urlscan.io logo urlscan.io
SecurityTrails logo

one-step-media.com Open in urlscan Pro
34.160.17.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://one-step-media.com/
Effective URL: https://one-step-media.com/
Submission Tags: @phish_report
Submission: On December 29 via api from FI — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 36 HTTP transactions. The main IP is 34.160.17.71, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is one-step-media.com.
TLS certificate: Issued by R3 on December 29th 2023. Valid for: 3 months.
This is the only time one-step-media.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 34.160.17.71 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
4 2600:9000:221... 16509 (AMAZON-02)
6 18.214.146.67 14618 (AMAZON-AES)
1 159.89.102.253 14061 (DIGITALOC...)
5 52.217.201.161 16509 (AMAZON-02)
1 52.217.139.74 16509 (AMAZON-02)
36 9
12    34.160.17.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.17.160.34.bc.googleusercontent.com
one-step-media.com
5    2404:6800:4006:809::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2404:6800:4006:811::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2600:9000:2212:4600:1:c79:ac40:21 (United States)

ASN16509 (AMAZON-02, US)
d1m9uqhmlogh4h.cloudfront.net
6    18.214.146.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-146-67.compute-1.amazonaws.com
api.writesonic.com
1    159.89.102.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
geolocation-db.com
5    52.217.201.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
writesonic.s3.amazonaws.com
1    52.217.139.74 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com
writesonic-frontend.s3.us-east-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
12 one-step-media.com
one-step-media.com
246 KB
6 amazonaws.com
writesonic.s3.amazonaws.com — Cisco Umbrella Rank: 382039
writesonic-frontend.s3.us-east-1.amazonaws.com
164 KB
6 writesonic.com
api.writesonic.com — Cisco Umbrella Rank: 334223
3 KB
5 gstatic.com
fonts.gstatic.com
148 KB
4 cloudfront.net
d1m9uqhmlogh4h.cloudfront.net
115 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
5 KB
1 geolocation-db.com
geolocation-db.com — Cisco Umbrella Rank: 17920
258 B
36 7
Domain Requested by
12 one-step-media.com 1 redirects one-step-media.com
6 api.writesonic.com d1m9uqhmlogh4h.cloudfront.net
5 writesonic.s3.amazonaws.com d1m9uqhmlogh4h.cloudfront.net
5 fonts.gstatic.com one-step-media.com
4 d1m9uqhmlogh4h.cloudfront.net one-step-media.com
d1m9uqhmlogh4h.cloudfront.net
3 fonts.googleapis.com one-step-media.com
1 writesonic-frontend.s3.us-east-1.amazonaws.com
1 geolocation-db.com d1m9uqhmlogh4h.cloudfront.net
36 8

This site contains links to these domains. Also see Links.

Domain
www.siteground.com
www.activecampaign.com
emea01.safelinks.protection.outlook.com
Subject Issuer Validity Valid
*.one-step-media.com
R3		 2023-12-29 -
2024-03-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
api.writesonic.com
R3		 2023-11-12 -
2024-02-10		 3 months crt.sh
geolocation-db.com
R3		 2023-12-12 -
2024-03-11		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-10		 9 months crt.sh

This page contains 2 frames:

Primary Page: https://one-step-media.com/
Frame ID: 1DB50E886A0F9FCB05CADC9448346E0F
Requests: 23 HTTP requests in this frame

Frame: https://d1m9uqhmlogh4h.cloudfront.net/CDN/index.html?service-base-url=https%3A%2F%2Fapi.writesonic.com&token=f7e45b74-9f3c-4cfe-88a2-84f95c92d5fc&base-origin=https%3A%2F%2Fone-step-media.com
Frame ID: DFE306353F7EBC1E6414C7BD68B3EC6F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Affordable Digital Marketing Services | One Step Media

Page URL History Show full URLs

  1. http://one-step-media.com/ HTTP 301
    https://one-step-media.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

36
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

682 kB
Transfer

1535 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://one-step-media.com/ HTTP 301
    https://one-step-media.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
one-step-media.com/
Redirect Chain
  • http://one-step-media.com/
  • https://one-step-media.com/
244 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d78f79b8acd1156864e9fbc0cf5fdb434693f40e4dd8e63501d35edd60100268
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 29 Dec 2023 23:47:06 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://one-step-media.com/wp-json/>; rel="https://api.w.org/" <https://one-step-media.com/wp-json/wp/v2/pages/12>; rel="alternate"; type="application/json" <https://one-step-media.com/>; rel=shortlink
server
nginx
sg-f-cache
BYPASS
vary
Accept-Encoding
x-cache-enabled
True
x-cdn-c
static
x-content-type-options
nosniff
x-httpd-modphp
1
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:
x-sg-cdn
1
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
24
Content-Type
text/plain
Date
Fri, 29 Dec 2023 23:47:04 GMT
Host-Header
8441280b0c35cbc1147f8ba998a563a7
Location
https://one-step-media.com/
Server
nginx
X-CDN-C
static
X-Proxy-Cache
MISS
X-Proxy-Cache-Info
0301 NC:000000 UP:
X-SG-CDN
1
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one-step-media.com/
Origin
https://one-step-media.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 26 Dec 2023 03:58:32 GMT
x-content-type-options
nosniff
age
330514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 03:58:32 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v35/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba3783050d8a2d02e1cdc8463b635dc21ac2a84da9ebd33bf362ed83ee53a2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one-step-media.com/
Origin
https://one-step-media.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 27 Dec 2023 16:19:51 GMT
x-content-type-options
nosniff
age
199635
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43120
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:11:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 16:19:51 GMT
css2
fonts.googleapis.com/ 		6 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36a5ac1c5b6d530697032fb479da20a5f000519562c010f3e77132b3f38d01fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://one-step-media.com/
Origin
https://one-step-media.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Dec 2023 23:47:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 29 Dec 2023 23:47:06 GMT
css2
fonts.googleapis.com/ 		6 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&display=swap
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aa4dd193cd0f3b685ce85e01658bca98e6cb4093121d0d9e0e183f3a0b05ed2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://one-step-media.com/
Origin
https://one-step-media.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Dec 2023 23:47:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 29 Dec 2023 23:47:06 GMT
css2
fonts.googleapis.com/ 		6 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@600&display=swap
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
24ab059f5c0f7ec3eb77d506754d72edaf9d9a1181c2931628551a7dc068319f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://one-step-media.com/
Origin
https://one-step-media.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Dec 2023 23:47:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 29 Dec 2023 23:47:06 GMT
siteground-optimizer-combined-css-9b4e98cf4eef1c907690a17729c8dbb7.css
one-step-media.com/wp-content/uploads/siteground-optimizer-assets/ 		416 KB
95 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one-step-media.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-9b4e98cf4eef1c907690a17729c8dbb7.css
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ba038de05c7d8290621f7efd89014fd4df36cbb92095ac2ab8ab5fd4bf940bc1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-step-media.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-proxy-cache
MISS
date
Fri, 29 Dec 2023 23:47:07 GMT
content-encoding
gzip
expires
Sat, 28 Dec 2024 23:47:07 GMT
last-modified
Mon, 14 Aug 2023 02:26:27 GMT
server
nginx
etag
W/"64d990d3-67fd3"
vary
Accept-Encoding
x-proxy-cache-info
0 NC:000000 UP:
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
x-sg-cdn
1
icomoon.woff
one-step-media.com/wp-content/themes/salient/css/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://one-step-media.com/wp-content/themes/salient/css/fonts/icomoon.woff?v=1.4
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
aef0d74c44bcd113bc73296d9bd9a9c6efbb098e82678071ae7a783ba2ef7dca

Request headers

Referer
https://one-step-media.com/
Origin
https://one-step-media.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-proxy-cache
MISS
date
Fri, 29 Dec 2023 23:47:07 GMT
expires
Sat, 28 Dec 2024 23:47:07 GMT
last-modified
Thu, 04 May 2023 13:35:00 GMT
server
nginx
etag
"6453b484-5398"
x-proxy-cache-info
0 NC:000000 UP:
content-type
font/woff
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
21400
x-cdn-c
static
x-sg-cdn
1
one-step-data_trend-navy.webp
one-step-media.com/wp-content/uploads/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one-step-media.com/wp-content/uploads/one-step-data_trend-navy.webp
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0a23d414d657e0cf8848c4d3d99de42fc7cadadb46f7365f9f15b77f4bcce1bf

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-step-media.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-proxy-cache
MISS
date
Fri, 29 Dec 2023 23:47:07 GMT
expires
Sat, 28 Dec 2024 23:47:07 GMT
last-modified
Fri, 05 May 2023 01:12:53 GMT
server
nginx
etag
"64545815-480e"
x-proxy-cache-info
0 NC:000000 UP:
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
18446
x-cdn-c
static
x-sg-cdn
1
one-step-lets-elevate.webp
one-step-media.com/wp-content/uploads/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://one-step-media.com/wp-content/uploads/one-step-lets-elevate.webp
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a2da257e1b33e28145623d4f25f983f0c3081380b3e68a16ab1ab2488aac44fc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-step-media.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-proxy-cache
MISS
date
Fri, 29 Dec 2023 23:47:07 GMT
expires
Sat, 28 Dec 2024 23:47:07 GMT
last-modified
Fri, 05 May 2023 00:49:25 GMT
server
nginx
etag
"64545295-46f8"
x-proxy-cache-info
0 NC:000000 UP:
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
18168
x-cdn-c
static
x-sg-cdn
1
style-non-critical.css
one-step-media.com/wp-content/themes/salient/css/build/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one-step-media.com/wp-content/themes/salient/css/build/style-non-critical.css
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
46ef0fcbaf594ee81c04ee892757c23c3234d363132ac1a67e1c6c0ed0af4bb4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-step-media.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-proxy-cache
MISS
date
Fri, 29 Dec 2023 23:47:07 GMT
content-encoding
gzip
expires
Sat, 28 Dec 2024 23:47:07 GMT
last-modified
Thu, 04 May 2023 13:35:00 GMT
server
nginx
etag
W/"6453b484-60ca"
vary
Accept-Encoding
x-proxy-cache-info
0 NC:000000 UP:
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
x-sg-cdn
1
jquery.fancybox.css
one-step-media.com/wp-content/themes/salient/css/build/plugins/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one-step-media.com/wp-content/themes/salient/css/build/plugins/jquery.fancybox.css
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9bfd65a4d3d6dc823abdcf6a9b8f18c45c9cae0728d17688875f222747b5c775

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-step-media.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-proxy-cache
MISS
date
Fri, 29 Dec 2023 23:47:08 GMT
content-encoding
gzip
expires
Sat, 28 Dec 2024 23:47:08 GMT
last-modified
Thu, 04 May 2023 13:35:00 GMT
server
nginx
etag
W/"6453b484-3649"
vary
Accept-Encoding
x-proxy-cache-info
0 NC:000000 UP:
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
x-sg-cdn
1
core.css
one-step-media.com/wp-content/themes/salient/css/build/off-canvas/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one-step-media.com/wp-content/themes/salient/css/build/off-canvas/core.css
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c320e09149c933460df7fba4784834ad7ffcece79fa6f0787a63bca782d51bb7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-step-media.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-proxy-cache
MISS
date
Fri, 29 Dec 2023 23:47:09 GMT
content-encoding
gzip
expires
Sat, 28 Dec 2024 23:47:08 GMT
last-modified
Thu, 04 May 2023 13:35:00 GMT
server
nginx
etag
W/"6453b484-584e"
vary
Accept-Encoding
x-proxy-cache-info
0 NC:000000 UP:
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
x-sg-cdn
1
fullscreen-legacy.css
one-step-media.com/wp-content/themes/salient/css/build/off-canvas/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://one-step-media.com/wp-content/themes/salient/css/build/off-canvas/fullscreen-legacy.css
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7e80cef9f5f538e386757fd448c26a185c5596526d7630c1786b86334549bd5b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-step-media.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-proxy-cache
MISS
date
Fri, 29 Dec 2023 23:47:09 GMT
content-encoding
gzip
expires
Sat, 28 Dec 2024 23:47:08 GMT
last-modified
Thu, 04 May 2023 13:35:00 GMT
server
nginx
etag
W/"6453b484-2420"
vary
Accept-Encoding
x-proxy-cache-info
0 NC:000000 UP:
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
x-sg-cdn
1
siteground-optimizer-combined-js-0207b06bab537b1ca56b827cee1d27d2.js
one-step-media.com/wp-content/uploads/siteground-optimizer-assets/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://one-step-media.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-0207b06bab537b1ca56b827cee1d27d2.js
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cda29d4f389105bd70c60d127ab30f921a4e122c1f0abdb4e86de478260dcd50

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-step-media.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-proxy-cache
MISS
date
Fri, 29 Dec 2023 23:47:09 GMT
content-encoding
gzip
expires
Sat, 28 Dec 2024 23:47:08 GMT
last-modified
Sun, 13 Aug 2023 09:36:28 GMT
server
nginx
etag
W/"64d8a41c-23ea"
vary
Accept-Encoding
x-proxy-cache-info
0 NC:000000 UP:
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cdn-c
static
x-sg-cdn
1
truncated
/ 		63 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7df4ef9233cc61a9fcc9df91effe2df357cd014f94473b0ec155aa01243f55cc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		63 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
989f963556f82d10f9173059d36bd63abac18c2487ded5ded3bb6099ec487268

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		63 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
276c48618fa5d0ef57d029ca2e416ff0e32fc2fb19624c63ba5fe868ecae12da

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml;charset=utf-8
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVc.ttf
fonts.gstatic.com/s/opensans/v35/ 		50 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVc.ttf
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcc7eb8b166689cc607d38b54cdde27763ee8ca6a9a84fa4563874e7df5aaea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one-step-media.com/
Origin
https://one-step-media.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 26 Dec 2023 20:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270687
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32507
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:15:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 20:35:41 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVc.ttf
fonts.gstatic.com/s/opensans/v35/ 		50 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVc.ttf
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668ffc8dd7e0f214f293741792c16516c6d4cac1a881ede6fe952b406562d559
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one-step-media.com/
Origin
https://one-step-media.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 25 Dec 2023 22:13:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
351242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:15:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Dec 2024 22:13:06 GMT
icomoon.woff
one-step-media.com/wp-content/themes/salient/css/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://one-step-media.com/wp-content/themes/salient/css/fonts/icomoon.woff?v=1.3
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-9b4e98cf4eef1c907690a17729c8dbb7.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
aef0d74c44bcd113bc73296d9bd9a9c6efbb098e82678071ae7a783ba2ef7dca

Request headers

Referer
https://one-step-media.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-9b4e98cf4eef1c907690a17729c8dbb7.css
Origin
https://one-step-media.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

x-proxy-cache
MISS
date
Fri, 29 Dec 2023 23:47:09 GMT
expires
Sat, 28 Dec 2024 23:47:09 GMT
last-modified
Thu, 04 May 2023 13:35:00 GMT
server
nginx
etag
"6453b484-5398"
x-proxy-cache-info
0 NC:000000 UP:
content-type
font/woff
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
21400
x-cdn-c
static
x-sg-cdn
1
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVc.ttf
fonts.gstatic.com/s/opensans/v35/ 		50 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVc.ttf
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c026fde850f836b9dab21f8795abcc8e64bcbe6c8b6ef1668612f8c4536e17d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://one-step-media.com/
Origin
https://one-step-media.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 26 Dec 2023 20:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32315
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:15:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 20:51:03 GMT
botsonic.min.js
d1m9uqhmlogh4h.cloudfront.net/CDN/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1m9uqhmlogh4h.cloudfront.net/CDN/botsonic.min.js
Requested by
Host: one-step-media.com
URL: https://one-step-media.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-0207b06bab537b1ca56b827cee1d27d2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:4600:1:c79:ac40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33f51971958d5f49e6f3ec0f145d650f79d18ee381f85885c9ed2b8cb678c42b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://one-step-media.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 29 Dec 2023 22:11:36 GMT
content-encoding
gzip
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
last-modified
Sun, 30 Jul 2023 12:53:21 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
6023
x-amz-server-side-encryption
AES256
etag
W/"3f871d364be6fc6e4507a3072b034cb0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
LF4dFZAoo8cL8tz-ojXPprEMQ0h8_wn1UHOTf5SgG9sDqVuKHidsaw==
index.html
d1m9uqhmlogh4h.cloudfront.net/CDN/ Frame DFE3 		677 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d1m9uqhmlogh4h.cloudfront.net/CDN/index.html?service-base-url=https%3A%2F%2Fapi.writesonic.com&token=f7e45b74-9f3c-4cfe-88a2-84f95c92d5fc&base-origin=https%3A%2F%2Fone-step-media.com
Requested by
Host: d1m9uqhmlogh4h.cloudfront.net
URL: https://d1m9uqhmlogh4h.cloudfront.net/CDN/botsonic.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:4600:1:c79:ac40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc050732dbcb369da3c5c9ab5ce018aa3f3fa2ea7fd9b00162b47133bfe85a7f

Request headers

Referer
https://one-step-media.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
73063
content-length
677
content-type
text/html
date
Fri, 29 Dec 2023 03:37:03 GMT
etag
"9056f8f500573817fe72bbed6bce7dde"
last-modified
Sun, 30 Jul 2023 12:53:21 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
x-amz-cf-id
E5hmcvLAtWXUeQ4E35uZcVjppcPh9dpMSzGZQD8D2i4Rur5yJtjTsg==
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
main.5e359ae9.js
d1m9uqhmlogh4h.cloudfront.net/CDN/static/js/ Frame DFE3 		250 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1m9uqhmlogh4h.cloudfront.net/CDN/static/js/main.5e359ae9.js
Requested by
Host: d1m9uqhmlogh4h.cloudfront.net
URL: https://d1m9uqhmlogh4h.cloudfront.net/CDN/index.html?service-base-url=https%3A%2F%2Fapi.writesonic.com&token=f7e45b74-9f3c-4cfe-88a2-84f95c92d5fc&base-origin=https%3A%2F%2Fone-step-media.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:4600:1:c79:ac40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d15095f028e1919b366950912c76de938214a30e1f0f700ae7b793ab893dc9c6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://d1m9uqhmlogh4h.cloudfront.net/CDN/index.html?service-base-url=https%3A%2F%2Fapi.writesonic.com&token=f7e45b74-9f3c-4cfe-88a2-84f95c92d5fc&base-origin=https%3A%2F%2Fone-step-media.com
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 29 Dec 2023 00:39:19 GMT
content-encoding
gzip
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
last-modified
Sun, 30 Jul 2023 12:53:21 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
83272
etag
W/"18f7fdc21c00ba47505f2866cf8046b5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
1GS_e-cQYfFfYrVTDngN7LyWOOhF1WPfd8B6HEb8ZalZ_0tWmuwj5w==
main.148f7aa0.css
d1m9uqhmlogh4h.cloudfront.net/CDN/static/css/ Frame DFE3 		75 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1m9uqhmlogh4h.cloudfront.net/CDN/static/css/main.148f7aa0.css
Requested by
Host: d1m9uqhmlogh4h.cloudfront.net
URL: https://d1m9uqhmlogh4h.cloudfront.net/CDN/index.html?service-base-url=https%3A%2F%2Fapi.writesonic.com&token=f7e45b74-9f3c-4cfe-88a2-84f95c92d5fc&base-origin=https%3A%2F%2Fone-step-media.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2212:4600:1:c79:ac40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
283040825c5688164a86be32561e137e2884fdb0d9b50f989dc0cb354a0b7109

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://d1m9uqhmlogh4h.cloudfront.net/CDN/index.html?service-base-url=https%3A%2F%2Fapi.writesonic.com&token=f7e45b74-9f3c-4cfe-88a2-84f95c92d5fc&base-origin=https%3A%2F%2Fone-step-media.com
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 29 Dec 2023 04:40:16 GMT
content-encoding
gzip
via
1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
last-modified
Sun, 30 Jul 2023 12:53:21 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
69064
x-amz-server-side-encryption
AES256
etag
W/"379ad66341ed09a6cdbe1d0ab0fee93e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
RV7wAs-lWB-fK8vhs5YJJOLKgAKfhxqv_xOUcMr5g-_t7toIDSn3Bw==
get-botsonic-information-from-widget
api.writesonic.com/v1/botsonic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.writesonic.com/v1/botsonic/get-botsonic-information-from-widget
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.214.146.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-146-67.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,token
Access-Control-Request-Method
GET
Origin
https://d1m9uqhmlogh4h.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,token
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://d1m9uqhmlogh4h.cloudfront.net
access-control-max-age
600
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 29 Dec 2023 23:47:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
widget
api.writesonic.com/v1/botsonic/chat-configuration/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.writesonic.com/v1/botsonic/chat-configuration/widget
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.214.146.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-146-67.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,token
Access-Control-Request-Method
GET
Origin
https://d1m9uqhmlogh4h.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,token
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://d1m9uqhmlogh4h.cloudfront.net
access-control-max-age
600
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 29 Dec 2023 23:47:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
get-botsonic-information-from-widget
api.writesonic.com/v1/botsonic/ Frame DFE3 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.writesonic.com/v1/botsonic/get-botsonic-information-from-widget
Requested by
Host: d1m9uqhmlogh4h.cloudfront.net
URL: https://d1m9uqhmlogh4h.cloudfront.net/CDN/static/js/main.5e359ae9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.214.146.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-146-67.compute-1.amazonaws.com
Software
/
Resource Hash
abde9f644fff74ab1ebf24aa8259b4e481a7931a2c5f0f8ee4e4cbeeb1e9540a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://d1m9uqhmlogh4h.cloudfront.net/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
token
f7e45b74-9f3c-4cfe-88a2-84f95c92d5fc
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 29 Dec 2023 23:47:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
2600
content-type
application/json
widget
api.writesonic.com/v1/botsonic/chat-configuration/ Frame DFE3 		374 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.writesonic.com/v1/botsonic/chat-configuration/widget
Requested by
Host: d1m9uqhmlogh4h.cloudfront.net
URL: https://d1m9uqhmlogh4h.cloudfront.net/CDN/static/js/main.5e359ae9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.214.146.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-146-67.compute-1.amazonaws.com
Software
/
Resource Hash
3304d4c672e4614dc0b466acd1493960fb560d3bd1c1c2793ab463bfff2b320c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://d1m9uqhmlogh4h.cloudfront.net/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
token
f7e45b74-9f3c-4cfe-88a2-84f95c92d5fc
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 29 Dec 2023 23:47:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
374
content-type
application/json
third-party-integrations
api.writesonic.com/v1/botsonic/691b03f3-8f9e-4462-b652-47edcd506697/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.writesonic.com/v1/botsonic/691b03f3-8f9e-4462-b652-47edcd506697/third-party-integrations?isActive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.214.146.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-146-67.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://d1m9uqhmlogh4h.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://d1m9uqhmlogh4h.cloudfront.net
access-control-max-age
600
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 29 Dec 2023 23:47:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
third-party-integrations
api.writesonic.com/v1/botsonic/691b03f3-8f9e-4462-b652-47edcd506697/ Frame DFE3 		2 B
167 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.writesonic.com/v1/botsonic/691b03f3-8f9e-4462-b652-47edcd506697/third-party-integrations?isActive=true
Requested by
Host: d1m9uqhmlogh4h.cloudfront.net
URL: https://d1m9uqhmlogh4h.cloudfront.net/CDN/static/js/main.5e359ae9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.214.146.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-146-67.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://d1m9uqhmlogh4h.cloudfront.net/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 29 Dec 2023 23:47:12 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
2
content-type
application/json
/
geolocation-db.com/json/ Frame DFE3 		150 B
258 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geolocation-db.com/json/
Requested by
Host: d1m9uqhmlogh4h.cloudfront.net
URL: https://d1m9uqhmlogh4h.cloudfront.net/CDN/static/js/main.5e359ae9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a6a7f5ebeb73c8f3c157b1e18592d0b7faa06c75cb2d11fd294739462aea46fa

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://d1m9uqhmlogh4h.cloudfront.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
date
Fri, 29 Dec 2023 23:47:12 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
content-type
text/html; charset=UTF-8
Satoshi-Bold.woff2
writesonic.s3.amazonaws.com/frontend-assets/fonts/ Frame DFE3 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://writesonic.s3.amazonaws.com/frontend-assets/fonts/Satoshi-Bold.woff2
Requested by
Host: d1m9uqhmlogh4h.cloudfront.net
URL: https://d1m9uqhmlogh4h.cloudfront.net/CDN/static/css/main.148f7aa0.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.201.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
353a7fbfb4475f0c31470a7449226006cb64211c71055ca9db860a8acdaa9f68

Request headers

Referer
https://d1m9uqhmlogh4h.cloudfront.net/
Origin
https://d1m9uqhmlogh4h.cloudfront.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Fri, 29 Dec 2023 23:47:13 GMT
Last-Modified
Thu, 27 Apr 2023 09:25:39 GMT
Server
AmazonS3
x-amz-request-id
GM8H2CZA28V0GHR3
ETag
"d4db658f4dd63bc2d0d84f325a341e29"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
25328
x-amz-id-2
9oFVRIhz+65gBb7nZpWDeBs5KexoSUMQvZAHzVwOgiB2iAW84+9zAoyjEyKsGvCUANG6d50q5Wo=
Satoshi-Regular.woff2
writesonic.s3.amazonaws.com/frontend-assets/fonts/ Frame DFE3 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://writesonic.s3.amazonaws.com/frontend-assets/fonts/Satoshi-Regular.woff2
Requested by
Host: d1m9uqhmlogh4h.cloudfront.net
URL: https://d1m9uqhmlogh4h.cloudfront.net/CDN/static/css/main.148f7aa0.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.201.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
50dca57f0b77918e0fb7dac998c3f5ef6b0c2a29657da97658a04f98ac532fc5

Request headers

Referer
https://d1m9uqhmlogh4h.cloudfront.net/
Origin
https://d1m9uqhmlogh4h.cloudfront.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Fri, 29 Dec 2023 23:47:13 GMT
Last-Modified
Thu, 27 Apr 2023 09:25:51 GMT
Server
AmazonS3
x-amz-request-id
GM8RGR0MPJ7W1F2B
ETag
"71a6023c087c936859024eb16ec7a519"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
25516
x-amz-id-2
XxNn7/5nneivSE/Vgt0XQkZFIR+9h6qdWZfI6RrofVJ1L3NTXd1aJ1PadfgIW2pMFgo6tlc3ofw=
Satoshi-Medium.woff2
writesonic.s3.amazonaws.com/frontend-assets/fonts/ Frame DFE3 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://writesonic.s3.amazonaws.com/frontend-assets/fonts/Satoshi-Medium.woff2
Requested by
Host: d1m9uqhmlogh4h.cloudfront.net
URL: https://d1m9uqhmlogh4h.cloudfront.net/CDN/static/css/main.148f7aa0.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.201.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
af02a72246f53ad49c44a591921edbd39ec8258a03d8cc2e0532aa1e497e85b4

Request headers

Referer
https://d1m9uqhmlogh4h.cloudfront.net/
Origin
https://d1m9uqhmlogh4h.cloudfront.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Fri, 29 Dec 2023 23:47:13 GMT
Last-Modified
Thu, 27 Apr 2023 09:25:59 GMT
Server
AmazonS3
x-amz-request-id
GM8REXJA4TEEZCT5
ETag
"cd790237ed63c56b30aa8fb9d99a7563"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
25596
x-amz-id-2
BNW6Ilwh52evsDgOUoWAzw8jHCvoJUPjd68cAAMSZ3pagXDSBdsOD4FYLhT7Oex1mFQHJTVn0Q4=
BotsonicNew.png
writesonic-frontend.s3.us-east-1.amazonaws.com/frontend-assets/templates-new/ Frame DFE3 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://writesonic-frontend.s3.us-east-1.amazonaws.com/frontend-assets/templates-new/BotsonicNew.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.139.74 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ab441d8c26e8d147958630c569a37108faf108becaf1aa4cc5aa4d9697a1f7d2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://d1m9uqhmlogh4h.cloudfront.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Fri, 29 Dec 2023 23:47:13 GMT
Last-Modified
Tue, 18 Apr 2023 14:28:50 GMT
Server
AmazonS3
x-amz-request-id
GM8WYSN4060DD021
ETag
"b42f168cb107cc3138938ac3088611cf"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
21969
x-amz-id-2
CalqE5NzIs4o2FRBilDBmlVv607U8nkrvqiiHuFJUmRDGnJJgjYtPe9TeeprAWTSBnwN15utOjY=
BotsonicBannerGrey.png
writesonic.s3.amazonaws.com/frontend-assets/images/ Frame DFE3 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://writesonic.s3.amazonaws.com/frontend-assets/images/BotsonicBannerGrey.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.201.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d8a76061dda38149f8aa231d28fe10e78236e9a277d0987c5adb339e9852f208

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://d1m9uqhmlogh4h.cloudfront.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Fri, 29 Dec 2023 23:47:13 GMT
Last-Modified
Tue, 25 Apr 2023 12:47:35 GMT
Server
AmazonS3
x-amz-request-id
GM8SQ3J3B6K1DZ1H
ETag
"908ad1237386ec31e1c059fc1fca2a90"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
31551
x-amz-id-2
IIvMvmLLO6WJh5cwOJ3+qfA9eHATz2Po0wWMVBAKB5zPUkWyAUqlo0yK6eBl4gqQKei5rAE4wHc=
BotsonicBannerBlack.png
writesonic.s3.amazonaws.com/frontend-assets/images/ Frame DFE3 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://writesonic.s3.amazonaws.com/frontend-assets/images/BotsonicBannerBlack.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.201.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d17fc8a7e607395fba621a99fd3ae52cf97f00ef7a3f39ec7ffd7121bc8e4ce5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://d1m9uqhmlogh4h.cloudfront.net/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Fri, 29 Dec 2023 23:47:13 GMT
Last-Modified
Tue, 25 Apr 2023 12:48:45 GMT
Server
AmazonS3
x-amz-request-id
GM8QR6TZPAHEPV2E
ETag
"eeda4ee99b0968553672db4c1ca26038"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
35469
x-amz-id-2
r+dfHu8TR4Vh99qocxkvN+wvV4XJrDd0XxjHbbbWwkfFvCjbyOZP5iZHOAC3PtyCTJIaJBKIJ9U=

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _wpmeteor object| root string| botsonic_widget function| Botsonic object| lazySizes object| botsonicConfig boolean| loaded-Botsonic object| main

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.writesonic.com
d1m9uqhmlogh4h.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
geolocation-db.com
one-step-media.com
writesonic-frontend.s3.us-east-1.amazonaws.com
writesonic.s3.amazonaws.com
159.89.102.253
18.214.146.67
2404:6800:4006:809::2003
2404:6800:4006:811::200a
2600:9000:2212:4600:1:c79:ac40:21
34.160.17.71
52.217.139.74
52.217.201.161
0a23d414d657e0cf8848c4d3d99de42fc7cadadb46f7365f9f15b77f4bcce1bf
0c026fde850f836b9dab21f8795abcc8e64bcbe6c8b6ef1668612f8c4536e17d
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
24ab059f5c0f7ec3eb77d506754d72edaf9d9a1181c2931628551a7dc068319f
276c48618fa5d0ef57d029ca2e416ff0e32fc2fb19624c63ba5fe868ecae12da
283040825c5688164a86be32561e137e2884fdb0d9b50f989dc0cb354a0b7109
3304d4c672e4614dc0b466acd1493960fb560d3bd1c1c2793ab463bfff2b320c
33f51971958d5f49e6f3ec0f145d650f79d18ee381f85885c9ed2b8cb678c42b
353a7fbfb4475f0c31470a7449226006cb64211c71055ca9db860a8acdaa9f68
36a5ac1c5b6d530697032fb479da20a5f000519562c010f3e77132b3f38d01fb
46ef0fcbaf594ee81c04ee892757c23c3234d363132ac1a67e1c6c0ed0af4bb4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50dca57f0b77918e0fb7dac998c3f5ef6b0c2a29657da97658a04f98ac532fc5
668ffc8dd7e0f214f293741792c16516c6d4cac1a881ede6fe952b406562d559
7df4ef9233cc61a9fcc9df91effe2df357cd014f94473b0ec155aa01243f55cc
7e80cef9f5f538e386757fd448c26a185c5596526d7630c1786b86334549bd5b
989f963556f82d10f9173059d36bd63abac18c2487ded5ded3bb6099ec487268
9bfd65a4d3d6dc823abdcf6a9b8f18c45c9cae0728d17688875f222747b5c775
a2da257e1b33e28145623d4f25f983f0c3081380b3e68a16ab1ab2488aac44fc
a6a7f5ebeb73c8f3c157b1e18592d0b7faa06c75cb2d11fd294739462aea46fa
aa4dd193cd0f3b685ce85e01658bca98e6cb4093121d0d9e0e183f3a0b05ed2e
ab441d8c26e8d147958630c569a37108faf108becaf1aa4cc5aa4d9697a1f7d2
abde9f644fff74ab1ebf24aa8259b4e481a7931a2c5f0f8ee4e4cbeeb1e9540a
aef0d74c44bcd113bc73296d9bd9a9c6efbb098e82678071ae7a783ba2ef7dca
af02a72246f53ad49c44a591921edbd39ec8258a03d8cc2e0532aa1e497e85b4
ba038de05c7d8290621f7efd89014fd4df36cbb92095ac2ab8ab5fd4bf940bc1
ba3783050d8a2d02e1cdc8463b635dc21ac2a84da9ebd33bf362ed83ee53a2b5
bcc7eb8b166689cc607d38b54cdde27763ee8ca6a9a84fa4563874e7df5aaea9
c320e09149c933460df7fba4784834ad7ffcece79fa6f0787a63bca782d51bb7
cda29d4f389105bd70c60d127ab30f921a4e122c1f0abdb4e86de478260dcd50
d15095f028e1919b366950912c76de938214a30e1f0f700ae7b793ab893dc9c6
d17fc8a7e607395fba621a99fd3ae52cf97f00ef7a3f39ec7ffd7121bc8e4ce5
d78f79b8acd1156864e9fbc0cf5fdb434693f40e4dd8e63501d35edd60100268
d8a76061dda38149f8aa231d28fe10e78236e9a277d0987c5adb339e9852f208
fc050732dbcb369da3c5c9ab5ce018aa3f3fa2ea7fd9b00162b47133bfe85a7f