urlscan.io logo urlscan.io
SecurityTrails logo

1u.fi Open in urlscan Pro
2400:cb00:2048:1::681f:5450  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fileshare.upackgroup.ru/5k6
Effective URL: https://1u.fi/80Paj
Submission: On September 24 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 13 domains to perform 37 HTTP transactions. The main IP is 2400:cb00:2048:1::681f:5450, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is 1u.fi.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on September 24th 2018. Valid for: 6 months.
This is the only time 1u.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.94.226.26 196798 (NEWLINETE...)
13 2400:cb00:204... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 23.111.9.35 12989 (HWNG)
1 2a00:1450:400... 15169 (GOOGLE)
6 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2400:cb00:204... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
37 11
1    188.94.226.26 (Moscow, Russian Federation)

ASN196798 (NEWLINETELECOM, RU)
PTR: ip-226-26.nltel.ru
fileshare.upackgroup.ru
13    2400:cb00:2048:1::681f:5450 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
1u.fi
2    2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
6    2a00:1450:4001:824::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    23.111.9.35 (Phoenix, United States)

ASN12989 (HWNG, NL)
use.fontawesome.com
1    2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
6    2400:cb00:2048:1::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    2a00:1450:4001:812::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2a00:1450:4001:812::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2400:cb00:2048:1::681c:773 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
analytics.markus.ovh
2    2a00:1450:4001:81c::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
2    2a00:1450:4001:81b::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
Domain Requested by
13 1u.fi 1u.fi
6 cdnjs.cloudflare.com 1u.fi
4 pagead2.googlesyndication.com 1u.fi
pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
1u.fi
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 analytics.markus.ovh 1u.fi
2 fonts.googleapis.com 1u.fi
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 fonts.gstatic.com 1u.fi
1 www.googletagmanager.com 1u.fi
1 ajax.googleapis.com 1u.fi
1 use.fontawesome.com 1u.fi
1 fileshare.upackgroup.ru 1 redirects
37 14

This site contains no links.

Subject Issuer Validity Valid
sni250793.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-24 -
2019-04-02		 6 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-09-11 -
2018-12-04		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2017-08-10 -
2018-10-17		 a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-22 -
2019-03-31		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
sni206392.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-05 -
2019-03-14		 6 months crt.sh

This page contains 4 frames:

Primary Page: https://1u.fi/80Paj
Frame ID: 4DC2DE27EEA12CA0B273F0998EB3DAD2
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180917/r20180604/zrt_lookup.html
Frame ID: 242007ADF7AAEBF572C21FE187F30806
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Frame ID: BD89873D42BE5C4DD29881FB836BC835
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2002102270485273&output=html&adk=293675617&adf=814277786&lmt=1537833144&plat=1%3A32776%2C2%3A33800%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=https%3A%2F%2F1u.fi%2F80Paj&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1537833144065&bpp=5&bdt=129&fdt=8&idt=75&shv=r20180917&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=5332356982840&frm=20&pv=2&ga_vid=858007891.1537833144&ga_sid=1537833144&ga_hid=682419148&ga_fc=0&iag=0&icsg=150923644843&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=3127415389&ifi=0&fsb=1&dtd=90
Frame ID: 57D765BA5DEF6377FF37C70F59A46C3D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://fileshare.upackgroup.ru/5k6 HTTP 301
    https://1u.fi/80Paj Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /clipboard(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • script /piwik\.js|piwik\.php/i
  • env /^Piwik$/i
  • env /^_paq$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

37
Requests

100 %
HTTPS

83 %
IPv6

13
Domains

14
Subdomains

11
IPs

3
Countries

417 kB
Transfer

1048 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fileshare.upackgroup.ru/5k6 HTTP 301
    https://1u.fi/80Paj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 80Paj
1u.fi/
Redirect Chain
  • http://fileshare.upackgroup.ru/5k6
  • https://1u.fi/80Paj
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1u.fi/80Paj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a06f6ce70195f34c0facf930a7d2503361606a7e020287b1fb14d66f9a4076fe

Request headers

:method
GET
:authority
1u.fi
:scheme
https
:path
/80Paj
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
404
date
Mon, 24 Sep 2018 23:52:23 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df8dc6bb8ac512b4cd7290826c564f9c61537833143; expires=Tue, 24-Sep-19 23:52:23 GMT; path=/; domain=.1u.fi; HttpOnly; Secure PHPSESSID=f126a5mq73nq3ahhaaa70af47f; path=/ short_80Paj=1; expires=Tue, 25-Sep-2018 00:22:23 GMT; Max-Age=1800; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
45f92a1cdec06409-FRA
content-encoding
gzip

Redirect headers

Date
Mon, 24 Sep 2018 23:52:23 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Location
https://1u.fi/80Paj
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
L01JHdL8eEGqNiZmE89LeNZUbZo.js
1u.fi/cdn-cgi/apps/head/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1u.fi/cdn-cgi/apps/head/L01JHdL8eEGqNiZmE89LeNZUbZo.js
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
abee8fa21a511184db5fdc252c2a50c17049a618754a09c0b68ec4925b966401

Request headers

:path
/cdn-cgi/apps/head/L01JHdL8eEGqNiZmE89LeNZUbZo.js
pragma
no-cache
cookie
__cfduid=df8dc6bb8ac512b4cd7290826c564f9c61537833143; PHPSESSID=f126a5mq73nq3ahhaaa70af47f; short_80Paj=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
1u.fi
referer
https://1u.fi/80Paj
:scheme
https
:method
GET
Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
36536BC327FB22EC
cf-ray
45f92a1daefd6409-FRA
status
200
content-length
3541
x-amz-id-2
kMB4cZ6HxqvBzJ2608N0zCCBUSOxvNEGS0eaS956BLZiBzz8J06CKRQO7bPnerKVzq1evn5061I=
last-modified
Sat, 18 Aug 2018 11:20:41 GMT
server
cloudflare
etag
"e0aabf5126b782589b2c7a3dad0d9a4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
xG8YnadQhnepPrsmLdfXJigcqkx263Br
cache-control
public, max-age=31536000
content-type
application/javascript; charset=utf-8
expires
Tue, 24 Sep 2019 23:52:23 GMT
css
fonts.googleapis.com/ 		7 KB
760 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
35c990f5530deb7d2f640743aeb26a9e5d5c3bf1838542d9237f29fd93bec8a3
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Mon, 24 Sep 2018 23:52:23 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 24 Sep 2018 23:52:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Mon, 24 Sep 2018 23:52:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f1820fb18fd530846406f6f01440f4124b5ebb231a5bdb9f6b60ddf5737c42a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27516
x-xss-protection
1; mode=block
server
cafe
etag
3406154613634451085
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Sep 2018 23:52:23 GMT
bootstrap.min.css
1u.fi/static/css/ 		89 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1u.fi/static/css/bootstrap.min.css
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
5bbce5fecbe57744efc9dc6978021d5c86193c833ca989aee7b8a440294e61a9

Request headers

:path
/static/css/bootstrap.min.css
pragma
no-cache
cookie
__cfduid=df8dc6bb8ac512b4cd7290826c564f9c61537833143; PHPSESSID=f126a5mq73nq3ahhaaa70af47f; short_80Paj=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
1u.fi
referer
https://1u.fi/80Paj
:scheme
https
:method
GET
Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 13 Jul 2018 21:53:43 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5b491f67-1631a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
private, max-age=2678400
cf-ray
45f92a1daefe6409-FRA
expires
Thu, 25 Oct 2018 15:09:10 GMT
style.css
1u.fi/themes/los-theme-v5/ 		49 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1u.fi/themes/los-theme-v5/style.css
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e220524fc1fef0e368f77e5bdfd1e1d043d1304181a4c0542d3ef73e207e07e6

Request headers

:path
/themes/los-theme-v5/style.css
pragma
no-cache
cookie
__cfduid=df8dc6bb8ac512b4cd7290826c564f9c61537833143; PHPSESSID=f126a5mq73nq3ahhaaa70af47f; short_80Paj=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
1u.fi
referer
https://1u.fi/80Paj
:scheme
https
:method
GET
Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
cf-cache-status
HIT
x-powered-by
PleskLin
status
200
last-modified
Sat, 18 Aug 2018 11:07:09 GMT
server
cloudflare
etag
W/"5b77fddd-c52c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 25 Oct 2018 23:52:23 GMT
cache-control
public, max-age=2678400
cf-polished
status=cannot_optimize
cf-ray
45f92a1daeff6409-FRA
cf-bgj
minify
components.min.css
1u.fi/static/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1u.fi/static/css/components.min.css
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d960570a3f32fc7c0cfecdb73fa3ade23c21ff38a0dbdf5af9ab6e6306d58114

Request headers

:path
/static/css/components.min.css
pragma
no-cache
cookie
__cfduid=df8dc6bb8ac512b4cd7290826c564f9c61537833143; PHPSESSID=f126a5mq73nq3ahhaaa70af47f; short_80Paj=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
1u.fi
referer
https://1u.fi/80Paj
:scheme
https
:method
GET
Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 27 Feb 2018 21:04:08 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"5a95c7c8-4b2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
private, max-age=2678400
cf-ray
45f92a1daf016409-FRA
expires
Thu, 25 Oct 2018 15:09:10 GMT
all.css
use.fontawesome.com/releases/v5.0.10/css/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://1u.fi/80Paj
Origin
https://1u.fi

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
last-modified
Tue, 10 Apr 2018 23:10:22 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"d1acb8ad33b1526acbfd3f0028b859b0"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 27 Aug 2018 23:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2420982
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
29440
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Aug 2019 23:22:41 GMT
bootstrap.min.js
1u.fi/static/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1u.fi/static/bootstrap.min.js
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6c785dee6ed2b248070e51f80868e1b938665681c17188c4e579c9c509ae05d8

Request headers

:path
/static/bootstrap.min.js
pragma
no-cache
cookie
__cfduid=df8dc6bb8ac512b4cd7290826c564f9c61537833143; PHPSESSID=f126a5mq73nq3ahhaaa70af47f; short_80Paj=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
1u.fi
referer
https://1u.fi/80Paj
:scheme
https
:method
GET
Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 24 Feb 2014 19:21:18 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"530b9bae-d5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private, max-age=2678400
cf-ray
45f92a1daf026409-FRA
expires
Thu, 25 Oct 2018 15:09:10 GMT
application.fn.js
1u.fi/static/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1u.fi/static/application.fn.js
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6634cc778a3d09d667473c983fbe83f4ccdb8a7765d8d3310620f294e673aff4

Request headers

:path
/static/application.fn.js
pragma
no-cache
cookie
__cfduid=df8dc6bb8ac512b4cd7290826c564f9c61537833143; PHPSESSID=f126a5mq73nq3ahhaaa70af47f; short_80Paj=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
1u.fi
referer
https://1u.fi/80Paj
:scheme
https
:method
GET
Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
cf-cache-status
HIT
x-powered-by
PleskLin
status
200
last-modified
Tue, 06 Mar 2018 22:45:12 GMT
server
cloudflare
etag
W/"5a9f19f8-10df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Oct 2018 15:09:10 GMT
cache-control
private, max-age=2678400
cf-polished
origSize=4319
cf-ray
45f92a1daf036409-FRA
cf-bgj
minify
chosen.jquery.min.js
cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.001
last-modified
Thu, 17 May 2018 09:18:19 GMT
server
cloudflare
etag
W/"5afd48db-6956"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
45f92a1dacef96a6-FRA
expires
Sat, 14 Sep 2019 23:52:23 GMT
icheck.min.js
cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.001
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
W/"5afd4939-11a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
45f92a1dacf096a6-FRA
expires
Sat, 14 Sep 2019 23:52:23 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/clipboard.min.js?v=1.5.15
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.020
last-modified
Thu, 17 May 2018 09:18:33 GMT
server
cloudflare
etag
W/"5afd48e9-2824"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
45f92a1dacf296a6-FRA
expires
Sat, 14 Sep 2019 23:52:23 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.001
last-modified
Thu, 17 May 2018 09:18:36 GMT
server
cloudflare
etag
W/"5afd48ec-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
45f92a1dacf396a6-FRA
expires
Sat, 14 Sep 2019 23:52:23 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.001
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
45f92a1dacee96a6-FRA
expires
Sat, 14 Sep 2019 23:52:23 GMT
css
fonts.googleapis.com/ 		1 KB
519 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c9f755413c6709e8078e13aa655b230d7f55b068dc3e379080d99faa650e9957
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Mon, 24 Sep 2018 23:52:23 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 24 Sep 2018 23:52:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Mon, 24 Sep 2018 23:52:23 GMT
pace.js
cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.001
last-modified
Thu, 17 May 2018 09:24:46 GMT
server
cloudflare
etag
W/"5afd4a5e-621b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
45f92a1dacf496a6-FRA
expires
Sat, 14 Sep 2019 23:52:23 GMT
application.js
1u.fi/static/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1u.fi/static/application.js
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
91acd5821a21d3101aa0130ed2580235571bcaef5f604bcbbb06b18e2c2bd9c6

Request headers

:path
/static/application.js
pragma
no-cache
cookie
__cfduid=df8dc6bb8ac512b4cd7290826c564f9c61537833143; PHPSESSID=f126a5mq73nq3ahhaaa70af47f; short_80Paj=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
1u.fi
referer
https://1u.fi/80Paj
:scheme
https
:method
GET
Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
cf-cache-status
HIT
x-powered-by
PleskLin
status
200
last-modified
Wed, 09 May 2018 11:51:14 GMT
server
cloudflare
etag
W/"5af2e0b2-28bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Oct 2018 15:09:10 GMT
cache-control
private, max-age=2678400
cf-polished
origSize=10428
cf-ray
45f92a1daf056409-FRA
cf-bgj
minify
server.js
1u.fi/static/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1u.fi/static/server.js
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
787c4fe280d6c7aeaccf3a7b62ed0a4b4bfc5c802e468c470e930692edb73ed2

Request headers

:path
/static/server.js
pragma
no-cache
cookie
__cfduid=df8dc6bb8ac512b4cd7290826c564f9c61537833143; PHPSESSID=f126a5mq73nq3ahhaaa70af47f; short_80Paj=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
1u.fi
referer
https://1u.fi/80Paj
:scheme
https
:method
GET
Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
cf-cache-status
HIT
x-powered-by
PleskLin
status
200
last-modified
Fri, 16 Mar 2018 13:26:46 GMT
server
cloudflare
etag
W/"5aabc616-1daf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Oct 2018 15:09:10 GMT
cache-control
private, max-age=2678400
cf-polished
origSize=7599
cf-ray
45f92a1daf066409-FRA
cf-bgj
minify
auto_site_logo.png
1u.fi/content/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1u.fi/content/auto_site_logo.png
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
066627c7ab8ea6b38d444ff623f86b2ac786744716aad5fe6edc1d3907ab89d6

Request headers

:path
/content/auto_site_logo.png
pragma
no-cache
cookie
__cfduid=df8dc6bb8ac512b4cd7290826c564f9c61537833143; PHPSESSID=f126a5mq73nq3ahhaaa70af47f; short_80Paj=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
1u.fi
referer
https://1u.fi/80Paj
:scheme
https
:method
GET
Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
etag
"5b77f61c-3032"
cf-cache-status
HIT
last-modified
Sat, 18 Aug 2018 10:34:04 GMT
server
cloudflare
x-powered-by
PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
45f92a1daf076409-FRA
content-length
12338
expires
Thu, 25 Oct 2018 23:52:23 GMT
main.js
1u.fi/themes/los-theme-v5/assets/js/ 		820 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1u.fi/themes/los-theme-v5/assets/js/main.js
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
971378ffda14cce88fab62628e7f1a3df0d8db09ececd91c06d7b790cdc5ad6c

Request headers

:path
/themes/los-theme-v5/assets/js/main.js
pragma
no-cache
cookie
__cfduid=df8dc6bb8ac512b4cd7290826c564f9c61537833143; PHPSESSID=f126a5mq73nq3ahhaaa70af47f; short_80Paj=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
1u.fi
referer
https://1u.fi/80Paj
:scheme
https
:method
GET
Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
cf-cache-status
HIT
x-powered-by
PleskLin
status
200
last-modified
Tue, 31 Jul 2018 13:26:45 GMT
server
cloudflare
etag
W/"5b606395-396"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Oct 2018 23:52:23 GMT
cache-control
public, max-age=2678400
cf-polished
origSize=918
cf-ray
45f92a1dcf0d6409-FRA
cf-bgj
minify
js
www.googletagmanager.com/gtag/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-124195803-1
Requested by
Host: 1u.fi
URL: https://1u.fi/cdn-cgi/apps/head/L01JHdL8eEGqNiZmE89LeNZUbZo.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:812::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
c91f17e5e8d7bfbfff053ca8f09100803feec455626852871c7dda048e55f629
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:23 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
28173
x-xss-protection
1; mode=block
expires
Mon, 24 Sep 2018 23:52:23 GMT
header-background-1.png
1u.fi/static/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1u.fi/static/header-background-1.png
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
20896b11ef25da8f2248d9d443766362eb2e106f08aa6628be029bb1f4b6a87f

Request headers

:path
/static/header-background-1.png
pragma
no-cache
cookie
__cfduid=df8dc6bb8ac512b4cd7290826c564f9c61537833143; PHPSESSID=f126a5mq73nq3ahhaaa70af47f; short_80Paj=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
1u.fi
referer
https://1u.fi/themes/los-theme-v5/style.css
:scheme
https
:method
GET
Referer
https://1u.fi/themes/los-theme-v5/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:24 GMT
etag
"5b3a9935-117fc"
cf-cache-status
HIT
last-modified
Mon, 02 Jul 2018 21:29:25 GMT
server
cloudflare
x-powered-by
PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
private, max-age=2678400
accept-ranges
bytes
cf-ray
45f92a1e2f296409-FRA
content-length
71676
expires
Thu, 25 Oct 2018 15:09:11 GMT
XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v9/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v9/XRXV3I6Li01BKofINeaBTMnFcQ.woff2
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:812::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b84cb5526138d67667e3fdb927a5da473b5c247632e02a8192da575a47e91d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Nunito
Origin
https://1u.fi

Response headers

date
Fri, 21 Sep 2018 06:03:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:05:07 GMT
server
sffe
age
323361
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13572
x-xss-protection
1; mode=block
expires
Sat, 21 Sep 2019 06:03:03 GMT
glyphicons-halflings-regular.woff
1u.fi/static/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1u.fi/static/fonts/glyphicons-halflings-regular.woff
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5450 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

:path
/static/fonts/glyphicons-halflings-regular.woff
pragma
no-cache
cookie
__cfduid=df8dc6bb8ac512b4cd7290826c564f9c61537833143; PHPSESSID=f126a5mq73nq3ahhaaa70af47f; short_80Paj=1
origin
https://1u.fi
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
1u.fi
referer
https://1u.fi/static/css/bootstrap.min.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://1u.fi/static/css/bootstrap.min.css
Origin
https://1u.fi

Response headers

date
Mon, 24 Sep 2018 23:52:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2014 07:24:42 GMT
server
cloudflare
x-powered-by
PleskLin
etag
W/"52fc733a-5b18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
status
200
cache-control
private, max-age=2678400
cf-ray
45f92a1e3f2d6409-FRA
expires
Thu, 25 Oct 2018 15:09:11 GMT
piwik.js
analytics.markus.ovh/ 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.markus.ovh/piwik.js
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681c:773 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
4977be76c5a092e259d3f9f7cf8c2e313365d95453af3cf21541dfdf1b236fce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
PleskLin
status
200
strict-transport-security
max-age=15552000; preload
last-modified
Wed, 29 Aug 2018 13:03:51 GMT
server
cloudflare
etag
W/"5b8699b7-102e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Oct 2018 23:52:24 GMT
cache-control
public, max-age=2678400
cf-polished
origSize=66277
cf-ray
45f92a1ebb75974a-FRA
cf-bgj
minify
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=1u.fi
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Sep 2018 23:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=1u.fi
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Sep 2018 23:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
ca-pub-2002102270485273.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-2002102270485273.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 11:54:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 23 Sep 2018 21:15:00 GMT
server
sffe
age
43096
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
125
x-xss-protection
1; mode=block
expires
Mon, 24 Sep 2018 23:54:08 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180917/r20180604/ Frame 2420 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180917/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180917/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://1u.fi/80Paj
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://1u.fi/80Paj

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 17 Sep 2018 19:12:12 GMT
expires
Mon, 01 Oct 2018 19:12:12 GMT
content-type
text/html; charset=UTF-8
etag
18162506661661110595
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6931
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
621612
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/ Frame BD89 		196 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6e02736a6f9e93cdfe22ded97de7a301f4633fad2372bfaa40c825ed2500c4a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
74155
x-xss-protection
1; mode=block
server
cafe
etag
12098869324327732531
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Sep 2018 23:52:24 GMT
analytics.js
www.google-analytics.com/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124195803-1
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Sep 2018 23:12:19 GMT
server
Golfe2
age
1461
date
Mon, 24 Sep 2018 23:28:03 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16173
expires
Tue, 25 Sep 2018 01:28:03 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j69&a=682419148&t=pageview&_s=1&dl=https%3A%2F%2F1u.fi%2F80Paj&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%201u.fi%20-%20Custom%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=2146678877&gjid=513882219&cid=858007891.1537833144&tid=UA-124195803-1&_gid=484580445.1537833144&_r=1&gtm=u9h&z=665548153
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Sep 2018 23:52:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 57D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2002102270485273&output=html&adk=293675617&adf=814277786&lmt=1537833144&plat=1%3A32776%2C2%3A33800%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=https%3A%2F%2F1u.fi%2F80Paj&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1537833144065&bpp=5&bdt=129&fdt=8&idt=75&shv=r20180917&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=5332356982840&frm=20&pv=2&ga_vid=858007891.1537833144&ga_sid=1537833144&ga_hid=682419148&ga_fc=0&iag=0&icsg=150923644843&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=3127415389&ifi=0&fsb=1&dtd=90
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2002102270485273&output=html&adk=293675617&adf=814277786&lmt=1537833144&plat=1%3A32776%2C2%3A33800%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=https%3A%2F%2F1u.fi%2F80Paj&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1537833144065&bpp=5&bdt=129&fdt=8&idt=75&shv=r20180917&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=5332356982840&frm=20&pv=2&ga_vid=858007891.1537833144&ga_sid=1537833144&ga_hid=682419148&ga_fc=0&iag=0&icsg=150923644843&dssz=25&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=3127415389&ifi=0&fsb=1&dtd=90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://1u.fi/80Paj
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://1u.fi/80Paj

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 24 Sep 2018 23:52:24 GMT
server
cafe
cache-control
private
content-length
703
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Tue, 25-Sep-2018 00:07:24 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Mon, 24 Sep 2018 23:52:24 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180917/r20180604/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
f4055bd0cdf467ff6940a20d9284a60987a85578033114820b1dc605dbb70991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 17 Sep 2018 23:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607412
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26901
x-xss-protection
1; mode=block
server
cafe
etag
11408177114345171100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Oct 2018 23:08:52 GMT
piwik.php
analytics.markus.ovh/ 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.markus.ovh/piwik.php?action_name=1u.fi%2FPage%20not%20found%20-%201u.fi%20-%20Custom%20URL%20Shortener&idsite=46m931D33mD80725&rec=1&r=811035&h=23&m=52&s=24&url=https%3A%2F%2F1u.fi%2F80Paj&_id=5bcbabac8a6ef91f&_idts=1537833144&_idvc=1&_idn=0&_refts=0&_viewts=1537833144&send_image=1&cookie=1&res=1600x1200&gt_ms=124&pv_id=In02r1&webgl=0
Requested by
Host: 1u.fi
URL: https://1u.fi/80Paj
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681c:773 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://1u.fi/80Paj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 24 Sep 2018 23:52:24 GMT
x-content-type-options
nosniff
server
cloudflare
x-powered-by
PleskLin
x-cache-status
BYPASS
strict-transport-security
max-age=15552000; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
cache-control
no-store
cf-ray
45f92a1f1ba0974a-FRA

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Eager object| CloudflareApps object| dataLayer object| adsbygoogle function| $ function| jQuery function| is_mobile function| is_tablet string| appurl string| token object| cookieconsent object| Pace function| icheck_reload function| show_forgot_password function| update_sidebar function| zClipload function| loadall function| form_switch function| server object| lang object| _paq object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state function| google_spfd object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_iframe_oncopy object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| sa object| gaGlobal object| gaData object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired object| JSON_PIWIK object| Piwik object| AnalyticsTracker function| piwik_log function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| google_ama_all_ads_detection_enabled

9 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.1u.fi/ Name: _pk_ses.46m931D33mD80725.0fdb
Value: *
.1u.fi/ Name: _pk_id.46m931D33mD80725.0fdb
Value: 5bcbabac8a6ef91f.1537833144.1.1537833144.1537833144.
1u.fi/ Name: PHPSESSID
Value: f126a5mq73nq3ahhaaa70af47f
1u.fi/ Name: short_80Paj
Value: 1
.1u.fi/ Name: _gid
Value: GA1.2.484580445.1537833144
.1u.fi/ Name: _ga
Value: GA1.2.858007891.1537833144
.1u.fi/ Name: _gat_gtag_UA_124195803_1
Value: 1
.1u.fi/ Name: __cfduid
Value: df8dc6bb8ac512b4cd7290826c564f9c61537833143

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1u.fi
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.markus.ovh
cdnjs.cloudflare.com
fileshare.upackgroup.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
188.94.226.26
23.111.9.35
2400:cb00:2048:1::6813:c497
2400:cb00:2048:1::681c:773
2400:cb00:2048:1::681f:5450
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:816::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:820::200a
2a00:1450:4001:824::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
066627c7ab8ea6b38d444ff623f86b2ac786744716aad5fe6edc1d3907ab89d6
08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f
20896b11ef25da8f2248d9d443766362eb2e106f08aa6628be029bb1f4b6a87f
35c990f5530deb7d2f640743aeb26a9e5d5c3bf1838542d9237f29fd93bec8a3
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4977be76c5a092e259d3f9f7cf8c2e313365d95453af3cf21541dfdf1b236fce
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5bbce5fecbe57744efc9dc6978021d5c86193c833ca989aee7b8a440294e61a9
5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
6634cc778a3d09d667473c983fbe83f4ccdb8a7765d8d3310620f294e673aff4
6c785dee6ed2b248070e51f80868e1b938665681c17188c4e579c9c509ae05d8
6e02736a6f9e93cdfe22ded97de7a301f4633fad2372bfaa40c825ed2500c4a5
6f1820fb18fd530846406f6f01440f4124b5ebb231a5bdb9f6b60ddf5737c42a
787c4fe280d6c7aeaccf3a7b62ed0a4b4bfc5c802e468c470e930692edb73ed2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91acd5821a21d3101aa0130ed2580235571bcaef5f604bcbbb06b18e2c2bd9c6
971378ffda14cce88fab62628e7f1a3df0d8db09ececd91c06d7b790cdc5ad6c
a06f6ce70195f34c0facf930a7d2503361606a7e020287b1fb14d66f9a4076fe
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72
abee8fa21a511184db5fdc252c2a50c17049a618754a09c0b68ec4925b966401
ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b84cb5526138d67667e3fdb927a5da473b5c247632e02a8192da575a47e91d64
c91f17e5e8d7bfbfff053ca8f09100803feec455626852871c7dda048e55f629
c9f755413c6709e8078e13aa655b230d7f55b068dc3e379080d99faa650e9957
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
d960570a3f32fc7c0cfecdb73fa3ade23c21ff38a0dbdf5af9ab6e6306d58114
e220524fc1fef0e368f77e5bdfd1e1d043d1304181a4c0542d3ef73e207e07e6
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
f4055bd0cdf467ff6940a20d9284a60987a85578033114820b1dc605dbb70991
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e