Submitted URL: https://user-shield.com/
Effective URL: https://www.user-shield.com/
Submission: On July 15 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3033::6815:160d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.user-shield.com.
TLS certificate: Issued by WE1 on July 14th 2024. Valid for: 3 months.
This is the only time www.user-shield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 24 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
25 4
Apex Domain
Subdomains
Transfer
24 user-shield.com
user-shield.com
www.user-shield.com
1017 KB
2 gstatic.com
fonts.gstatic.com
46 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
832 B
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1950
11 KB
25 4
Domain Requested by
21 www.user-shield.com www.user-shield.com
3 user-shield.com 3 redirects
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.user-shield.com
1 use.fontawesome.com www.user-shield.com
25 5

This site contains links to these domains. Also see Links.

Domain
yoomanies.com
vyprvpn.com
www.facebook.com
instagram.com
Subject Issuer Validity Valid
user-shield.com
WE1
2024-07-14 -
2024-10-12
3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3
2023-10-12 -
2024-10-10
a year crt.sh
upload.video.google.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.gstatic.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.user-shield.com/
Frame ID: 2FE257A52A13CF1F3B563D91467C713C
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

ExpressVPN – User Shield

Page URL History Show full URLs

  1. https://user-shield.com/ HTTP 301
    https://www.user-shield.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

92 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

1073 kB
Transfer

1238 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://user-shield.com/ HTTP 301
    https://www.user-shield.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png HTTP 301
  • https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
Request Chain 23
  • https://user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png HTTP 301
  • https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.user-shield.com/
Redirect Chain
  • https://user-shield.com/
  • https://www.user-shield.com/
17 KB
6 KB
Document
General
Full URL
https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae1e8d3e650e45ea4558f0868f9c2dfa56c98f87d2c260081c6e1dd9bede3d2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a3941466a9c1c09-FRA
content-encoding
br
content-type
text/html
date
Mon, 15 Jul 2024 11:01:31 GMT
last-modified
Sun, 02 May 2021 14:21:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SvaJklLmcMIyh1PQNlrkZHnaiNUNbCRz3htKYIkTugIb%2FuoTgnQvzmH9KJ%2FD57p47RTVLKNC7Abl2Zs8MzhYadxvwCDXudlRtU8o%2FfLdsDB5NBtv9w0RQdtPU0Tl1a256fNZCgD8R8VExhKhEQHssKTV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-amz-id-2
aJslEyU70Abp2LeHk5ANtStcZ5yJi2vkSzHoZTn0ddZ/mLM0ITkhHQafaWi2k5zb+jKLHwiYff0=
x-amz-request-id
ND0XZEKM5EJ6NN8C

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=259200
cf-cache-status
MISS
cf-ray
8a394144fe1503d0-FRA
content-length
0
date
Mon, 15 Jul 2024 11:01:31 GMT
location
https://www.user-shield.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vPT%2F%2BGStc%2FYdoWJgWx7KQcu069bCzC3iHGxqMBiqz%2FntA3GJ1%2F6IDjZgqP0Y2lOftqcHCl8Jq%2FAyPZ%2BUnavhvsUbEYkRoALpYUspTPFY2%2BqrB2uLgkKph377fqFJ8l5oesSstB%2BXrYhensax9nU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
BBgY/8RZ4edUU3fEd/7iSGF55T8N4chWtwlr25DSJODWufQuvvHj39MkqMfzrhKPjlPTh5ggbQ8=
x-amz-request-id
ND0P987W6W6TT0M9
all.css
use.fontawesome.com/releases/v5.3.1/css/
48 KB
11 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer
https://www.user-shield.com/
Origin
https://www.user-shield.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"10519cfd3206802f58315b877a9beab5"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3DBlo6ZB2Uc0FVq1%2FMCKzKldz3qZJlMg57uM4gzsVSo4UFoHIID0S88LI6dA5o8uZpyL4I3Qjv9aj9FsqW0%2BQXJwGQ6whQhkbw2J7glVI5PpeZoqCrkd6HGtm%2F5%2Fy90xJUG3az4tbcnwNWjrjsG71mq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8a394147eadf1cc5-FRA
alt-svc
h3=":443"; ma=86400
style.min.css
www.user-shield.com/css/
50 KB
8 KB
Stylesheet
General
Full URL
https://www.user-shield.com/css/style.min.css
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0954c5f6eefa10effbda76d0bee1b3a9b5f0c8979e0fb7570900eec46ff97c95

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
ND0WZVBDSBF8B3PW
etag
W/"7faae07c7646174a3b7c1f3bfbe6ddd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nnCAkQ1PwXKleIgoEVeQ4MD4RsZpOO8sHOCPPMC%2FvrfQvigFDOaiX1BWqkltSfbS%2BmGLzGnO6X6f40mIua%2BW6wWMqa5D6vF9P4dedKyOun%2FhyDLq9hRlnWwN4HyrPg%2FeA%2FK0hSzF2FzHohgEwZYAsFPp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=259200
cf-ray
8a3941476bff1c09-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
WeCZkUml4feVxvJVaLeWSqeclZamxiwFJvw5avTm4r7FXnMa5t/qzJD+O6rmNBvqaEkh+K6M7xY=
style.css
www.user-shield.com/css/
27 KB
6 KB
Stylesheet
General
Full URL
https://www.user-shield.com/css/style.css
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29182a95446eebdd114d27a733a9503457356bb25e5fafb5db48af6cc17f872d

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
ND0NY1YC8YD8AWJB
etag
W/"2a7077812db96f4c32e917ffd6d757dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fg8hfTVGNPW0H0%2BQv8FZuIcvrkMvvfpI%2Bq12Y6pFSoAHId4wjYO8eyFBe7mLwXsq6%2BE7sgNGrGlh5Rq2p%2BgQpBRKLPFxRgoJpZc1pzieB1fgH35rtpHcWKNvjCsGe%2BREAfNGqUSLF3DbgN6sHYZehUEf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=259200
cf-ray
8a3941476c001c09-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Kl/USzvXNrAOnrJLMV3GjNFW1JaG9M0vvuyN1HZBpbCFL8pU6WGyKsb88It16IhjUxVDcWT7IGk=
css2
fonts.googleapis.com/
1 KB
832 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.6
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 11:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 10:10:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 11:01:31 GMT
logo.png
www.user-shield.com/css/
23 KB
24 KB
Image
General
Full URL
https://www.user-shield.com/css/logo.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab6927f972019bdf9dce65e83ff922516959844889dd7f5a275d6c0cee10ae9

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ND0W5EWDV9NH733K
alt-svc
h3=":443"; ma=86400
content-length
23817
x-amz-id-2
uNvBW12DUNfI5g+zO+ioGMyq0URNeRY2fO8mOGg6mu6gycJx+OWukqohlaBN2P6wGJBeOeY0T5M=
last-modified
Sun, 02 May 2021 14:21:31 GMT
server
cloudflare
etag
"34f405e6593dd834219764d101f3b1b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ti%2BfaXmhEpNlpyVs%2BMSqkeaFJj9pyRlNEGmrwiVOoXQX5sJmVSr6oihbr2Oz6FWy5I%2B%2BHCvIldqiQj8R8yaez9mMDasDBBIy%2BDjfXzXDD51Z4tjBwu2L7ebYHpTXmS%2FA4JStf0kfg6%2BA7wBaLMt4vEtf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8a3941476c011c09-FRA
sipka_dolu.svg
www.user-shield.com/css/
430 B
709 B
Image
General
Full URL
https://www.user-shield.com/css/sipka_dolu.svg
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00ed0aee33e8c27a383ea5bacaefd6e1bc850b65d818dd2d8cee4e1d7ea612d8

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
ND0GZQJKQ9Q1XBPW
etag
W/"8bad87734ac6c834243fa4eb96cc1fe1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpfzcAvQQUlRdEgS7xQGDoccBMqqaHh8uJ78rdVX19LpZzrYV96IsRg7l09LD5rer8jkCpUz%2BhwoLkoaXm034fl1hce6sms5opGxONBcK5eojja64pjeXrVnrIwWfeuYFUhZOmxp4WkifDhc6ea0rHxM"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=259200
cf-ray
8a3941476c041c09-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
BXXAN2htapAZAhvuMupeiQ3O+7Oyogqeekd0l51C2zPEvTirgsZ5Dkose8d0v4D/zGUrJB0j8m0=
check.svg
www.user-shield.com/css/
475 B
779 B
Image
General
Full URL
https://www.user-shield.com/css/check.svg
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba67f982489b6f325892d0598f370197e0ab4a72e3d63bb0b49464a1d610c281

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
ND0HS9G23890HFEG
etag
W/"751dc47835c0dcd08c9bccf2dd7338f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lI2pN%2B2oiIS8bFMrKV2zkYmrjhNLYrxBP7DqTE0C6jiyFQGVuTDWLW6yMe2vjS7xNQ3QSe7zTJQ0p2eBVaAnfqyzoDgIp1ycl5VAByxbCq6Z4l0JPNwD4S6FxDkbK8VqxPkzTaY5pTOqeTXmQIiT8%2BaX"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=259200
cf-ray
8a394147ac501c09-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tfsiJlsp/rDiIMc0R9wMRzuurLASKJ/+DnAu+7Wzyvd0FKvzFfKxZNK69zwRi+Wi/aPQv9O6grY=
hin2.png
www.user-shield.com/css/
820 KB
821 KB
Image
General
Full URL
https://www.user-shield.com/css/hin2.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
767c37343152f2a04304e27082125e7d7c97e1a5b591111eb2f3037a8c0c33c6

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ND0GHZ2GNE9TDM07
alt-svc
h3=":443"; ma=86400
content-length
839572
x-amz-id-2
1WoRiiZRGqcOgJTrRBXrG6e3+DjxIpewWtWifYqpPpqOkq4F1VxUMOkw3GUCXBH1tugO6ScLW9I=
last-modified
Sun, 02 May 2021 14:21:47 GMT
server
cloudflare
etag
"906e0da023360abb4d8897103a054a62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H0xR57ctIRWqK5qcAfHMPcP1TYKcb9dtvIqIhoI9uM2pyMyfsvN8h8vcAX08qcyCaovVT1%2BKS0A28j6%2BEP%2BLHnPuo76dEtxWcYm55ydfxEDclhIugxdvSh6ZMEz49iKHmtooG1426O0cqNUjhzti2X0L"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8a394147ac541c09-FRA
image-from-rawpixel-id-517276-jpeg.jpg
www.user-shield.com/css/
5 KB
6 KB
Image
General
Full URL
https://www.user-shield.com/css/image-from-rawpixel-id-517276-jpeg.jpg
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2291d85c12eeba69489503aa7e612992442ca9b7df8a19de0e834bb1ed7240

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ND0Z9NCZNGSPKM0B
alt-svc
h3=":443"; ma=86400
content-length
5212
x-amz-id-2
wPwc3+qsXyHnos9q6zRSv1MzoN1RlSWzOXFqeDMuI+3rkzbJXo1XIoezMaXcsGnck8lSsxJglS8=
last-modified
Sun, 02 May 2021 14:21:48 GMT
server
cloudflare
etag
"46afaea5c4b3f9ba457965b7136c75d1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XdGCjh07rK3VeaT1T%2BU%2BLWuIrQazO7r0lA5nh5nKmGn0abuD1wwQN40qEARRtY3lFO3fKscHMoUtY5D%2FjvIyQZKhCt2CCv7rHfJWpbtxwtvMQdl3uQ1oli06nqkflt6mU%2BgQKlqO3cOfyRuYqBWkyYtn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8a394147ac581c09-FRA
expressvpn-red-horizontal-rgb-a9fa82f51ee51859e9976a866a34409c900cbd7d097ff816053e39022d5d554b.png
www.user-shield.com/css/
19 KB
19 KB
Image
General
Full URL
https://www.user-shield.com/css/expressvpn-red-horizontal-rgb-a9fa82f51ee51859e9976a866a34409c900cbd7d097ff816053e39022d5d554b.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf3f69848594e246144344257c90ad1ae0c72996558e48230bb510da6e8bbe5

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ND0N29RW2D9WY40D
alt-svc
h3=":443"; ma=86400
content-length
19088
x-amz-id-2
GX8XBNRwcmzd8vmMLlCZB+Fmpc4GtB7Q0IPgPNztkpWSlunFPOI4Aoyda2YjetXslkXcai2FNaY=
last-modified
Sun, 02 May 2021 14:21:45 GMT
server
cloudflare
etag
"416a40191a644eee75eaf75e1403ce0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gP%2FHgzllhSa%2Ffs1UGuVCev9dxsZZ0jMpgHYTrAynXrTDzSF177VJJoR%2FqzpNCbaDk4sBfopBUr%2BVNLrEdhOcdUdfhAk6jJZC81j6R937tpHh6HnL3Q5sB8v15WykZhje1C99wSjofKu5NXmap07qfSxs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8a394147ac5b1c09-FRA
nord-logo-horizontal@1x.png
www.user-shield.com/css/
15 KB
15 KB
Image
General
Full URL
https://www.user-shield.com/css/nord-logo-horizontal@1x.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e4a0abb6713c84cee64df2dde5cce1e6664e88666e72a8295839430320f878e

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ND0H571HYJCEPS64
alt-svc
h3=":443"; ma=86400
content-length
15195
x-amz-id-2
z7/yXCJXULg2oBSeoZb+59PFsorea3wNprWjp7cvhjrblfVc5FnhcZONCcIsY3XJkXjDKwmaIdI=
last-modified
Sun, 02 May 2021 14:21:31 GMT
server
cloudflare
etag
"4bcb5cbb750e000a3aaec4339681294d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atLcRSm4VLSkeTEvebsqMZKSbi1Vrlu1fnvCKllO2It6VqJ5kqB%2BsWeJDBg5A9wGyRP1jO5XahgL8i%2BRHriyYea5htqTpISNdEO8pb7TllgQ1Q7zmm5BUkiIJAeZV4n3dLQ1V%2B2Md2LBhzeMmCVQPrXR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8a394147ac5c1c09-FRA
vyprvpn-logo-2.png
www.user-shield.com/css/
22 KB
23 KB
Image
General
Full URL
https://www.user-shield.com/css/vyprvpn-logo-2.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b1cb9b225e4c97881b8b9b15dbbe61e6490e06805607687115fc84cf03c854

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ND0KT20C9116JTKG
alt-svc
h3=":443"; ma=86400
content-length
22632
x-amz-id-2
MVmd0WeGi8RnetFa30Djv/5HiWdpxFayFhEAR0l/sOnoGySDHj6aJRNjPGdd/lTxQoN2J0fTlAo=
last-modified
Sun, 02 May 2021 14:21:35 GMT
server
cloudflare
etag
"1840de928287d59667206e66cadc590f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ye6YvKM0%2FQ5StJaIhA%2Fke3NxrJqfqQVC6DTv5m0R3PzgJrDwLc1W9PTKmidBLEIgmz89FhXuN%2B4xVb30urnQM7s9j3l7wt1gMWt7JxUPETE8L8Yrkv2f%2BNIn%2FtHZ5xFtOkiy7ui3MAAbOuJzYdENeDk7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8a394147ac611c09-FRA
surfshark-logo-2-e1607026411694.png
www.user-shield.com/css/
20 KB
21 KB
Image
General
Full URL
https://www.user-shield.com/css/surfshark-logo-2-e1607026411694.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e175117bec697b51e9cdc535726c18cf86edd25ff097e4c98a173f549abc8c3d

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ND0NJY2DQ3W55E4K
alt-svc
h3=":443"; ma=86400
content-length
20797
x-amz-id-2
Yj8T9W7oGZS+/ZptH2B63Tu7CT2nT2tV8gOgacPJ7vC3L1YsOPD7Um5RfM7aJ9fgs9Am96DkjoM=
last-modified
Sun, 02 May 2021 14:21:34 GMT
server
cloudflare
etag
"c55a4c83819b44d0542a0be5f025f84f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JrlZsUscqAXxsMSlrXrLGCPTQLms8WEgVX2GGPaRCFmPsy6UmC6Z4Yg%2BlcBv3IHXNH9zkxqwtMvKTCv%2Ba5ZqTa8WWMWJiVR5Eyi6pqMGIbcogeX58%2F4PEDMcGj9LrqTgtkoZpryjwLHUa9Y4t3HR1yaB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8a394147ac621c09-FRA
CyberGhost-Logo1.png
www.user-shield.com/css/
19 KB
20 KB
Image
General
Full URL
https://www.user-shield.com/css/CyberGhost-Logo1.png
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db973644ca34e16dac4b469ef7ea2393f36204f7782205c7d56ac8b2ab29e2c

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ND0P2F1VY0VMKBRD
alt-svc
h3=":443"; ma=86400
content-length
19648
x-amz-id-2
tcde/7pUNR6pQIgZW/X4Hy36Hvud4IbWOqD4gI9Scrb6Wr7/OQQUlLwzMCDvNAeGtWbXHbKotSM=
last-modified
Sun, 02 May 2021 14:21:45 GMT
server
cloudflare
etag
"111c2a1086cb006ed6521e4d17b4f62d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aaQUCdR75hSUR7DqOPcK5vIh%2F%2BEtK3AgN1eZ6swMbxQXQJDeWyM6edcqtnMSB6rjW2X4tKIIPsKMQb4Vbl9XeK3KxvD3Wjjm2J0t%2ByVt%2Fw9C%2F8dwttRpgtVsTOapk8YfNEqrPa7qqzRunM8WfIHVXk7n"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8a394147ac641c09-FRA
fb.svg
www.user-shield.com/css/
627 B
823 B
Image
General
Full URL
https://www.user-shield.com/css/fb.svg
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f163af3109712d394f378cdacdb37b8e064aac256b1ff8ca3aa001bf7c617121

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
ND0HT7T394VPRBBD
etag
W/"72d89eb0dbcc43a4db538207677bfee5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1xSt6XVcvd9AP713qY9MrVxSVGZyd%2FCcb9IL3To4I9HpnPgseWtPk%2BYoH19hxes4vaztoeV8i7XlqrWFUYKYcZfAuPAmNImZPi27gHp7oq9rr%2Fw0i3O4st9piYPK%2Ftpe5CW15le98mSPxaXiMnHm2vpB"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=259200
cf-ray
8a394147ac661c09-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
DR+KbUor1SoLF8kRRDifWgLBlXGR7WOJ+Lg2ZTkkC51xfPJSTzsCdDxcmEXeHr/suMBbpLRk1So=
ig.svg
www.user-shield.com/css/
1 KB
1 KB
Image
General
Full URL
https://www.user-shield.com/css/ig.svg
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e9fa8c7bff1e890d8d1b565d067fb5c74134310a4467ed24164ef8d7d11d82

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
ND0Q7KB92MSEHWS0
etag
W/"829734b4dd3cc5185d11a8094c43dcf3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sav%2BbESWKJJMgvqkB449yhfkjRewaSiTgMlhPjchEMjlI4a4iGxIlRAHWDDxcv4WootOdtErcczHVzRLo7ScQS%2BtXavaGt7pn5CASm%2FkzBx6OD3f8norirc2Uob949RjTaNY6UkBARlGQctFpyuBJjEk"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=259200
cf-ray
8a394147cc991c09-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rEbjepa3BjSJviiMQ2pLN20BKJek+9FA1uLeMFaWNKRt0lzJjtDcKAtrwPJvCULXXln/V4JqgGM=
rocket-loader.min.js
www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Jul 2024 08:14:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668f945f-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cpun%2B0otqVwnc8RxVmU%2Bq4u%2FPaH0ixEgPB1VzLSNG%2BVy79qevteV2mWL%2FAMe6m9M10xMfKvEbyfHEYeavN5aevQQ5d%2FXKGA9bK11e3Q82TF8OEngTgW4YmLDsGS44yQ2rQyQ15zu7DZnmyMia%2Fi%2BMM7j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a394147cc9d1c09-FRA
expires
Wed, 17 Jul 2024 11:01:31 GMT
wp-embed.min.js.download
www.user-shield.com/css/
1 KB
2 KB
Script
General
Full URL
https://www.user-shield.com/css/wp-embed.min.js.download
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd0e2dc8b2a14ec39296f54b2ec89a9853ba9cfa6b7ea83dff47f4b8729c504

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 02 May 2021 14:21:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
ND0GD0JDRZBPMVSS
etag
"0213d275d45337bd69a05685c5c4a787"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKeGybF8bEln8XNBli6wnJ5SM0Gagkwn1DZertlVmzpkCqxcYCLdIDtKaJ3DohgLSL8kUCLT%2BRNCBV0IFVq%2B4B46faDnPHqM11eNAQGJqdtXJJyxuaFpgM2cOH%2FHXHCH%2BTa68hswUnTzFvFNlccyPLcV"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
cf-ray
8a3941494f172bbc-FRA
alt-svc
h3=":443"; ma=86400
content-length
1435
x-amz-id-2
mggd9NwPKO3J+1DDXbfq7aWjUNuyzz1KngwbyY7R491QjqynsC4o/s61N3L5DVKK43pddAoUWRE=
ta.js.download
www.user-shield.com/css/
4 KB
5 KB
Script
General
Full URL
https://www.user-shield.com/css/ta.js.download
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1710ac628798b8634f33cdd6ee64f7ec804290d034f826ebd6328109db542e57

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 02 May 2021 14:21:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
ND0QHP11T5FAXRW7
etag
"6ec76a68447d4e171e62dfc675b5aa3b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tig8XTmP%2BY5YwCNUAFNOt5kJQaqJZVLUuzSA00FPvtlNS%2F6%2FrX423EuVsWd8HjgGgg%2B1Ij3p3WgF2GxCceOKJYjYkBvRdkLWvll4cza10kPmwVR%2FRSEg769aFyhn8L8FfMYg1aVBEajNkcaAnqBmuxlz"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
cf-ray
8a3941494f192bbc-FRA
alt-svc
h3=":443"; ma=86400
content-length
4296
x-amz-id-2
eOts0AyE5/licWeNf36qeTsC96dHWx+IU0cAcjiaAxxRUP4SCvCLsCUuNy5qJ4tbdMBw9lnn4zw=
jquery.min.js
www.user-shield.com/js/
85 KB
31 KB
Script
General
Full URL
https://www.user-shield.com/js/jquery.min.js
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 02 May 2021 14:21:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
ND0K66VMRWVHFGVP
etag
W/"5b5a269bd363e0886c17d855c2aab241"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OMBVfBR4M72X6ZQHtUvl9gSs%2Bht2RkFlmIKKhuJca1SfvMwqsv4is4yZhqfkewfYYxU%2BJhHdLJMefPrYXRR3wOJ20zGpLzin4lbIw75sRoXHvO50Tl1WEaNpj4GBITLU6lJDYMKc4e2x6TaT0gy4J0f4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=259200
cf-ray
8a3941494f1c2bbc-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
BCgoZquiFaoP4FR14qVSkb5H0HxgSL69eMa20sCyDC4L2CZxAa4b36l4YzdXpvlGO9ViFqGF24o=
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.user-shield.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:56:54 GMT
x-content-type-options
nosniff
age
504277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 14:56:54 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato%3Awght%40400%3B700&display=swap&ver=5.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.user-shield.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:32:28 GMT
x-content-type-options
nosniff
age
523743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:32:28 GMT
cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
www.user-shield.com/wp-content/uploads/2020/11/
Redirect Chain
  • https://user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
  • https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
403 B
827 B
Other
General
Full URL
https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
Protocol
H3
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46d0e5b519f4fbc774a1bb0bab6305a81c82bdd6b80b4ac40ba4629bb6a5e149

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:32 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
KJFV5TQHA09NJR8D
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZMXzuksQgB3M4hHW0DrJ6TyfGOXO24ipYmIgbu2jATOIh%2FmSN1pynux%2FKjdbDsPuWKzuCvuH%2FThsLB%2FGyexhybfbMvsaQGdsEgY%2Fdx7BJC%2B%2FjHH4%2F3qC7CpDGyrIbu47I9YMcfeoApY4P8SmQoguXO%2Fu"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=259200
cf-ray
8a39414b39b32bbc-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2iIQiSjkIcySTkJfYQgnjxZu3hhDtKj8MnyORrLlHPJeDWWIfyfisLu1kSWuGPmvo7cZZhPYbv0=

Redirect headers

date
Mon, 15 Jul 2024 11:01:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
ND0XBHD4KBTXGJAY
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrbYRFmzMN%2B%2B9hct1Lt%2BzoPpT2XZEHKmnmk3QQUbRQHtKONE73NLYBupSy9Ts2Ei6o09B3S8pekcwDKaYlq3xo2%2FieW%2F0pCLrQZN2VRA1BpFwiCCpOIefN5mKKqOsTvB%2FvQEFl%2FeePxV4pswnPs%3D"}],"group":"cf-nel","max_age":604800}
location
https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
cache-control
max-age=259200
cf-ray
8a39414a8f2503d0-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-id-2
SIY+wRxhr6NXa1nTwh269wE+C5Fb1XCWbJJfCOyfKB1INDCMNpKwhay5hYU1ZxCoYyPOmeQy5S8=
cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png
www.user-shield.com/wp-content/uploads/2020/11/
Redirect Chain
  • https://user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png
  • https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png
405 B
821 B
Other
General
Full URL
https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png
Protocol
H3
Server
2606:4700:3033::6815:160d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9065e76bb85224fc8b568526d3f1bfd496b918b3011addb348046e76232df36

Request headers

Referer
https://www.user-shield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 11:01:32 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
KJFSP1927SXTWTH8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mmZRbWtRJ%2F2X6FNZ0WJLyL1PozlxmzzYTsLcgjt5m9NX21iJFkOkilM63BldbLSy7Rxu9ZLQtCXx%2Fl0aFQOPLFE5ZnpFaAGnDv9zJH2m%2BtfZlKfVrZoB1tSxrbgpu9hMYeuOQaU3WaBfTqN3ms2BJ8qF"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=259200
cf-ray
8a39414cbc1c2bbc-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4vKa5948os7exbEuUNxkDB/PxXA7TTlp7eZGXs8Hvetknpxs5rSj/TmadAkNU+eOgzILMCfEunI=

Redirect headers

date
Mon, 15 Jul 2024 11:01:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
KJFWR3KMG3YFV5HT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rSET82c2TwkyA3Myq%2Bxj5AxUmPPXput0y4xORNV%2BO3i3ZS0oVzlYoi0es%2Btug1aCOgFTTdlkq71FlHfeQRJncUygQFpOYb5L4WvgqRy3e6xv1igbwHojtYlMCv%2BfdzAJwm8BxcgebscohQPlxmc%3D"}],"group":"cf-nel","max_age":604800}
location
https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png
cache-control
max-age=259200
cf-ray
8a39414c098303d0-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-id-2
qWXjQVTFgJ24uuGw7sSDf24IrbOhL7zJDYFoaVNJTnQH6TxVOXcH4Z+BGikLU/M6OyVVQyOzxFg=

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR function| $ function| jQuery function| createCookie function| readCookie object| thirsty_global_vars object| thirstyFunctions object| wp boolean| __cfRLUnblockHandlers

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-32x32.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.user-shield.com/wp-content/uploads/2020/11/cropped-fav_Kreslic%C3%AD-pl%C3%A1tno-1-192x192.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
use.fontawesome.com
user-shield.com
www.user-shield.com
2606:4700:3033::6815:160d
2606:4700:3037::ac43:8ef5
2a00:1450:4001:80b::2003
2a00:1450:4001:831::200a
00ed0aee33e8c27a383ea5bacaefd6e1bc850b65d818dd2d8cee4e1d7ea612d8
0954c5f6eefa10effbda76d0bee1b3a9b5f0c8979e0fb7570900eec46ff97c95
1710ac628798b8634f33cdd6ee64f7ec804290d034f826ebd6328109db542e57
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
29182a95446eebdd114d27a733a9503457356bb25e5fafb5db48af6cc17f872d
2db973644ca34e16dac4b469ef7ea2393f36204f7782205c7d56ac8b2ab29e2c
46d0e5b519f4fbc774a1bb0bab6305a81c82bdd6b80b4ac40ba4629bb6a5e149
4e4a0abb6713c84cee64df2dde5cce1e6664e88666e72a8295839430320f878e
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
767c37343152f2a04304e27082125e7d7c97e1a5b591111eb2f3037a8c0c33c6
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a2291d85c12eeba69489503aa7e612992442ca9b7df8a19de0e834bb1ed7240
aae1e8d3e650e45ea4558f0868f9c2dfa56c98f87d2c260081c6e1dd9bede3d2
b9065e76bb85224fc8b568526d3f1bfd496b918b3011addb348046e76232df36
ba67f982489b6f325892d0598f370197e0ab4a72e3d63bb0b49464a1d610c281
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d5b1cb9b225e4c97881b8b9b15dbbe61e6490e06805607687115fc84cf03c854
dab6927f972019bdf9dce65e83ff922516959844889dd7f5a275d6c0cee10ae9
e175117bec697b51e9cdc535726c18cf86edd25ff097e4c98a173f549abc8c3d
eaf3f69848594e246144344257c90ad1ae0c72996558e48230bb510da6e8bbe5
efd0e2dc8b2a14ec39296f54b2ec89a9853ba9cfa6b7ea83dff47f4b8729c504
f163af3109712d394f378cdacdb37b8e064aac256b1ff8ca3aa001bf7c617121
f8e9fa8c7bff1e890d8d1b565d067fb5c74134310a4467ed24164ef8d7d11d82