html
date
Mon, 23 May 2022 01:51:08 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-amz-cf-id
qrX1-DFu_hAqMizOh97DWrr3-D6lG8QBMSM1K00faH9PUCm2z3esbg==
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
asd100.bin
freychang.fun/
100 KB
100 KB
Fetch
General
Full URL
https://freychang.fun/asd100.bin
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:08 GMT
access-control-allow-methods
GET
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4194
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 23 May 2022 00:41:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DisECwLs9HdraaAWiYmIEbhu5VAsUcmeLF6qVMjqT47afyuMRfKKw8fW0zRqrxAAD0pt%2BK1DhZwdXr6XpmF354oNZzHREoyTUQJqFo8FpOEkK9f%2BZYtyd4XvREqyf6l9"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
access-control-allow-origin
https://userscloud.com
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
70fa25107b69977c-AMS
access-control-allow-headers
X-Requested-With, content-type
/
freychang.fun/
26 B
347 B
Fetch
General
Full URL
https://freychang.fun/
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b348f48d8a36187e4f7b80cf9b3ed94d614b9d20b4facd29ecc7c9af121c01c1

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://userscloud.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lCwVTjhnw7XSnUvzea0tp9POi7rW3ytmBDIP8XZ7dI6wGx8%2FlAOnZa0dHGQp7k6tZgZWsKOLvVH9t7Ni4gA2Bc1N36OeMrZyQ0kKd3gaMQghuMQaDh%2BzOagEKnAod1r"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
70fa25107b68977c-AMS
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
wfordsgoo.xyz/
0
489 B
XHR
General
Full URL
https://wfordsgoo.xyz/utx?cb=k80jrp0gdOFJ&top=userscloud.com&tid=708052
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-38.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 01:51:08 GMT
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://userscloud.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
UlhNZlKIoZm9D9TASGer6_FzvpPcENYtbUrE2leBcBaU75qQ5ktEEw==
XAlJfC8CKU0CJlZVYwUY
wfordsgoo.xyz/OUFMM2dYIy9eWFh8LhUSSy1xFlV/ZH51AwgvOVEfXSYjXlROMDgdBFUuOVcBSy4iR0lXJDgWVX8lGAELbRQhBxR7K3wDMm0yDX1VABsqAiFTG31LF3g4DQomfXgZfiB0JgNKCAwPfUQxdRAoAyBTFAJRCnMIBUQAAA8afRd9BXxLMgp0HH4NYAw... Frame AACA
3 KB
2 KB
Document
General
Full URL
https://wfordsgoo.xyz/OUFMM2dYIy9eWFh8LhUSSy1xFlV/ZH51AwgvOVEfXSYjXlROMDgdBFUuOVcBSy4iR0lXJDgWVX8lGAELbRQhBxR7K3wDMm0yDX1VABsqAiFTG31LF3g4DQomfXgZfiB0JgNKCAwPfUQxdRAoAyBTFAJRCnMIBUQAAA8afRd9BXxLMgp0HH4NYAwvX1YICyQHAHgseEkgaggAYw1WCwBhJgslDkASbwV4CiF6GApjHXcNKmBeVCcKBhZucwIFIGoYBH0dCRscdh9RGCtyUG0GClo/CngEalRdJQhmH1EYJFgKe3MaXjQKNj5XCnskAgJeVyR8R15uFWF6DnEoAX4tfSIBeSZ4LygCEHMZC3ELaAk0VQNUAylpEHB2BlQqUxULdjVqcn1pN0MyCngMQSkVVAxIAiZUXmtzPFE+QwQLYzZgZH5xKQk1dX9VTTMde15xG351MF0qKFg+fDV1ZDR4Ow9wU1sOIlcEehc0VD1sA3RrVGwvGQBTHys/XAlJfC8CKU0CJlZVYwUY
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-38.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
c2b282c35ab3c15a07f9d65227f0823e84cde933ac12ce84c1307360520f61fa

Request headers

Referer
https://userscloud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1235
content-type
text/html
date
Mon, 23 May 2022 01:51:08 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-amz-cf-id
LnbY6-YAADMGemKPKsaPAJO8p1nKdKcZZSQQd077H3a80TEq1CLrKw==
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
asd100.bin
freychang.fun/
100 KB
100 KB
Fetch
General
Full URL
https://freychang.fun/asd100.bin
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:08 GMT
access-control-allow-methods
GET
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4194
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 23 May 2022 00:41:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5bnn%2FmBQxUDy3AhK73LODaJeBAkIphzzNjgUAXJqYROnuj8Pu5dmEOKQtgS6wvEXzdjJd856FsX7Akv0b4ZxofVjn1pYNX0LyrXwqiQPxdmgl6ue1FpIPLJoO3VOWse"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
access-control-allow-origin
https://userscloud.com
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
70fa25107b6a977c-AMS
access-control-allow-headers
X-Requested-With, content-type
/
freychang.fun/
27 B
350 B
Fetch
General
Full URL
https://freychang.fun/
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290d3b6f4132ec0bd6f5c0b66e56a22f486f915aa57421f8664d6ab0798eeabe

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://userscloud.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItFBdew%2BTa2ixRDoRtHUMS7VeErNlomwCmx3djkDtaRld1D2D6RCDgKXZRLzSIHqemmucOHOxgw%2FIk19WgCjZJtm4gMs%2BA%2FPp8KAnxG03fQKak5JAcTf9sNJeBEYfoiR"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
70fa25107b6b977c-AMS
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
wfordsgoo.xyz/
0
491 B
XHR
General
Full URL
https://wfordsgoo.xyz/utx?cb=acAquhwZ1lHI&top=userscloud.com&tid=816973
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-38.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 01:51:08 GMT
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://userscloud.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
S22OfxZ3EuCQC-TR2q-QalDUJ8JmiAVEVQFIyFECf1PXNyIqvKOgzQ==
AgU0KwIzWgkHDjBTLwIIM3BfLTsFXl8oDVENXh03MBMENjUPRVMcIDJcKCAPDUYGBA
wfordsgoo.xyz/RVphNW4kOAJYUSRnAxMbNzZcEFwDf1NzCnQ0FFcWIT0OWF0yKxUbDSk1FFEINzUPQUArPxUQXAM5N2JfNQs2eFwEPQJbNgYfJHE2PTg7cxoUPg13FAciDkAqFgwweCo2LTF2HQgcIA0DBwkJWyg8YitjJgMcLmQZDRANABQGGwJcNigILXYtEBg... Frame 3E03
3 KB
2 KB
Document
General
Full URL
https://wfordsgoo.xyz/RVphNW4kOAJYUSRnAxMbNzZcEFwDf1NzCnQ0FFcWIT0OWF0yKxUbDSk1FFEINzUPQUArPxUQXAM5N2JfNQs2eFwEPQJbNgYfJHE2PTg7cxoUPg13FAciDkAqFgwweCo2LTF2HQgcIA0DBwkJWyg8YitjJgMcLmQZDRANABQGGwJcNigILXYtEBgAcwIVFDN4WAc2MFIoAT0xdy0uHy9NPwgAGWxeEBswQCkRLSN3PQcdO0waJjhQexkdaw1FKAEtJXE9cQ8rXgYnOTAFBhYcFU07KAwlYjkXCycFBic5M2RWBGtYBDwoAxdhJgsOLWMaITskbwAdC0xSFgAgCnwmLAsjZQkUPjtzKxENJ0VcEQ07VzoNFDVTPxwYL2RacAknRi0XNwVRLBY9KHgrLTgCZD8yHgZ8GxY0I1M5FhMtfxkMHytwNCsRUHNaEQ03cTYdEANXKws/AgU0KwIzWgkHDjBTLwIIM3BfLTsFXl8oDVENXh03MBMENjUPRVMcIDJcKCAPDUYGBA
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-38.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
671e4903095489b36dea2a0826f4b0971bfb9ef76ae92fb02478baa4b69baebd

Request headers

Referer
https://userscloud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1232
content-type
text/html
date
Mon, 23 May 2022 01:51:08 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-amz-cf-id
eSypdh5SdmrAOrbiaUFEhtkkYb7dqdcDzKViJtmwpcFmCjbt4xYdWg==
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
WTVxdXV2ChIGSDpgGg8WD1E4EBIfdigwJy53GhEeC20GNiRrbFcBHD0IR0VFagVFUwUwUUxEUypBEAEAKghAUxw3Ux5IUy8IQFtGbRtDQ1tpEwRIRH9BARQSZARXBQEtWUxEQ2wGQ0JFbwNJQ0dp
dinterperson.xyz/
0
486 B
Image
General
Full URL
https://dinterperson.xyz/WTVxdXV2ChIGSDpgGg8WD1E4EBIfdigwJy53GhEeC20GNiRrbFcBHD0IR0VFagVFUwUwUUxEUypBEAEAKghAUxw3Ux5IUy8IQFtGbRtDQ1tpEwRIRH9BARQSZARXBQEtWUxEQ2wGQ0JFbwNJQ0dp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBaurRr5HYdIS2xrHM1%2FFCyj9aEqls%2BmixjxIdjHFgOqyghfNOv3sSYFSrKItPUbNfuOpr6B%2BfC5oYI8%2FKq6jinMr9ORcFTHPRywQ6DQkwDTVIFC%2BBzRe%2BkNcl5oE1H2%2F2GH"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
70fa251109d94c19-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/
0
0
Image
General
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ServiceLogin
accounts.google.com/
0
0
Image
General
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.109 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f13.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ServiceLogin
accounts.google.com/
0
0
Image
General
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.109 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f13.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Y00zOTlMclBKBDQjV39jNHRabVcpKWtUDCIpdWtfARh5C28lIhVNUAdwBAkBU3gBH0kKKQ4LAEU+R1hNFj4OCB8KI1VWBEU7DggXU2MGARdTa0YECEU5Q1heXnwVSU0XIQ4ID1Z+AQ4JVXsLDw5b
dinterperson.xyz/
0
249 B
Image
General
Full URL
https://dinterperson.xyz/Y00zOTlMclBKBDQjV39jNHRabVcpKWtUDCIpdWtfARh5C28lIhVNUAdwBAkBU3gBH0kKKQ4LAEU+R1hNFj4OCB8KI1VWBEU7DggXU2MGARdTa0YECEU5Q1heXnwVSU0XIQ4ID1Z+AQ4JVXsLDw5b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzmnjXr5Swtnwc64%2F0jrzKbC4E5%2FPgHItFJdSWalbsoe2RJ%2FWmS7AC6kVNz7%2BWl16YyllpsyF2IgoeYzzdhZJVLCVUqRXMpI2NODatemH3%2FOEmlaRuHS%2BErIEnvkaSB8grUb"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
70fa251109db4c19-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Wn8OSCMMZEseMh8tFgVzXWxJCnVbb0wAdFJo
dinterperson.xyz/WXo4Qmt2RVsxVg0tbgAmNzAPFFgYOGpxXj0ZeRgoPzxycSgyOx42Aj1HAHNdYE0LZBswHgVwUn8JTCMfLAkFc00wFF4tVn8MBXNFaVQNekVpXE1/
0
244 B
Image
General
Full URL
https://dinterperson.xyz/WXo4Qmt2RVsxVg0tbgAmNzAPFFgYOGpxXj0ZeRgoPzxycSgyOx42Aj1HAHNdYE0LZBswHgVwUn8JTCMfLAkFc00wFF4tVn8MBXNFaVQNekVpXE1/Wn8OSCMMZEseMh8tFgVzXWxJCnVbb0wAdFJo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufUbp48zFFNsYP4EQMuMiefn2eFGjZv3DokYPoayisUPWR7gy9cDyZqJBbIAZZElNvstmqm7LXrPXnz%2FH7mb6swgB9Wn72a5iwTNNGYDPCxunJVTsEMPoDgG%2FSdz2hy7s7Ya"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
70fa251109dc4c19-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rum
userscloud.com/cdn-cgi/
0
165 B
XHR
General
Full URL
https://userscloud.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://userscloud.com/edwpyhwi2hs4
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 23 May 2022 01:51:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://userscloud.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
70fa250fce79979d-AMS
vary
Origin
viewerimpressions
content.googleapis.com/drive/v2internal/ Frame 9397
0
15 B
XHR
General
Full URL
https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f10.1e100.net
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://docs.google.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.8taxElQtOO0.O%2Fd%3D1%2Frs%3DAHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Goog-AuthUser
0
X-Referer
https://docs.google.com

Response headers

pragma
no-cache
date
Mon, 23 May 2022 01:51:09 GMT
server
GSE
etag
"vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin, X-Origin
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Jan 1990 00:00:00 GMT
viewerimpressions
content.googleapis.com/drive/v2internal/ Frame 9397
0
15 B
XHR
General
Full URL
https://content.googleapis.com/drive/v2internal/viewerimpressions?key=AIzaSyDVQw45DwoYh632gvsP5vPDqEKvb-Ywnb8&alt=json
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.is.8taxElQtOO0.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f10.1e100.net
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-Goog-Encode-Response-If-Executable
base64
X-Origin
https://docs.google.com
X-ClientDetails
appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Referer
https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.is.8taxElQtOO0.O%2Fd%3D1%2Frs%3DAHpOoo-6iuc8vz83dvot8CI6JsaHd9Np7A%2Fm%3D__features__
X-Requested-With
XMLHttpRequest
X-JavaScript-User-Agent
google-api-javascript-client/1.1.0
X-Goog-AuthUser
0
X-Referer
https://docs.google.com

Response headers

pragma
no-cache
date
Mon, 23 May 2022 01:51:09 GMT
server
GSE
etag
"vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin, X-Origin
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-70768172-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
982
date
Mon, 23 May 2022 01:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 23 May 2022 03:34:46 GMT
popunder.gif
dinterperson.xyz/
35 B
396 B
Image
General
Full URL
https://dinterperson.xyz/popunder.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 23 May 2022 01:51:09 GMT
cf-cache-status
HIT
last-modified
Sat, 21 May 2022 18:07:45 GMT
server
cloudflare
age
114204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svME7WCMwlWbl9C%2BUNVnhgYGTvMLKiTxb9hzQB7ne4wy7bCe0F9lT2hfr972tWxb6M2%2F1c4JaqZa1Qn0JWKrzeXsf0fHjl%2BTP%2BT7%2FP4YMcxYMmqdrnB5RgmXkapIfpzOnn2V"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70fa2511fa524c19-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dT2lTUm4sBj00UTsAN29Zf1FjZ1xpAyA9AD9UMGMgOyo5N1wVLQd0GjUNbmJIIwg9NVNpDD0xU35PMjYMcl11Jh4gAm4zGSILPjoJLRA2dBsuVD49FCYFPzNLfS9mfF5qW2N6GSYHNz0ZPExhYgA7TGFiX39HY3ddDUxhYhkmB2VmS3wrdmBeN19ne0t9WT-IiHiM...
d1nubxdgom3wqt.cloudfront.net/ Frame AACA
575 B
722 B
Script
General
Full URL
https://d1nubxdgom3wqt.cloudfront.net/dT2lTUm4sBj00UTsAN29Zf1FjZ1xpAyA9AD9UMGMgOyo5N1wVLQd0GjUNbmJIIwg9NVNpDD0xU35PMjYMcl11Jh4gAm4zGSILPjoJLRA2dBsuVD49FCYFPzNLfS9mfF5qW2N6GSYHNz0ZPExhYgA7TGFiX39HY3ddDUxhYhkmB2VmS3wrdmBeN19ne0t9WT-IiHiMMJDcMJAAnd1wJXGBlQHxfdmBeZwI7JgMjTGERS31ZPzsFKkxhYgkqCjg9R2pbYzEGPQY+N0t9L2trQH9HZ2FWdkdkYEt9WSAzCC4bOndcCVxgZUB8X3UnU34
Requested by
Host: wfordsgoo.xyz
URL: https://wfordsgoo.xyz/OUFMM2dYIy9eWFh8LhUSSy1xFlV/ZH51AwgvOVEfXSYjXlROMDgdBFUuOVcBSy4iR0lXJDgWVX8lGAELbRQhBxR7K3wDMm0yDX1VABsqAiFTG31LF3g4DQomfXgZfiB0JgNKCAwPfUQxdRAoAyBTFAJRCnMIBUQAAA8afRd9BXxLMgp0HH4NYAwvX1YICyQHAHgseEkgaggAYw1WCwBhJgslDkASbwV4CiF6GApjHXcNKmBeVCcKBhZucwIFIGoYBH0dCRscdh9RGCtyUG0GClo/CngEalRdJQhmH1EYJFgKe3MaXjQKNj5XCnskAgJeVyR8R15uFWF6DnEoAX4tfSIBeSZ4LygCEHMZC3ELaAk0VQNUAylpEHB2BlQqUxULdjVqcn1pN0MyCngMQSkVVAxIAiZUXmtzPFE+QwQLYzZgZH5xKQk1dX9VTTMde15xG351MF0qKFg+fDV1ZDR4Ow9wU1sOIlcEehc0VD1sA3RrVGwvGQBTHys/XAlJfC8CKU0CJlZVYwUY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-145.fra2.r.cloudfront.net
Software
/
Resource Hash
767b19650ad16e2d656093c0e1588d0bd0f8497eeb30dbc870e6825e391ccad6

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://wfordsgoo.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:09 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
446
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-id
uGB221yllRk2MfTRZKsy8Anc6grZM_3502rgEvRTMbGdij1Z-UTzAg==
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1954152625&t=pageview&_s=1&dl=https%3A%2F%2Fuserscloud.com%2Fedwpyhwi2hs4&ul=en-us&de=UTF-8&dt=Userscloud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2070507668&gjid=1877205185&cid=1691629319.1653270669&tid=UA-70768172-1&_gid=1236880666.1653270669&_r=1&gtm=2ou5b0&z=1080891681
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://userscloud.com/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 May 2022 01:51:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://userscloud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
X1dKLz9bV11sMFwIUX53TBoDIWxZHQEoPFANDjM0Hh8NdzxXEAUmPVlPXgxkFlpJeGEQHQUkNVcdH29jCAQYb2MIW1xkYR1ZLm9jCB0FJGcMT18IdApaFHxlEU9eej-BIGgAvJl0IByMlHVgqf2IPRF98dApaRCE5TAcAb2N7T156PVEBCW9jCA0JKTpXQ0l4YVsC...
d1nubxdgom3wqt.cloudfront.net/MbEpROGoPJT9eVRgjNQVcXHpiCF5KICJXBBx3P045JzpofQ86OWUeHhYubAhMACs/ Frame 0E8C
1 KB
1012 B
Script
General
Full URL
https://d1nubxdgom3wqt.cloudfront.net/MbEpROGoPJT9eVRgjNQVcXHpiCF5KICJXBBx3P045JzpofQ86OWUeHhYubAhMACs/X1dKLz9bV11sMFwIUX53TBoDIWxZHQEoPFANDjM0Hh8NdzxXEAUmPVlPXgxkFlpJeGEQHQUkNVcdH29jCAQYb2MIW1xkYR1ZLm9jCB0FJGcMT18IdApaFHxlEU9eej-BIGgAvJl0IByMlHVgqf2IPRF98dApaRCE5TAcAb2N7T156PVEBCW9jCA0JKTpXQ0l4YVsCHiU8XU9eDGkBRFxkZQtSVWRmCk9eeiJZDA04OB1YKn9iD0RffHdNV10
Requested by
Host: wfordsgoo.xyz
URL: https://wfordsgoo.xyz/TE50eFItLBcVbS1zFl4nPiJJXWAKa0Y+Nn0gARoqKCkbFWE7PwBWMSAhARw0PiEaDHwiKwBdYAoDFj0iHgEzFwIGGk0dBB4pHjYDGi0sMCIlDTJNGQUNPiAQDjZHKGJ4ez4CIiMoJUBkAxkhHRokFwEaEyQDNTshaXwyIGMoBTgCay4YRUkhAQgDMQcUe0csECMKPS8qFgYlPT0cCDU2FiYDRDA6dAAQAioUCzUtPxwYGCgKKzYfPj48BBE/Fx0GJS05AhgXHBp+dx47Ex0XFkofBRlFADkVHEUiHiF3HjsQfAg+PzEBGkVAGygPBBkUBDYYPQd1KxESfw4HMx8TOgQYSBsONzkUGhopBR5gBR4mPmt0KjUIMx4NMU0GDS01GmACeSBJZ3oeIj0QDxlNEhENfj4zBjwWJUg+eBciCxEEJyFAChl3ETwVJwwmPionFCUMARoZJhURJ3cRHTsGFDA5YngBNkkLByBNERZ8HBIeGigAIkliaiQHFzw8cxoOAQc+TT03Gj1A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-145.fra2.r.cloudfront.net
Software
/
Resource Hash
7148600909f624fcf846b6b41b0e90700590ad4c00ba9e481b1f3606eb80796c

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://wfordsgoo.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:09 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
735
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-id
HjZHWYgq_HKk63S0X9GKTDzYd5vxLzJ3_aQMJ8milIRo54A_7qd9Qw==
cVW1pQWM2AgcnXCEEDXxbZFtQdlBzBxouDSVQMDswPCsMFA8mBShnFy8JVHFFOQwHJl5zCAciXmRLCCUBaFlPNRM6BlQgFDgPBCkENxQMZxY0UAQuGTwBBSBGZytcb1NwX1lpFDwDDS4UJkhbcQ0hSFtxUmVDWWRQF0hbcRQ8A191RmYvTHNTLVtdaEZnXQ-gxEzk...
d1nubxdgom3wqt.cloudfront.net/ Frame 3E03
559 B
706 B
Script
General
Full URL
https://d1nubxdgom3wqt.cloudfront.net/cVW1pQWM2AgcnXCEEDXxbZFtQdlBzBxouDSVQMDswPCsMFA8mBShnFy8JVHFFOQwHJl5zCAciXmRLCCUBaFlPNRM6BlQgFDgPBCkENxQMZxY0UAQuGTwBBSBGZytcb1NwX1lpFDwDDS4UJkhbcQ0hSFtxUmVDWWRQF0hbcRQ8A191RmYvTHNTLVtdaEZnXQ-gxEzkIHiQBPgQdZFETWFp2TWZbTHNTfQYBNQ45SFsCRmddBSgIMEhbcQQwDgIuSnBfWSILJwIEJEZnK1F4TWVDXXJbbENec0ZnXRogBTQfAGRRE1hadk1mW080XmQ
Requested by
Host: wfordsgoo.xyz
URL: https://wfordsgoo.xyz/RVphNW4kOAJYUSRnAxMbNzZcEFwDf1NzCnQ0FFcWIT0OWF0yKxUbDSk1FFEINzUPQUArPxUQXAM5N2JfNQs2eFwEPQJbNgYfJHE2PTg7cxoUPg13FAciDkAqFgwweCo2LTF2HQgcIA0DBwkJWyg8YitjJgMcLmQZDRANABQGGwJcNigILXYtEBgAcwIVFDN4WAc2MFIoAT0xdy0uHy9NPwgAGWxeEBswQCkRLSN3PQcdO0waJjhQexkdaw1FKAEtJXE9cQ8rXgYnOTAFBhYcFU07KAwlYjkXCycFBic5M2RWBGtYBDwoAxdhJgsOLWMaITskbwAdC0xSFgAgCnwmLAsjZQkUPjtzKxENJ0VcEQ07VzoNFDVTPxwYL2RacAknRi0XNwVRLBY9KHgrLTgCZD8yHgZ8GxY0I1M5FhMtfxkMHytwNCsRUHNaEQ03cTYdEANXKws/AgU0KwIzWgkHDjBTLwIIM3BfLTsFXl8oDVENXh03MBMENjUPRVMcIDJcKCAPDUYGBA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-145.fra2.r.cloudfront.net
Software
/
Resource Hash
e40ef3eeddb65ea3be773aa5b21f5786d540ac52db4e498d0d91ef1f88462bc0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://wfordsgoo.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:09 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
430
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-id
0O4uDk2yXETHAzk1EQzGfQYq0M5j34KlWsd7oTQY6spKwpiAiHE8Ug==
multi
wfordsgoo.xyz/
3 KB
2 KB
XHR
General
Full URL
https://wfordsgoo.xyz/multi?cs=Y2NYc3NbWm9LQldUaUJDVFZrQkY&abt=0&red=1&sm=76&k=userscloud%20free%20cloud%20storage%20unlimited&v=1.0.58.0&sts=0&prn=0&emb=0&tid=708052&u=943284664760499&agec=1653270668&fs=1&mbkb=190.11406844106463&ref=https%3A%2F%2Fuserscloud.com%2Fedwpyhwi2hs4&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&tzd=0&uloc=&if=0&_6jUI=1653270669175&crc=1
Requested by
Host: userscloud.com
URL: https://userscloud.com/edwpyhwi2hs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-38.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
b3955f7fc25ece4e0f84e45c11f179786b10c07f011c70aed3c641a7413d4cdc

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 01:51:09 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://userscloud.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
text/plain
content-length
1409
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-amz-cf-id
h52UsR_Wr9kklhtTEU35JqjtFgwO4FzPQ7EV88GE8jRbhZstGSpikw==
gid.js
my.rtmark.net/
65 B
543 B
XHR
General
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: betotodilea.com
URL: https://betotodilea.com/400/4859604
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
085d614c2bae00f74cc8a61443599d8dad50fc2bc5a1292bfc2b7173761662c2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://userscloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 May 2022 01:51:09 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://userscloud.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
4859604
betotodilea.com/500/
10 B
501 B
XHR
General
Full URL
https://betotodilea.com/500/4859604?excludes=&oaid=e9ef1f75dbdc487a9fbebc78d5aa0a43&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fuserscloud.com%2Fedwpyhwi2hs4&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: betotodilea.com
URL: https://betotodilea.com/400/4859604
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://userscloud.com/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
3062045321281f79dfd5a183694dc2ed
pragma
no-cache
date
Mon, 23 May 2022 01:51:10 GMT
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://userscloud.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
content-length
10
expires
Tue, 11 Jan 1994 10:00:00 GMT
4859604
betotodilea.com/500/ Frame
0
0
Preflight
General
Full URL
https://betotodilea.com/500/4859604?excludes=&oaid=e9ef1f75dbdc487a9fbebc78d5aa0a43&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fuserscloud.com%2Fedwpyhwi2hs4&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://userscloud.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://userscloud.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Mon, 23 May 2022 01:51:09 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| __cfQR object| __cfBeacon function| $ function| jQuery function| R3ff number| LAST_CORRECT_EVENT_TIME number| _2930819328 number| _891119744 function| fa number| _1393880397 function| DisableDevtool object| colors object| config object| jQuery11020269673509194595 function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| zfgstorage object| kxger5vv2ri object| zfgformats object| webpushlogs object| gaplugins object| gaGlobal object| gaData number| iinf

7 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=vAyrx-5RXw2H7JSod1JEOBBCr5sqCNME1u15lrBpndGBBQ_gw5Vb7NvfO2iT_HnmyLXODApJzyKFhC35qaq3IFMYA28hIIIlc04CVtxb6bZt5YdrKR0v1RORNH5J0wQH_c74EOxkamYZTyy_xXF8r_CVvmUEEFqGh3x3YoXbdQY
freychang.fun/ Name: csu
Value: 943284664760499@1@1653270668
betotodilea.com/ Name: OAID
Value: 47f2394e0c4047b08f22a2bb56a99185
.userscloud.com/ Name: _ga
Value: GA1.2.1691629319.1653270669
.userscloud.com/ Name: _gid
Value: GA1.2.1236880666.1653270669
.userscloud.com/ Name: _gat_gtag_UA_70768172_1
Value: 1
my.rtmark.net/ Name: ID
Value: e9ef1f75dbdc487a9fbebc78d5aa0a43

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0;includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
betotodilea.com
content.googleapis.com
d1nubxdgom3wqt.cloudfront.net
dinterperson.xyz
docs.google.com
freychang.fun
my.rtmark.net
ssl.gstatic.com
static.cloudflareinsights.com
userscloud.com
wfordsgoo.xyz
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.21.45.207
13.224.194.145
139.45.195.8
139.45.197.237
142.250.181.227
142.250.184.206
142.250.185.109
142.250.185.168
142.250.185.78
142.250.186.142
157.240.236.35
172.217.23.106
172.64.156.26
18.66.248.38
188.114.96.10
188.114.97.10
085d614c2bae00f74cc8a61443599d8dad50fc2bc5a1292bfc2b7173761662c2
0a75980b19789a7a4273709bb9dea6de6c002d1cb08a017e02675a669862b6dc
1397f43efd4895302bfbde46e8a59ba41bcb17db65205377b5fead4b881408e8
1e4761a2891bcea0fe7c1d190004e9b86eac17f78114fd8f104f9e1d929f02e7
290d3b6f4132ec0bd6f5c0b66e56a22f486f915aa57421f8664d6ab0798eeabe
34a050c1e86080adb47ce332ff806e048bcb5ab73abbb25e73503f251dfb1df4
3598a9ee778aeaeb5293e246e3d2939d92edc82889becca991d5be56f9ab1568
3b51bdd84feefd84aae1e1ddd6cbd4196dd91069e98d6508d4bc24d1105d5bdf
450f6ca98d98ad460909a056162d17b1e267d3251c1a4150d79c879d2fcc3304
671e4903095489b36dea2a0826f4b0971bfb9ef76ae92fb02478baa4b69baebd
67d52ffc74da6614fa53c49bf50817a6e2f36182020f4b7049e0bfbed694e032
69ef379cc3ea00f00d2f6260aee0ca937260f374b2e0ab8b8ce0cb5133679816
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7148600909f624fcf846b6b41b0e90700590ad4c00ba9e481b1f3606eb80796c
767b19650ad16e2d656093c0e1588d0bd0f8497eeb30dbc870e6825e391ccad6
7707e6a89da61b6a3d8444083979ce915046842e05ca151bf4f652cfc6776dae
7abb447a7894fb16ecfd240eb6555ad431656e7b82065d9b7e6073480936004e
7bd50417ade257be6ce545fca12e92a3d87743f6c979b3b1b25413525c52f977
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a8ad832c8566a3f775751ea130760e30047a3628c2167f3566fe4998d0e5396
9957cdb6efb34b018994223d4317d7ab45f2d7168bcc319f04fa373e23dc8c1b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a292096fd61a012c9a5dcddcc45e09ca5b2099fde80e0e8c291efb469cc1e889
a704058c72cb7923898e027047e41364c0c42948cf9a080889ceb56a0a9a1fc5
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d36aa14add1f69a38389524a5e327105c61f050141e448f4893589a61adefd
b348f48d8a36187e4f7b80cf9b3ed94d614b9d20b4facd29ecc7c9af121c01c1
b3955f7fc25ece4e0f84e45c11f179786b10c07f011c70aed3c641a7413d4cdc
b602f60086baca8ea3702b236977564903e94e7cc6ab373c7fa1a7f09676637f
bc4502d4ebb07a2e8c58ccc345a184506c98c22a4c4e3548a1487f0bcef668e0
c2b282c35ab3c15a07f9d65227f0823e84cde933ac12ce84c1307360520f61fa
c53a25c1a5c781b430b6eff3624cdfd8d0e26268878d08daf54a41a42b16263a
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
c7f77b27d01bed91582ccad581bebc96f6bdd450cc0feeca559bcc4c640d6137
caf57ad31292cf2771a7126437a37465a818dfb3e98520671db8da48e3212e4e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf6f1e041ab94351f35418186cab4f72c8853829910c8789251295ab82af5baf
d55db21d4ee05507a028a1d46c52ca0bdb7d1db711cbcb5040233a865d25bf08
d7977b78173e8569c09a0fdc829e27779db1d245a179f6ed6750f247d9721adc
df65a54b38edd28d5bf3cbcf90eebe4dedb4659cccd065fa3fc5e7e1735de059
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40ef3eeddb65ea3be773aa5b21f5786d540ac52db4e498d0d91ef1f88462bc0
e7493cd8a31ae229762ea360bd4332492861a2a4ee6c3e232a086df61757383f
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505