1s2u.com Open in urlscan Pro
108.60.201.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1s2u.com/
Effective URL:
https://1s2u.com/
Submission: On April 21 via manual (April 21st 2021, 9:53:34 am UTC) from GB

Summary HTTP 106 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 106 HTTP transactions. The main IP is 108.60.201.13, located in Carrollton, United States and belongs to ZC38-AS1, US. The main domain is 1s2u.com.
TLS certificate: Issued by R3 on February 26th 2021. Valid for: 3 months.

This is the only time 1s2u.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	108.60.201.13 108.60.201.13	13354 (ZC38-AS1) (ZC38-AS1)
71	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.193.96.49 34.193.96.49	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:de00:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	52.218.182.16 52.218.182.16	16509 (AMAZON-02) (AMAZON-02)
1	54.244.192.157 54.244.192.157	16509 (AMAZON-02) (AMAZON-02)
1 6	52.117.22.28 52.117.22.28	36351 (SOFTLAYER) (SOFTLAYER)
7	104.207.128.107 104.207.128.107	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
106	18

2 108.60.201.13 (Carrollton, United States) 1 redirects

ASN13354 (ZC38-AS1, US)
PTR: 1s2u.com

1s2u.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

y4i4e2e2.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.96.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-96-49.compute-1.amazonaws.com

ssl.comodo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:de00:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.182.16 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.244.192.157 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-192-157.us-west-2.compute.amazonaws.com

www.trustedsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.117.22.28 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 1c.16.7534.ip4.static.sl-reverse.com

mylivechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chat1.mylivechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.207.128.107 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 104.207.128.107.vultr.com

app.trustlock.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	stackpathcdn.com y4i4e2e2.stackpathcdn.com	402 KB
7	trustlock.co app.trustlock.co	27 KB
6	mylivechat.com 1 redirects mylivechat.com chat1.mylivechat.com	86 KB
6	gstatic.com fonts.gstatic.com	161 KB
4	googleapis.com fonts.googleapis.com	2 KB
2	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	70 KB
2	1s2u.com 1 redirects 1s2u.com	62 KB
1	trustedsite.com www.trustedsite.com	875 B
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	doubleclick.net stats.g.doubleclick.net	83 B
1	ywxi.net cdn.ywxi.net	5 KB
1	comodo.com ssl.comodo.com	3 KB
106	15

	Domain	Requested by
71	y4i4e2e2.stackpathcdn.com	1s2u.com y4i4e2e2.stackpathcdn.com
7	app.trustlock.co	y4i4e2e2.stackpathcdn.com app.trustlock.co
6	fonts.gstatic.com	fonts.googleapis.com
5	chat1.mylivechat.com	mylivechat.com chat1.mylivechat.com
4	fonts.googleapis.com	1s2u.com mylivechat.com
2	s3-us-west-2.amazonaws.com	cdn.ywxi.net
2	www.google-analytics.com	1s2u.com www.google-analytics.com
2	maxcdn.bootstrapcdn.com	1s2u.com maxcdn.bootstrapcdn.com
2	1s2u.com	1 redirects
1	mylivechat.com	1 redirects
1	www.trustedsite.com	cdn.ywxi.net
1	www.google.de	1s2u.com
1	www.google.com	1s2u.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.ywxi.net	1s2u.com
1	ssl.comodo.com	1s2u.com
106	16

This site contains links to these domains. Also see Links.

Domain
wa.me
1s2u.zendesk.com
status.1s2u.com
1s2u.blogspot.com
1s2u.net
play.google.com
paypal.com

Subject Issuer	Validity	Valid
1s2u.com R3	`2021-02-26` - `2021-05-27`	3 months	crt.sh
*.stackpathcdn.com Go Daddy Secure Certificate Authority - G2	`2019-06-27` - `2021-06-27`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
ssl.comodo.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-13` - `2022-04-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.ywxi.net Amazon	`2020-09-01` - `2021-10-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
*.trustedsite.com Amazon	`2021-02-09` - `2022-03-10`	a year	crt.sh
*.mylivechat.com Go Daddy Secure Certificate Authority - G2	`2020-09-03` - `2021-10-05`	a year	crt.sh
app.trustlock.co R3	`2021-04-12` - `2021-07-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://1s2u.com/
Frame ID: 06491FAA3ECBF41AC9203BFD60D14EC4
Requests: 99 HTTP requests in this frame

Frame: https://app.trustlock.co/iframe/5664/my-badge/296
Frame ID: A20A61A95905AED398E66E9099A6CF4A
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://1s2u.com/ HTTP 301
https://1s2u.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

106
Requests

100 %
HTTPS

61 %
IPv6

15
Domains

16
Subdomains

18
IPs

3
Countries

841 kB
Transfer

1653 kB
Size

4
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/12132213751?text=I%27m%20interested%20in%20your%20bulk%20sms%20service%20and%20prices

Search URL Search Domain Scan URL

URL: https://1s2u.zendesk.com/hc/en-us
Title: Bulk SMS Knowledge-base

Search URL Search Domain Scan URL

URL: https://status.1s2u.com/
Title: Real-Time Monitoring

Search URL Search Domain Scan URL

URL: https://1s2u.blogspot.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://1s2u.zendesk.com/hc/en-us/requests/new
Title: Submit Request

Search URL Search Domain Scan URL

URL: https://1s2u.net/hlr/login.asp
Title: HLR Lookup

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=application.com.SMS1s2u&hl=en
Title: ( Click on this link or search for 1s2u sms at Google Play Store )

Search URL Search Domain Scan URL

URL: https://paypal.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1s2u.com/ HTTP 301
https://1s2u.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://mylivechat.com/chatinline.aspx?hccid=75226229&_=1618998798718 HTTP 302
https://chat1.mylivechat.com/livechat2/livechat2.aspx?hccid=75226229&_=1618998798718&apimode=chatinline

106 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
1s2u.com/
Redirect Chain

http://1s2u.com/
https://1s2u.com/

61 KB
61 KB

656ms
250ms

Document
text/html

108.60.201.13
ZC38-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://1s2u.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

108.60.201.13 Carrollton, United States, ASN13354 (ZC38-AS1, US),

Reverse DNS

1s2u.com

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

de674f78336b68086efba1e7a307a14fbd23f53043b3f09dcf6b8ace5827a399

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Host: 1s2u.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Set-Cookie: ASPSESSIONIDAWDCRSTS=BOEOHOFDADMJMNANKDJLECLG; secure; path=/; HttpOnly
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
X-XSS-Protection: 1;mode=block
X-Content-type-options: nonsniff
X-Frame-Options: SAMEORIGIN
Date: Wed, 21 Apr 2021 14:58:55 GMT
Content-Length: 62458

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://1s2u.com/
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
X-XSS-Protection: 1;mode=block
X-Content-type-options: nonsniff
X-Frame-Options: SAMEORIGIN
Date: Wed, 21 Apr 2021 14:58:55 GMT
Content-Length: 140

GET
H2 200 bootstrap.css
y4i4e2e2.stackpathcdn.com/css-new/css/ 112 KB
20 KB 114ms
24ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/css/bootstrap.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

054b0b1f5784139b586582ea87c96f4c8e90a96ab7cf5cc4ee1c3b97bd8f62f4

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 20406
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Mar 2019 09:14:21 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "805453cea1dcd41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds225.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 dark-style.css
y4i4e2e2.stackpathcdn.com/css-new/css/root-css/ 65 KB
13 KB 114ms
24ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/dark-style.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

93f1f4e19c1a8db53699abdd646b9dd9eba7104c80ec735d9d2bde4e4a2c58f2

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 13130
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Tue, 12 Mar 2019 00:01:08 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "0bab0b166d8d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds222.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 style.css
y4i4e2e2.stackpathcdn.com/css-new/css/root-css/ 3 KB
1 KB 135ms
45ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/style.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

1308b1b9a68f3d78352af7aaafc9cbbee3e840460cc120ff721a0c2b4b21a11f

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 1134
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Mar 2019 13:13:48 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "08eb941c3dcd41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds210.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 owl-carousel.css
y4i4e2e2.stackpathcdn.com/css-new/css/ 5 KB
2 KB 135ms
45ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/css/owl-carousel.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

3ee0eb64f893f9ad705f8755261f081ca9d800a4f4a87ae852dedff87f68a9c1

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 1426
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:04:00 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "098b54854c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds227.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 animate.min.css
y4i4e2e2.stackpathcdn.com/css-new/css/ 43 KB
6 KB 136ms
46ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/css/animate.min.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

b3fcf5586148b22bda44b17386f54d04a1ae506339ea26c428052c627010d31b

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 6105
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Mar 2019 12:56:39 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "ca18dadcc0dcd41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds047.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 5 KB
702 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,400italic,700,700italic

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8a20447d071700e9a8a7cb13aee1a8b7f51b989a6dd0711bfad7f6a7a71b678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 09:37:52 GMT
server: ESF
date: Wed, 21 Apr 2021 09:53:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Apr 2021 09:53:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
588 B 21ms
18ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,300,400italic,300italic,700,700italic,900

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

981c90ab1d927cf023aa41518f495f830d0b68248b2b7bf5ae9629213ef85a17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 09:51:30 GMT
server: ESF
date: Wed, 21 Apr 2021 09:53:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Apr 2021 09:53:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
631 B 19ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Exo:400,300,600,500,400italic,700italic,800,900

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cefd3f5ef08b22dc9d3b1adfae73ea1cf16ed292a8af6832fff45fa487595cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 09:53:18 GMT
server: ESF
date: Wed, 21 Apr 2021 09:53:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Apr 2021 09:53:18 GMT

GET
H2 200 li-scroller.css
y4i4e2e2.stackpathcdn.com/css-new/js/ 886 B
690 B 136ms
47ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/li-scroller.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

58e768be70be37736d3740a3576e6f917343ca460e514abdb7829292a1816491

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 573
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:07:12 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "07826bb54c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds231.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 settings.css
y4i4e2e2.stackpathcdn.com/css-new/rs-plugin/css/ 38 KB
5 KB 140ms
51ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/rs-plugin/css/settings.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

b9b3bacd9a6127f69b153a0d65dc3e406b4f226c5615432a5e7db134eaadb14a

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 5438
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Mar 2019 12:55:30 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "0d44b3c0dcd41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds220.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 royalslider.css
y4i4e2e2.stackpathcdn.com/css-new/royalslider/ 4 KB
2 KB 139ms
51ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/royalslider/royalslider.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

7a0fd4e0b1697b5e9fb7be0958183c416f0f63c7dd77c7bbc5c4d1075e68fa6b

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 1467
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:07:28 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "0e0afc454c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds023.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 rs-default-inverted.css
y4i4e2e2.stackpathcdn.com/css-new/royalslider/skins/default-inverted/ 9 KB
3 KB 145ms
57ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/royalslider/skins/default-inverted/rs-default-inverted.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

274b33d6886695ebc2eef2e4d49c8fc81ab4140668dcbe0c3c208e164c26ff49

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 2691
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:07:50 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "0cfccd154c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds037.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 multicol.css
y4i4e2e2.stackpathcdn.com/css-new/css/payment/ 300 B
432 B 154ms
66ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/css/payment/multicol.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

5667e36b815c45325ad08983b939c5d64ab496d6116be0e6547c2c3b009a3428

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 315
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Mar 2019 13:14:28 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "bdadb59c3dcd41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds203.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 font-awesome.css
y4i4e2e2.stackpathcdn.com/css-new/css/ 23 KB
6 KB 142ms
54ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/css/font-awesome.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

40a80a73a65b64ff1790a276927b64ed59861e3b87e4283c6372567bfe9938d6

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 6270
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Mar 2019 09:15:55 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "498a996a2dcd41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds044.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 infinite-slider.css
y4i4e2e2.stackpathcdn.com/css-new/css/ 2 KB
883 B 137ms
49ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/css/infinite-slider.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

a86e68793657d71c2dd3c1560d9a9f27c9adbcd8cd98a68974900d65252eb535

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 766
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Tue, 26 Feb 2019 00:48:22 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "04f1af96ccdd41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds034.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 table.css
y4i4e2e2.stackpathcdn.com/css-new/css/ 280 B
383 B 138ms
51ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/css/table.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

83573b3e010e2a1d582993755a20ad78dc837e8a156f719697a509ca16e79476

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 303
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Fri, 08 Mar 2019 00:39:38 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "0c1e76847d5d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds018.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 W3-tabs-style.css
y4i4e2e2.stackpathcdn.com/css-new/css/ 556 B
533 B 138ms
50ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/css/W3-tabs-style.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

1f1ab4fbb5b2293ea3d717b08cf2a8962151f8e94744fae992264608097f59ef

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 416
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Mon, 04 Mar 2019 20:10:12 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "0aafa45c6d2d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds018.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 101ms
14ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 3594346
cdn-cachedat: 2021-03-10 20:26:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 099572409600004a6746bcb000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d51e4acffbb0c715197a27b396f5e31f
cf-ray: 6435b97a89c14a67-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery-1.6.1.min.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 89 KB
31 KB 144ms
58ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/jquery-1.6.1.min.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 32047
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:07:20 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "02cebbf54c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds010.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 jquery-2.2.4.min.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 83 KB
37 KB 153ms
67ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/jquery-2.2.4.min.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

41a9ac30a8ae6226b0d757d5b1a167c1e23ea0985cb419dae67938e2b8b9d711

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 38114
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Mar 2019 07:34:32 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "bd7f1dc93dcd41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds046.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 sectigo_trust_seal_sm_2x.png
ssl.comodo.com/images/seals/ 3 KB
3 KB 293ms
97ms Image
image/png 34.193.96.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.comodo.com/images/seals/sectigo_trust_seal_sm_2x.png
Requested by: Host: 1s2u.com
URL: https://1s2u.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.96.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-96-49.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 014428424f68097441548d1f3fcbed2f1f1fd52327e49c01bdb9dce25eed3353

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:23 GMT
last-modified: Fri, 16 Apr 2021 23:19:44 GMT
server: nginx
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 3155
expires: Fri, 21 May 2021 09:53:23 GMT

GET
H2 200 pci-complaint-new.png
y4i4e2e2.stackpathcdn.com/css-new/images/ 761 B
885 B 30ms
25ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/images/pci-complaint-new.png

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

9280555a7d1eb345d8b29035dbf2da90f38fd3b1acf59042abb629d290941a6a

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Fri, 15 Mar 2019 05:02:31 GMT
server: fbs
x-powered-by: ASP.NET
etag: "3a10b04becdad41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds043.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 761
x-xss-protection: 1;mode=block

GET
H2 200 pay_sofortbanking.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 1 KB
1 KB 30ms
25ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/pay_sofortbanking.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

e1231607bfce8fca839adb0a7596acfd5fadf675301887061f4b2084db81b3d2

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:05:13 GMT
server: fbs
x-powered-by: ASP.NET
etag: "80fa92a18cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds225.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1029
x-xss-protection: 1;mode=block

GET
H2 200 pay_qiwi.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 1 KB
1 KB 31ms
26ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/pay_qiwi.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

c47cda555121d17c334e510275df5a8c797914b893124a87db3ec64339cae042

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:04:58 GMT
server: fbs
x-powered-by: ASP.NET
etag: "029a2988cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds217.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1075
x-xss-protection: 1;mode=block

GET
H2 200 pay_yandex.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 1 KB
1 KB 31ms
26ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/pay_yandex.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

eb13077b7e92b809ab18264ff957a3aeb829d6f2011c72148041afdd576197e5

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:05:27 GMT
server: fbs
x-powered-by: ASP.NET
etag: "8035eba98cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds039.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1045
x-xss-protection: 1;mode=block

GET
H2 200 paybyme.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 913 B
1 KB 33ms
28ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/paybyme.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

b8c8fafa2ccb749fde2ae02dcd2c29c9769156483b7d47e9f89a4a3597f22a91

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:05:45 GMT
server: fbs
x-powered-by: ASP.NET
etag: "80caa5b48cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds209.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 913
x-xss-protection: 1;mode=block

GET
H2 200 moneta.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 796 B
874 B 36ms
31ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/moneta.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

5b05b466f2dd69aa2a8eeb9997ad59f32e61eab45cb6c5845a1a0bea35c79410

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Thu, 14 Mar 2019 08:35:10 GMT
server: fbs
x-powered-by: ASP.NET
etag: "0f3c7d540dad41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds046.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 796
x-xss-protection: 1;mode=block

GET
H2 200 alfabank.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 723 B
839 B 39ms
34ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/alfabank.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

83dbc3544c5470df4dce716b120aba8431ee4d2005ba95bf8d3b768ff4642055

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:07:57 GMT
server: fbs
x-powered-by: ASP.NET
etag: "80645338dd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds204.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 723
x-xss-protection: 1;mode=block

GET
H2 200 bancodobrasil.png
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 709 B
824 B 38ms
34ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/bancodobrasil.png

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

d8ae6057297c6b756e99ad6936471737b53746bc1a4da1d290e56ca846162593

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:01:06 GMT
server: fbs
x-powered-by: ASP.NET
etag: "0c559e8cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds022.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 709
x-xss-protection: 1;mode=block

GET
H2 200 pay_boleto.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 890 B
1005 B 42ms
37ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/pay_boleto.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

907ebc0d4580aac966d1fe7f66e704a08b671ddcc7429cd97a5ccfd8865beea4

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:03:24 GMT
server: fbs
x-powered-by: ASP.NET
etag: "0e69a608cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds025.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 890
x-xss-protection: 1;mode=block

GET
H2 200 pay_itau.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 759 B
875 B 44ms
39ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/pay_itau.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

c3fe5b987c1b11d7bb5fd3f64bc4fb036bb6dc5e81fb03d2840beab70a859497

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:04:09 GMT
server: fbs
x-powered-by: ASP.NET
etag: "805a6d7b8cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds007.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 759
x-xss-protection: 1;mode=block

GET
H2 200 santander.png
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 873 B
989 B 43ms
40ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/santander.png

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

5f65029f3f9477efd674570c6ccaf28c685885fa57649a7aebf6c3a98c793f57

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:00:50 GMT
server: fbs
x-powered-by: ASP.NET
etag: "05dd048cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds036.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 873
x-xss-protection: 1;mode=block

GET
H2 200 caixa.png
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 625 B
704 B 46ms
42ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/caixa.png

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

788d9e0d264dea70fed0c28191a89b6aca79e2d9d2892750c1828c20170a28c7

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:01:30 GMT
server: fbs
x-powered-by: ASP.NET
etag: "0e1a71c8cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds210.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 625
x-xss-protection: 1;mode=block

GET
H2 200 bradesco.png
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 624 B
704 B 51ms
47ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/bradesco.png

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

5e3db164360c7eabd6074c781ff6d590d91c2caa171c95876eae91d91eb9b367

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:01:16 GMT
server: fbs
x-powered-by: ASP.NET
etag: "0a64f148cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds007.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 624
x-xss-protection: 1;mode=block

GET
H2 200 bancomer.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 967 B
1 KB 51ms
47ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/bancomer.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

e1eaaf5b12abc1ec68684a1e0ed06d17d1aea0e50f90f6e4f2ab6421014da287

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:08:36 GMT
server: fbs
x-powered-by: ASP.NET
etag: "052921a8dd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds042.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 967
x-xss-protection: 1;mode=block

GET
H2 200 oxxo_moxico.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 955 B
1 KB 51ms
48ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/oxxo_moxico.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

05618c214966e4c0d2f7d0a350674a8eadf7d0078b6f1f064f41681c6865e577

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:03:01 GMT
server: fbs
x-powered-by: ASP.NET
etag: "8060e5528cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds228.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 955
x-xss-protection: 1;mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6821
date: Wed, 21 Apr 2021 07:59:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 21 Apr 2021 09:59:37 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,400italic,300italic,700,700italic,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://1s2u.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 21:58:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:05 GMT
server: sffe
age: 42906
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
expires: Wed, 20 Apr 2022 21:58:12 GMT

GET
H2 200 fontawesome-webfont.woff
y4i4e2e2.stackpathcdn.com/css-new/fonts/ 43 KB
44 KB 67ms
25ms Font
font/x-woff 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/fonts/fontawesome-webfont.woff?v=4.0.3

Requested by

Host: y4i4e2e2.stackpathcdn.com
URL: https://y4i4e2e2.stackpathcdn.com/css-new/css/bootstrap.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Origin: https://1s2u.com
Referer: https://y4i4e2e2.stackpathcdn.com/css-new/css/bootstrap.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Sun, 17 Feb 2019 00:04:16 GMT
server: fbs
x-powered-by: ASP.NET
etag: "003f5254c6d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds008.pa1.hn,1618998798.cds034.pa1.c
content-type: font/x-woff
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 44432
x-xss-protection: 1;mode=block

GET
H3-29 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 44 KB
44 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400italic,700,700italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://1s2u.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
age: 258580
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H2 200 logo.png
y4i4e2e2.stackpathcdn.com/css-new/css/root-css/images/ 4 KB
4 KB 37ms
36ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/images/logo.png

Requested by

Host: y4i4e2e2.stackpathcdn.com
URL: https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/dark-style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

015979a2150d6fa3a15d56a1ba8ad1e61860e54a1cfc61ed7fa818c78c0fe4be

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/dark-style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 30 Oct 2019 05:03:27 GMT
server: fbs
x-powered-by: ASP.NET
etag: "5efc15ddf8ed51:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds202.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 3729
x-xss-protection: 1;mode=block

GET
H2 200 flexslider_shadow.png
y4i4e2e2.stackpathcdn.com/css-new/css/root-css/images/ 5 KB
6 KB 36ms
36ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/images/flexslider_shadow.png

Requested by

Host: y4i4e2e2.stackpathcdn.com
URL: https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/dark-style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

45b40479f4c33a6d8c0036e981f4213660c3ae910584914e5e2d220348407838

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/dark-style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Sat, 03 Sep 2016 06:59:07 GMT
server: fbs
x-powered-by: ASP.NET
etag: "77852faab05d21:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds201.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 5569
x-xss-protection: 1;mode=block

GET
H2 200 parallax_06.jpg
y4i4e2e2.stackpathcdn.com/css-new/demos/ 10 KB
10 KB 38ms
38ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/demos/parallax_06.jpg

Requested by

Host: y4i4e2e2.stackpathcdn.com
URL: https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

c45a77ad01ac21d9c95aa372e52543006a8bd598626be0eb4e73a3503aae7210

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 19:37:44 GMT
server: fbs
x-powered-by: ASP.NET
etag: "034993ad4d9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds041.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 9736
x-xss-protection: 1;mode=block

GET
H2 200 parallax_03.jpg
y4i4e2e2.stackpathcdn.com/css-new/demos/ 25 KB
25 KB 37ms
37ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/demos/parallax_03.jpg

Requested by

Host: y4i4e2e2.stackpathcdn.com
URL: https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

b633de65caeea5b9fcc645b629d8624ab671fd8d0d5176cf695c325c39c029e6

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 02:50:18 GMT
server: fbs
x-powered-by: ASP.NET
etag: "091f97d47d9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds025.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 25365
x-xss-protection: 1;mode=block

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,400italic,300italic,700,700italic,900

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://1s2u.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 00:07:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 553520
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Fri, 15 Apr 2022 00:07:58 GMT

GET
H3-29 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 46 KB
46 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400italic,700,700italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://1s2u.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
age: 258580
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46988
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v17/ 17 KB
17 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,400italic,300italic,700,700italic,900

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://1s2u.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:31 GMT
server: sffe
age: 546616
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17640
x-xss-protection: 0
expires: Fri, 15 Apr 2022 02:03:02 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1201080784&t=pageview&_s=1&dl=https%3A%2F%2F1s2u.com%2F&ul=en-us&de=UTF-8&dt=1S2U%20Bulk%20SMS%20Service%7CSend%20Bulk%20SMS%20%7CFree%20SMS%20API%7CSMS%20Reseller&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1691770456&gjid=2099863740&cid=748540006.1618998799&tid=UA-64451028-1&_gid=56452903.1618998799&_r=1&_slc=1&z=2044768575

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1s2u.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bancodechile.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 1 KB
1 KB 33ms
24ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/bancodechile.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

39f3c4ab06b5cef15741b2f47259a5b1cc69140e08b0f414c76b7608556ed252

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:08:27 GMT
server: fbs
x-powered-by: ASP.NET
etag: "80735158dd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds045.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1101
x-xss-protection: 1;mode=block

GET
H2 200 webpay.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 769 B
894 B 33ms
23ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/webpay.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

55b384fe6f64d80dcbbf9b7a9d19f32ec9eec0041b2270465835d61b5ca335d1

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:07:46 GMT
server: fbs
x-powered-by: ASP.NET
etag: "0edc4fc8cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds009.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 769
x-xss-protection: 1;mode=block

GET
H2 200 redpagos.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 1 KB
1 KB 33ms
23ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/redpagos.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

fcb02e2c221e758eb58477aeb9d76eeabfe6ac7ff7f1052c63d0500ba3b01a7a

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:07:26 GMT
server: fbs
x-powered-by: ASP.NET
etag: "02bd9f08cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds023.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1212
x-xss-protection: 1;mode=block

GET
H2 200 beeline.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 912 B
1000 B 33ms
24ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/beeline.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

1e52303638232581c882095a219ea1176cb2e5b9dba81107643a2b28beea6e0a

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:08:47 GMT
server: fbs
x-powered-by: ASP.NET
etag: "80c920218dd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds045.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 912
x-xss-protection: 1;mode=block

GET
H2 200 alipay.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 815 B
941 B 40ms
32ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/alipay.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

a9f7f34c33ed49d9cb501ec8726cc7c13c8f5407619f0baafcb22ac02112aa61

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:08:07 GMT
server: fbs
x-powered-by: ASP.NET
etag: "80454998dd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds031.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 815
x-xss-protection: 1;mode=block

GET
H2 200 unionpay.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 822 B
946 B 51ms
42ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/unionpay.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

8eb16ec32f6a490e7e9d5c588c5b469dbcc50de56ccf40df1d680f31d1130113

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:07:36 GMT
server: fbs
x-powered-by: ASP.NET
etag: "0ccff68cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds002.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 822
x-xss-protection: 1;mode=block

GET
H2 200 pay_poli.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 837 B
962 B 54ms
45ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/pay_poli.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

66d20e486e770dcc72f50a3708f5f3bc11811ef0b339764385c03b100f5e0391

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:04:38 GMT
server: fbs
x-powered-by: ASP.NET
etag: "067b68c8cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds212.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 837
x-xss-protection: 1;mode=block

GET
H2 200 paypal-1.png
y4i4e2e2.stackpathcdn.com/css-new/images/ 7 KB
7 KB 71ms
62ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/images/paypal-1.png

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

12cefabf50eed6bf64c2b7552cb83582979fd9292a8c85528a1714f7871bdd0c

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 01:16:06 GMT
server: fbs
x-powered-by: ASP.NET
etag: "0cf1e553ad9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds202.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 7069
x-xss-protection: 1;mode=block

GET
H2 200 logo.png
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 695 B
785 B 72ms
62ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/logo.png

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

e62bfd13ea1d5eff9e2508ab7e6465d652c8caa845a2e22ac6f2b40f4a468627

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:00:06 GMT
server: fbs
x-powered-by: ASP.NET
etag: "07f96ea8bd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds010.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 695
x-xss-protection: 1;mode=block

GET
H2 200 onecard.png
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 791 B
881 B 72ms
64ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/onecard.png

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

d369b3a69fc7cd743b9780c0624272fb503eed229fa26aca17e51d7257ff8207

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 10:59:57 GMT
server: fbs
x-powered-by: ASP.NET
etag: "803439e58bd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds033.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 791
x-xss-protection: 1;mode=block

GET
H2 200 pay_cashu.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 958 B
1 KB 72ms
64ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/pay_cashu.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

14eda01617e77dfdfe6e9d16f05bdfe251d6c515444c7b7137dd59936787a299

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:04:25 GMT
server: fbs
x-powered-by: ASP.NET
etag: "80c2f6848cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds029.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 958
x-xss-protection: 1;mode=block

GET
H2 200 redcompra.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 1 KB
1 KB 76ms
68ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/redcompra.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

03c6a1887f586ff6594f7e8b5316e1f2d747775ee7544aa3dd5095265b2d8990

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:06:21 GMT
server: fbs
x-powered-by: ASP.NET
etag: "80f41aca8cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds206.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1106
x-xss-protection: 1;mode=block

GET
H2 200 banamex.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 1 KB
1 KB 76ms
68ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/banamex.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

1396fcd79291b33303bcba817a88dd2613b667870a86b937993afb22078ad6f8

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:08:16 GMT
server: fbs
x-powered-by: ASP.NET
etag: "090a6e8dd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds013.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1297
x-xss-protection: 1;mode=block

GET
H2 200 hipercard.png
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 438 B
527 B 79ms
71ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/hipercard.png

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

e735ede4fc30bda4bfeda8f197bf75b6169e49127107abc8d65924606500d5f8

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:01:42 GMT
server: fbs
x-powered-by: ASP.NET
etag: "0efce238cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds013.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 438
x-xss-protection: 1;mode=block

GET
H2 200 qbank.jpg
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 767 B
858 B 79ms
71ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/qbank.jpg

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

6c3231323031524cef045b27f6a302e6928cae73b9543699bc3a1ac79aff2dab

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:06:01 GMT
server: fbs
x-powered-by: ASP.NET
etag: "80322fbe8cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds220.pa1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 767
x-xss-protection: 1;mode=block

GET
H2 200 teleingreso.png
y4i4e2e2.stackpathcdn.com/css-new/payment-images/ 642 B
768 B 79ms
72ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/payment-images/teleingreso.png

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

0a8805878127921c01cc1ddbd428a5a232e1351f1e4213756cc3b1153486cf90

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 11:00:57 GMT
server: fbs
x-powered-by: ASP.NET
etag: "807afc88cd9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds230.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 642
x-xss-protection: 1;mode=block

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ 18 KB
5 KB 49ms
15ms Script
text/javascript 2600:9000:2190:de00:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:de00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

5e7155948e0c62cd2e9bf8dc20e5a79faee08957c1e51bb6d3f152ebdc530074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 08:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3365
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
content-security-policy-report-only: default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Hit from cloudfront
content-length: 4529
x-xss-protection: 1; mode=block
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: nKOm7fE7J3d3IFJ6tj3uE0TSAdHIiRLT8RZ5eLisYFxMzGJYp0jI3A==
expires: Wed, 21 Apr 2021 09:57:13 GMT

GET
H2 200 jquery.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 94 KB
33 KB 37ms
31ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/jquery.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

dafb326f4b3b6902e57de90ebd1cdffe46ce0b98f0f09859265ba6d0d354268c

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 33470
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:07:14 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "0a557bc54c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds207.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 bootstrap.min.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 28 KB
10 KB 40ms
34ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/bootstrap.min.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

7139d8b43b314fc6764a4d2e6bdfe3ff341b4e027cf67505515a09fcd349556f

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 10038
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:07:22 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "0591cc154c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds037.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 menu.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 3 KB
1 KB 41ms
35ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/menu.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

c5cd3992e5152d0233ac95c76f7b5ced8637d457eb0a4c0275261c99f5666ba7

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 1318
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Mar 2019 13:15:52 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "3a9b2b8cc3dcd41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds033.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 owl.carousel.min.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 24 KB
8 KB 41ms
35ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/owl.carousel.min.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

7cae153c321450d31560da08e234bd3359ecba44b568c66d3b526c2260b350f9

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 8370
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:07:10 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "04bf5b954c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds031.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 jquery.parallax-1.1.3.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 2 KB
1 KB 46ms
41ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/jquery.parallax-1.1.3.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

0dae4926199aa14d7fadd0ea72d47e41ae0a20b68673b96d76a7ac5d3e98d854

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 997
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:07:12 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "07826bb54c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds227.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 jquery.simple-text-rotator.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 4 KB
1 KB 51ms
45ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/jquery.simple-text-rotator.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

2085690f987c6fe5c697c15ca7b8bc7b1e14c93f82e396314f486fa6100aecd0

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 961
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Mar 2019 13:16:51 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "8023cdaec3dcd41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds002.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 wow.min.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 3 KB
2 KB 53ms
47ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/wow.min.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

664204af54a5ad35be47d1cd6e1268205fcb0d173813d6951bec581574866af3

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 1482
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:07:08 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "01ec4b854c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds001.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 jquery.fitvids.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 3 KB
1 KB 52ms
47ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/jquery.fitvids.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

cf53667dcf4c290c42b652154f2880981ccd9de593d5d1841cc027783408d101

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 1387
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:07:18 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "0ffb9be54c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds227.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 custom.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 3 KB
1 KB 56ms
51ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/custom.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

8c7945b096dfb1ed52ffa4c9b67c0403ca511dd3957e28bb276b5fd8f5d5873a

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 1253
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sat, 09 Mar 2019 01:13:42 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "027a35515d6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds215.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 w3-tabs.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 8 KB
782 B 56ms
51ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/w3-tabs.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

eb11947d8634dd0208c88336000c7e42b6004a12ca11fb85bacaec8317cd5292

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 689
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 10 Mar 2019 03:03:10 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "02be2caedd6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds204.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 jquery.isotope.min.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 16 KB
6 KB 58ms
53ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/jquery.isotope.min.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

957de008a7005fbdf8995f8457a9819d0c1b327634a5996d3636e09d9d363b81

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 6282
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:07:16 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "0d288bd54c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds220.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 bootbox.min.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 10 KB
4 KB 58ms
53ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/bootbox.min.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

0b6bab63e3aa24b4ab6aab63765a217db5004961bab1ab7d74ffebfa33efb5c4

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 4441
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:07:24 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "0864dc254c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds039.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 jquery.backstretch.min.js Show response
y4i4e2e2.stackpathcdn.com/css-new/assets/js/ 4 KB
2 KB 59ms
54ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/assets/js/jquery.backstretch.min.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

579d9d9773858e863e7d802489f84b27b7f557b99900a3c6090a16ce8431ac45

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 2211
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Feb 2019 00:03:52 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "0e4f04354c6d41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds047.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 scripts.js Show response
y4i4e2e2.stackpathcdn.com/css-new/assets/js/ 801 B
611 B 62ms
58ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/assets/js/scripts.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

fb667fd564a9e6b47b92b8fe18c6fddbb10637c4911a6c73bc07a7434c69775c

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 518
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Mar 2019 16:26:39 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "fb7b532dedcd41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds009.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes

GET
H2 200 yallmin.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 4 KB
1 KB 62ms
58ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/yallmin.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

3c17fa983de6a5c3f42ee30c20b615b7c4ecdb4eb13fe086f1d4d9efb983ba79

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 1303
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Mar 2019 08:11:17 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "80c0e2fe98dcd41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds224.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H2 200 jquery-lazyloadanything.js Show response
y4i4e2e2.stackpathcdn.com/css-new/js/ 4 KB
1 KB 66ms
62ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/js/jquery-lazyloadanything.js

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

7500fc5d31d56a7b4c5544341a45d213897b5c3f168b883d81e9043caf9a515e

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
content-encoding: gzip
x-content-type-options: nonsniff
x-powered-by: ASP.NET
content-length: 1404
x-xss-protection: 1;mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 17 Mar 2019 13:18:58 GMT
server: fbs
x-frame-options: SAMEORIGIN
etag: "defb1fac3dcd41:0"
vary: Accept-Encoding
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds026.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 38ms
25ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://1s2u.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 502142
cdn-cachedat: 2021-04-14 09:21:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64464
cf-request-id: 099572416400002b8962964000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6b83f2aaa8221588e683bbea77ab873b
accept-ranges: bytes
cf-ray: 6435b97bd8162b89-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
83 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-64451028-1&cid=748540006.1618998799&jid=1691770456&gjid=2099863740&_gid=56452903.1618998799&_u=IEBAAEAAAAAAAC~&z=1785024998

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Apr 2021 09:53:18 GMT
content-type: text/plain
access-control-allow-origin: https://1s2u.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 arrow.png
y4i4e2e2.stackpathcdn.com/css-new/css/root-css/images/ 1008 B
1 KB 59ms
59ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/images/arrow.png

Requested by

Host: y4i4e2e2.stackpathcdn.com
URL: https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/dark-style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

c9d3ec3ed903345e2c25988a767106b47d51bb79ecbd63133b4fe3d3d3024acb

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://y4i4e2e2.stackpathcdn.com/css-new/css/root-css/dark-style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Sat, 03 Sep 2016 06:59:03 GMT
server: fbs
x-powered-by: ASP.NET
etag: "32f58ca7b05d21:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds231.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1008
x-xss-protection: 1;mode=block

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-64451028-1&cid=748540006.1618998799&jid=1691770456&_u=IEBAAEAAAAAAAC~&z=569748589

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-64451028-1&cid=748540006.1618998799&jid=1691770456&_u=IEBAAEAAAAAAAC~&z=569748589

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/1s2u.com/ 161 B
950 B 740ms
194ms XHR
application/json 52.218.182.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/1s2u.com/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.182.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: db160f30d0ae010fbf2c34ba085649f571b68b8679e85b359994ac808d530925

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 09:53:20 GMT
Content-Encoding: gzip
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: KGCW25X7JNEZ9TXF
x-amz-replication-status: COMPLETED
Content-Length: 146
x-amz-id-2: yCxdYn/M0arHZGBEpnfb7KmvZ9SsWX9U+818NmjQwA1PcBo08QF8pRSB3I2AdltlQ8JYVMCnCUs=
Last-Modified: Thu, 01 Apr 2021 12:01:11 GMT
Server: AmazonS3
ETag: "4c717c4a5b4c3c58b4028a123e3e3d96"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
x-amz-version-id: adLwI3kgTBHPKDmIwHnq.OHcVYqsIXMi
Access-Control-Allow-Origin: https://1s2u.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/json

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/1s2u.com/ 161 B
950 B 746ms
199ms XHR
application/json 52.218.182.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/1s2u.com/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.182.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: db160f30d0ae010fbf2c34ba085649f571b68b8679e85b359994ac808d530925

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 09:53:20 GMT
Content-Encoding: gzip
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: KGCWY5QV95W31QNJ
x-amz-replication-status: COMPLETED
Content-Length: 146
x-amz-id-2: OGo8OV4fkfOrZjzDXsN0JLyDtNkZl0Z2mzbL/I9wJCFSI8m9neP0c6gfJolAh+wXYrZ4QY+B30o=
Last-Modified: Thu, 01 Apr 2021 12:01:11 GMT
Server: AmazonS3
ETag: "4c717c4a5b4c3c58b4028a123e3e3d96"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
x-amz-version-id: adLwI3kgTBHPKDmIwHnq.OHcVYqsIXMi
Access-Control-Allow-Origin: https://1s2u.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Type: application/json

GET
H2 200 sliderbg_01.png
y4i4e2e2.stackpathcdn.com/css-new/demos/ 55 KB
55 KB 22ms
22ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/demos/sliderbg_01.png?id=3

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

eed2d0875c65893ff67cb10053ddb4dcc8479c3d5b24bc61a341b14b0e5dc46d

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Sat, 16 Mar 2019 21:40:52 GMT
server: fbs
x-powered-by: ASP.NET
etag: "0ca6ded40dcd41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds034.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 56028
x-xss-protection: 1;mode=block

GET
H2 200 reseller.png
y4i4e2e2.stackpathcdn.com/css-new/demos/ 18 KB
18 KB 24ms
24ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://y4i4e2e2.stackpathcdn.com/css-new/demos/reseller.png

Requested by

Host: 1s2u.com
URL: https://1s2u.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

fbs / ASP.NET

Resource Hash

a505b39969609b9c5a195716b56abe241da8650f120cdbf4997dd6558c82e6f9

Security Headers

Name	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Wed, 21 Apr 2021 09:53:18 GMT
x-content-type-options: nonsniff
last-modified: Wed, 13 Mar 2019 19:49:18 GMT
server: fbs
x-powered-by: ASP.NET
etag: "03341d8d5d9d41:0"
x-frame-options: SAMEORIGIN
x-hw: 1618998798.cds034.pa1.hn,1618998798.cds227.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 18153
x-xss-protection: 1;mode=block

GET
H2 200 ajax Show response
www.trustedsite.com/rpc/ 6 B
875 B 555ms
184ms Script
text/javascript 54.244.192.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=1s2u.com&rand=1618998799471

Requested by

Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.244.192.157 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-244-192-157.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-security-policy-report-only: default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-length: 26
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

livechat2.aspx Show response
chat1.mylivechat.com/livechat2/
Redirect Chain

https://mylivechat.com/chatinline.aspx?hccid=75226229&_=1618998798718
https://chat1.mylivechat.com/livechat2/livechat2.aspx?hccid=75226229&_=1618998798718&apimode=chatinline

9 KB
4 KB

712ms
147ms

Script
text/javascript

52.117.22.28
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://chat1.mylivechat.com/livechat2/livechat2.aspx?hccid=75226229&_=1618998798718&apimode=chatinline
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.117.22.28 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 1c.16.7534.ip4.static.sl-reverse.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0b23b1341b98dbbebe62fee513e6880675afdc30b6aae0ccaa66eb6a10ce6ca6

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 09:53:25 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Length: 3702
Expires: -1

Redirect headers

Date: Wed, 21 Apr 2021 09:53:25 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Location: https://chat1.mylivechat.com/livechat2/livechat2.aspx?hccid=75226229&_=1618998798718&apimode=chatinline
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 228

GET
H2 200 296 Show response
app.trustlock.co/iframe/5664/my-badge/ Frame A20A 2 KB
1 KB 324ms
139ms Document
text/html 104.207.128.107
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustlock.co/iframe/5664/my-badge/296
Requested by: Host: y4i4e2e2.stackpathcdn.com
URL: https://y4i4e2e2.stackpathcdn.com/css-new/js/jquery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.207.128.107 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.207.128.107.vultr.com
Software: nginx / AESWP v4.1-1611 << http://adamess.me >>
Resource Hash: 3136edfecdeda6bd96ba83c5862ad33134d246347be6dca1a55ea61226249ce6

Request headers

:method: GET
:authority: app.trustlock.co
:scheme: https
:path: /iframe/5664/my-badge/296
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1s2u.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://1s2u.com/

Response headers

server: nginx
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
date: Wed, 21 Apr 2021 09:53:21 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IkhzU0UyZXE3UThMQlM5TnVqYmRvQVE9PSIsInZhbHVlIjoiU2RkYU1jbWRLXC9TZXdTazhIOEhyZ2tRcEY0U2c4dE5mSFpUQzVSXC9cL1pUU3VNV3VxdEJ5aUdyS0FvQWZCUms0M2k2N2txRFlvNzF4VGdDNzBhcENPT0E9PSIsIm1hYyI6IjViZDk2NDcyZGZkNWJiY2ZiY2E5ZjU3YmRmMmQzYzE2YThlMzMxNjdmNDE5Y2FiZGI5ZWEyMmJjYWY5OTI3M2UifQ%3D%3D; expires=Wed, 21-Apr-2021 11:53:21 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IkR3UnpjZnNYb3hJcHNsS3l0TFlkTEE9PSIsInZhbHVlIjoiZTdTZ3hRTkFsankrNzY1SEZCZExHOTlWN0QzTFF2UCtyNFZSQm9nZjVVSThhMmNmUTJ0NHhzeWd5ZlZaSllLam1RZXE2R0hlYzZ1YUg4UVArVWRQXC9BPT0iLCJtYWMiOiIwMTkzOGIxYzIxODFhZTQ1M2ZmZDViODQ2MTk5OTljMDBlM2NjYjM2YzU4NzE0ZWQwYmY2YjIyOWZjYWI2ZTQ4In0%3D; expires=Wed, 21-Apr-2021 11:53:21 GMT; Max-Age=7200; path=/; HttpOnly
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: AESWP v4.1-1611 << http://adamess.me >>
x-cache: EXPIRED

GET
H2 200 toolTip.css
app.trustlock.co/frontend/css/ Frame A20A 6 KB
2 KB 92ms
91ms Stylesheet
text/css 104.207.128.107
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustlock.co/frontend/css/toolTip.css
Requested by: Host: app.trustlock.co
URL: https://app.trustlock.co/iframe/5664/my-badge/296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.207.128.107 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.207.128.107.vultr.com
Software: nginx / AESWP v4.1-1611 << http://adamess.me >>
Resource Hash: bd5de5cfa5968bbee4aad0866b469c3f8883fbf4d2acebf9a049ec3c79942289

Request headers

Referer: https://app.trustlock.co/iframe/5664/my-badge/296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:22 GMT
content-encoding: gzip
etag: W/"5c0079f6-1994"
last-modified: Thu, 29 Nov 2018 23:44:54 GMT
server: nginx
x-powered-by: AESWP v4.1-1611 << http://adamess.me >>
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Fri, 21 May 2021 09:53:22 GMT

GET
H2 200 trust-seal-badge-business.png
app.trustlock.co/images/TrustLockOriginal/ Frame A20A 10 KB
10 KB 97ms
96ms Image
image/png 104.207.128.107
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.trustlock.co/images/TrustLockOriginal/trust-seal-badge-business.png
Requested by: Host: app.trustlock.co
URL: https://app.trustlock.co/iframe/5664/my-badge/296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.207.128.107 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.207.128.107.vultr.com
Software: nginx / AESWP v4.1-1611 << http://adamess.me >>
Resource Hash: b57b5ef41ce0781d6e5312745cbd57e61923ea64623ea10ff01213558e2f2988

Request headers

Referer: https://app.trustlock.co/iframe/5664/my-badge/296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:22 GMT
etag: "5b7cb528-2854"
last-modified: Wed, 22 Aug 2018 00:58:16 GMT
server: nginx
x-powered-by: AESWP v4.1-1611 << http://adamess.me >>
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 10324
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 trust-seal-badge-privacy.png
app.trustlock.co/images/TrustLockOriginal/ Frame A20A 10 KB
10 KB 167ms
166ms Image
image/png 104.207.128.107
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.trustlock.co/images/TrustLockOriginal/trust-seal-badge-privacy.png
Requested by: Host: app.trustlock.co
URL: https://app.trustlock.co/iframe/5664/my-badge/296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.207.128.107 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.207.128.107.vultr.com
Software: nginx / AESWP v4.1-1611 << http://adamess.me >>
Resource Hash: 6b00daff780672c78ab1bf68d361c48dac1fc4af2d4b27a1bfe1f1896590ec2c

Request headers

Referer: https://app.trustlock.co/iframe/5664/my-badge/296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:22 GMT
etag: "5b7cb528-264d"
last-modified: Wed, 22 Aug 2018 00:58:16 GMT
server: nginx
x-powered-by: AESWP v4.1-1611 << http://adamess.me >>
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9805
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iframeApi.js Show response
app.trustlock.co/js/ Frame A20A 3 KB
2 KB 92ms
91ms Script
application/javascript 104.207.128.107
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustlock.co/js/iframeApi.js
Requested by: Host: app.trustlock.co
URL: https://app.trustlock.co/iframe/5664/my-badge/296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.207.128.107 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.207.128.107.vultr.com
Software: nginx / AESWP v4.1-1611 << http://adamess.me >>
Resource Hash: 385e57500b15bf5bb88d4e5876ce44fc580b11b9b320799c42f091c6e71e0374

Request headers

Referer: https://app.trustlock.co/iframe/5664/my-badge/296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 09:53:22 GMT
content-encoding: gzip
etag: W/"5bac13fe-dea"
last-modified: Wed, 26 Sep 2018 23:19:26 GMT
server: nginx
x-powered-by: AESWP v4.1-1611 << http://adamess.me >>
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
expires: Thu, 29 Apr 2021 09:53:22 GMT

POST
H2 200 window Show response
app.trustlock.co/popOut/ Frame A20A 2 KB
1 KB 110ms
109ms XHR
application/json 104.207.128.107
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustlock.co/popOut/window
Requested by: Host: app.trustlock.co
URL: https://app.trustlock.co/js/iframeApi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.207.128.107 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.207.128.107.vultr.com
Software: nginx / AESWP v4.1-1611 << http://adamess.me >>
Resource Hash: 83c7d2a70a6ee2d6308f1d962caa3c1f5847861b8869b15ae89fdef25c06a969

Request headers

Referer: https://app.trustlock.co/iframe/5664/my-badge/296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 21 Apr 2021 09:53:22 GMT
content-encoding: gzip
server: nginx
x-powered-by: AESWP v4.1-1611 << http://adamess.me >>
vary: Accept-Encoding
content-type: application/json

POST
H2 200 window Show response
app.trustlock.co/popOut/ Frame A20A 2 KB
1 KB 111ms
111ms XHR
application/json 104.207.128.107
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trustlock.co/popOut/window
Requested by: Host: app.trustlock.co
URL: https://app.trustlock.co/js/iframeApi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.207.128.107 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.207.128.107.vultr.com
Software: nginx / AESWP v4.1-1611 << http://adamess.me >>
Resource Hash: 5e9eff10639a10d351d519e5d1747faf2e5f6540591f7b653509e7adce8a42b2

Request headers

Referer: https://app.trustlock.co/iframe/5664/my-badge/296
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 21 Apr 2021 09:53:22 GMT
content-encoding: gzip
server: nginx
x-powered-by: AESWP v4.1-1611 << http://adamess.me >>
vary: Accept-Encoding
content-type: application/json

GET
H3-29 200 css
fonts.googleapis.com/ 5 KB
537 B 23ms
21ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Requested by

Host: mylivechat.com
URL: https://mylivechat.com/chatinline.aspx?hccid=75226229&_=1618998798718

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4806fbf823b46dcffd67e4cf0580f77b9e436dc2657d2ccaed92d79ca6159082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 09:13:36 GMT
server: ESF
date: Wed, 21 Apr 2021 09:53:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Apr 2021 09:53:23 GMT

GET
H/1.1 200
OK chatinline.css
chat1.mylivechat.com/livechat2/ 26 KB
5 KB 140ms
139ms Stylesheet
text/css 52.117.22.28
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://chat1.mylivechat.com/livechat2/chatinline.css?&culture=en-US&mlcv=3015&template=5
Requested by: Host: mylivechat.com
URL: https://mylivechat.com/chatinline.aspx?hccid=75226229&_=1618998798718
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.117.22.28 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 1c.16.7534.ip4.static.sl-reverse.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c9e71f864bcc8aef60a3dc5a8de9eb253852bed712fdd6b6ff2704617a375911

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 09:53:25 GMT
Content-Encoding: gzip
ETag: "807dadb6bfbd61:0"
Last-Modified: Fri, 05 Feb 2021 03:00:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2160000
Accept-Ranges: bytes
Content-Length: 4838

GET
H/1.1 200
OK resources2.aspx Show response
chat1.mylivechat.com/livechat2/ 192 KB
55 KB 298ms
158ms Script
text/javascript 52.117.22.28
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://chat1.mylivechat.com/livechat2/resources2.aspx?HCCID=75226229&culture=en-US&mlcv=3015&template=5
Requested by: Host: mylivechat.com
URL: https://mylivechat.com/chatinline.aspx?hccid=75226229&_=1618998798718
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.117.22.28 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 1c.16.7534.ip4.static.sl-reverse.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0a15244f53d89d246435246eaeade9a3c8928c37cef0d7738a7b22d2ac3b0814

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 09:53:26 GMT
Content-Encoding: gzip
ETag: "xC02baqS5Ri2csC6Cl/+RSLLu3Aq2n5Q+sAkj/uqsw8="
Last-Modified: Wed, 21 Apr 2021 05:00:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Content-Length: 55957
Expires: Thu, 21 Apr 2022 09:53:26 GMT

GET
H3-29 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://1s2u.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:01:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:23 GMT
server: sffe
age: 89516
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7848
x-xss-protection: 0
expires: Wed, 20 Apr 2022 09:01:27 GMT

GET
H/1.1 200
OK livechatinit2.js Show response
chat1.mylivechat.com/livechat2/script/ 105 KB
21 KB 143ms
142ms Script
application/javascript 52.117.22.28
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://chat1.mylivechat.com/livechat2/script/livechatinit2.js
Requested by: Host: mylivechat.com
URL: https://mylivechat.com/chatinline.aspx?hccid=75226229&_=1618998798718
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.117.22.28 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 1c.16.7534.ip4.static.sl-reverse.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 155c8773561a28ae69c533bf6a8e741161bc9d9bb822d51361da99ef49469b45

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Apr 2021 09:53:26 GMT
Content-Encoding: gzip
ETag: "807a44a2dfcd61:0"
Last-Modified: Sat, 06 Feb 2021 02:10:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2160000
Accept-Ranges: bytes
Content-Length: 21006

GET
H/1.1 200
OK livechat2.aspx Show response
chat1.mylivechat.com/livechat2/ 2 KB
1 KB 140ms
139ms Script
text/javascript 52.117.22.28
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://chat1.mylivechat.com/livechat2/livechat2.aspx?apimode=sync&HCCID=75226229&CCCustomerId=fdeb0c32-a62a-e709-a0a9-3a668104d908&Type=VISIT&Url=https%3A%2F%2F1s2u.com%2F&ContextData=3%3A2%7C0%7C&ScreenSize=1600,1200&PageTitle=1S2U%20Bulk%20SMS%20Service%7CSend%20Bulk%20SMS%20%7CFree%20SMS%20API%7C..&uats=2&culture=en-US&mlcv=3015&template=5
Requested by: Host: chat1.mylivechat.com
URL: https://chat1.mylivechat.com/livechat2/script/livechatinit2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.117.22.28 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 1c.16.7534.ip4.static.sl-reverse.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f2056f51f68c614cfe8d8650d73cd1be4086e658e9d587c34f552114bcd8209c

Request headers

Referer: https://1s2u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Apr 2021 09:53:28 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Length: 827
Expires: -1

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.1s2u.com/	1970-01-19 17:44:45	Name: _gid Value: GA1.2.56452903.1618998799
.1s2u.com/	1970-01-20 11:14:30	Name: _ga Value: GA1.2.748540006.1618998799
.1s2u.com/	1970-01-19 17:43:18	Name: _gat Value: 1
1s2u.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDAWDCRSTS Value: BOEOHOFDADMJMNANKDJLECLG

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://1s2u.com/(Line 118) Message: false
console-api	log	URL: https://chat1.mylivechat.com/livechat2/script/livechatinit2.js(Line 2724) Message: mlc v20210205a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nonsniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1s2u.com
app.trustlock.co
cdn.ywxi.net
chat1.mylivechat.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
mylivechat.com
s3-us-west-2.amazonaws.com
ssl.comodo.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.trustedsite.com
y4i4e2e2.stackpathcdn.com
104.207.128.107
108.60.201.13
151.139.128.11
2600:9000:2190:de00:14:6bfc:5740:93a1
2606:4700::6812:bcf
2a00:1450:4001:803::2003
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:400c:c06::9a
34.193.96.49
52.117.22.28
52.218.182.16
54.244.192.157
014428424f68097441548d1f3fcbed2f1f1fd52327e49c01bdb9dce25eed3353
015979a2150d6fa3a15d56a1ba8ad1e61860e54a1cfc61ed7fa818c78c0fe4be
03c6a1887f586ff6594f7e8b5316e1f2d747775ee7544aa3dd5095265b2d8990
054b0b1f5784139b586582ea87c96f4c8e90a96ab7cf5cc4ee1c3b97bd8f62f4
05618c214966e4c0d2f7d0a350674a8eadf7d0078b6f1f064f41681c6865e577
0a15244f53d89d246435246eaeade9a3c8928c37cef0d7738a7b22d2ac3b0814
0a8805878127921c01cc1ddbd428a5a232e1351f1e4213756cc3b1153486cf90
0b23b1341b98dbbebe62fee513e6880675afdc30b6aae0ccaa66eb6a10ce6ca6
0b6bab63e3aa24b4ab6aab63765a217db5004961bab1ab7d74ffebfa33efb5c4
0dae4926199aa14d7fadd0ea72d47e41ae0a20b68673b96d76a7ac5d3e98d854
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
12cefabf50eed6bf64c2b7552cb83582979fd9292a8c85528a1714f7871bdd0c
1308b1b9a68f3d78352af7aaafc9cbbee3e840460cc120ff721a0c2b4b21a11f
1396fcd79291b33303bcba817a88dd2613b667870a86b937993afb22078ad6f8
14eda01617e77dfdfe6e9d16f05bdfe251d6c515444c7b7137dd59936787a299
155c8773561a28ae69c533bf6a8e741161bc9d9bb822d51361da99ef49469b45
1e52303638232581c882095a219ea1176cb2e5b9dba81107643a2b28beea6e0a
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1f1ab4fbb5b2293ea3d717b08cf2a8962151f8e94744fae992264608097f59ef
2085690f987c6fe5c697c15ca7b8bc7b1e14c93f82e396314f486fa6100aecd0
274b33d6886695ebc2eef2e4d49c8fc81ab4140668dcbe0c3c208e164c26ff49
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3136edfecdeda6bd96ba83c5862ad33134d246347be6dca1a55ea61226249ce6
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
385e57500b15bf5bb88d4e5876ce44fc580b11b9b320799c42f091c6e71e0374
39f3c4ab06b5cef15741b2f47259a5b1cc69140e08b0f414c76b7608556ed252
3c17fa983de6a5c3f42ee30c20b615b7c4ecdb4eb13fe086f1d4d9efb983ba79
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3ee0eb64f893f9ad705f8755261f081ca9d800a4f4a87ae852dedff87f68a9c1
40a80a73a65b64ff1790a276927b64ed59861e3b87e4283c6372567bfe9938d6
41a9ac30a8ae6226b0d757d5b1a167c1e23ea0985cb419dae67938e2b8b9d711
45b40479f4c33a6d8c0036e981f4213660c3ae910584914e5e2d220348407838
4806fbf823b46dcffd67e4cf0580f77b9e436dc2657d2ccaed92d79ca6159082
55b384fe6f64d80dcbbf9b7a9d19f32ec9eec0041b2270465835d61b5ca335d1
5667e36b815c45325ad08983b939c5d64ab496d6116be0e6547c2c3b009a3428
579d9d9773858e863e7d802489f84b27b7f557b99900a3c6090a16ce8431ac45
58e768be70be37736d3740a3576e6f917343ca460e514abdb7829292a1816491
5b05b466f2dd69aa2a8eeb9997ad59f32e61eab45cb6c5845a1a0bea35c79410
5e3db164360c7eabd6074c781ff6d590d91c2caa171c95876eae91d91eb9b367
5e7155948e0c62cd2e9bf8dc20e5a79faee08957c1e51bb6d3f152ebdc530074
5e9eff10639a10d351d519e5d1747faf2e5f6540591f7b653509e7adce8a42b2
5f65029f3f9477efd674570c6ccaf28c685885fa57649a7aebf6c3a98c793f57
664204af54a5ad35be47d1cd6e1268205fcb0d173813d6951bec581574866af3
66d20e486e770dcc72f50a3708f5f3bc11811ef0b339764385c03b100f5e0391
6b00daff780672c78ab1bf68d361c48dac1fc4af2d4b27a1bfe1f1896590ec2c
6c3231323031524cef045b27f6a302e6928cae73b9543699bc3a1ac79aff2dab
7139d8b43b314fc6764a4d2e6bdfe3ff341b4e027cf67505515a09fcd349556f
7500fc5d31d56a7b4c5544341a45d213897b5c3f168b883d81e9043caf9a515e
788d9e0d264dea70fed0c28191a89b6aca79e2d9d2892750c1828c20170a28c7
7a0fd4e0b1697b5e9fb7be0958183c416f0f63c7dd77c7bbc5c4d1075e68fa6b
7cae153c321450d31560da08e234bd3359ecba44b568c66d3b526c2260b350f9
83573b3e010e2a1d582993755a20ad78dc837e8a156f719697a509ca16e79476
83c7d2a70a6ee2d6308f1d962caa3c1f5847861b8869b15ae89fdef25c06a969
83dbc3544c5470df4dce716b120aba8431ee4d2005ba95bf8d3b768ff4642055
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c7945b096dfb1ed52ffa4c9b67c0403ca511dd3957e28bb276b5fd8f5d5873a
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8eb16ec32f6a490e7e9d5c588c5b469dbcc50de56ccf40df1d680f31d1130113
907ebc0d4580aac966d1fe7f66e704a08b671ddcc7429cd97a5ccfd8865beea4
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
9280555a7d1eb345d8b29035dbf2da90f38fd3b1acf59042abb629d290941a6a
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
93f1f4e19c1a8db53699abdd646b9dd9eba7104c80ec735d9d2bde4e4a2c58f2
957de008a7005fbdf8995f8457a9819d0c1b327634a5996d3636e09d9d363b81
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
981c90ab1d927cf023aa41518f495f830d0b68248b2b7bf5ae9629213ef85a17
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
a505b39969609b9c5a195716b56abe241da8650f120cdbf4997dd6558c82e6f9
a86e68793657d71c2dd3c1560d9a9f27c9adbcd8cd98a68974900d65252eb535
a9f7f34c33ed49d9cb501ec8726cc7c13c8f5407619f0baafcb22ac02112aa61
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e
b3fcf5586148b22bda44b17386f54d04a1ae506339ea26c428052c627010d31b
b57b5ef41ce0781d6e5312745cbd57e61923ea64623ea10ff01213558e2f2988
b633de65caeea5b9fcc645b629d8624ab671fd8d0d5176cf695c325c39c029e6
b8c8fafa2ccb749fde2ae02dcd2c29c9769156483b7d47e9f89a4a3597f22a91
b9b3bacd9a6127f69b153a0d65dc3e406b4f226c5615432a5e7db134eaadb14a
bd5de5cfa5968bbee4aad0866b469c3f8883fbf4d2acebf9a049ec3c79942289
c3fe5b987c1b11d7bb5fd3f64bc4fb036bb6dc5e81fb03d2840beab70a859497
c45a77ad01ac21d9c95aa372e52543006a8bd598626be0eb4e73a3503aae7210
c47cda555121d17c334e510275df5a8c797914b893124a87db3ec64339cae042
c5cd3992e5152d0233ac95c76f7b5ced8637d457eb0a4c0275261c99f5666ba7
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
c9d3ec3ed903345e2c25988a767106b47d51bb79ecbd63133b4fe3d3d3024acb
c9e71f864bcc8aef60a3dc5a8de9eb253852bed712fdd6b6ff2704617a375911
cefd3f5ef08b22dc9d3b1adfae73ea1cf16ed292a8af6832fff45fa487595cd3
cf53667dcf4c290c42b652154f2880981ccd9de593d5d1841cc027783408d101
d369b3a69fc7cd743b9780c0624272fb503eed229fa26aca17e51d7257ff8207
d8ae6057297c6b756e99ad6936471737b53746bc1a4da1d290e56ca846162593
dafb326f4b3b6902e57de90ebd1cdffe46ce0b98f0f09859265ba6d0d354268c
db160f30d0ae010fbf2c34ba085649f571b68b8679e85b359994ac808d530925
de674f78336b68086efba1e7a307a14fbd23f53043b3f09dcf6b8ace5827a399
e1231607bfce8fca839adb0a7596acfd5fadf675301887061f4b2084db81b3d2
e1eaaf5b12abc1ec68684a1e0ed06d17d1aea0e50f90f6e4f2ab6421014da287
e62bfd13ea1d5eff9e2508ab7e6465d652c8caa845a2e22ac6f2b40f4a468627
e735ede4fc30bda4bfeda8f197bf75b6169e49127107abc8d65924606500d5f8
eb11947d8634dd0208c88336000c7e42b6004a12ca11fb85bacaec8317cd5292
eb13077b7e92b809ab18264ff957a3aeb829d6f2011c72148041afdd576197e5
eed2d0875c65893ff67cb10053ddb4dcc8479c3d5b24bc61a341b14b0e5dc46d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2056f51f68c614cfe8d8650d73cd1be4086e658e9d587c34f552114bcd8209c
f8a20447d071700e9a8a7cb13aee1a8b7f51b989a6dd0711bfad7f6a7a71b678
fb667fd564a9e6b47b92b8fe18c6fddbb10637c4911a6c73bc07a7434c69775c
fcb02e2c221e758eb58477aeb9d76eeabfe6ac7ff7f1052c63d0500ba3b01a7a

1s2u.com Open in urlscan Pro 108.60.201.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

100 %HTTPS

61 %IPv6

15 Domains

16 Subdomains

18 IPs

3 Countries

841 kBTransfer

1653 kBSize

4 Cookies

8 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

1s2u.com Open in urlscan Pro
108.60.201.13 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

100 %
HTTPS

61 %
IPv6

15
Domains

16
Subdomains

18
IPs

3
Countries

841 kB
Transfer

1653 kB
Size

4
Cookies

106 HTTP transactions
0 data transactions