1waypp.top Open in urlscan Pro
190.115.19.101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1waypp.top/
Effective URL:
https://1waypp.top/
Submission: On February 06 via manual (February 6th 2023, 9:49:01 am UTC) from NL — Scanned from NL

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 48 HTTP transactions. The main IP is 190.115.19.101, located in Belize City, Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is 1waypp.top.
TLS certificate: Issued by R3 on February 3rd 2023. Valid for: 3 months.

This is the only time 1waypp.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	190.115.19.101 190.115.19.101	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
23	2606:4700:20:... 2606:4700:20::ac43:47db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400d:808::2008	15169 (GOOGLE) (GOOGLE)
1	18.65.39.42 18.65.39.42	16509 (AMAZON-02) (AMAZON-02)
1	18.65.39.37 18.65.39.37	16509 (AMAZON-02) (AMAZON-02)
1	108.156.60.31 108.156.60.31	16509 (AMAZON-02) (AMAZON-02)
2 4	142.251.39.6 142.251.39.6	15169 (GOOGLE) (GOOGLE)
1	52.222.206.6 52.222.206.6	16509 (AMAZON-02) (AMAZON-02)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
48	14

8 190.115.19.101 (Belize City, Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: indal14.com

1waypp.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:20::ac43:47db (United States)

ASN13335 (CLOUDFLARENET, US)

1win-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-42.ams1.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-37.ams1.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-31.ams1.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.39.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f6.1e100.net

12688802.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12572451.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-6.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	1win-cdn.com 1win-cdn.com — Cisco Umbrella Rank: 489704	1 MB
8	1waypp.top 1 redirects 1waypp.top	95 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3735	74 KB
4	doubleclick.net 2 redirects 12688802.fls.doubleclick.net — Cisco Umbrella Rank: 677006 12572451.fls.doubleclick.net — Cisco Umbrella Rank: 642274	2 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 620 script.hotjar.com — Cisco Umbrella Rank: 815 vars.hotjar.com — Cisco Umbrella Rank: 855	72 KB
3	amplitude.com api.lab.amplitude.com — Cisco Umbrella Rank: 6073 cdn.amplitude.com — Cisco Umbrella Rank: 2618	27 KB
2	google.nl adservice.google.nl — Cisco Umbrella Rank: 14078	665 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 70	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	134 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2456	241 B
48	10

	Domain	Requested by
23	1win-cdn.com	1waypp.top 1win-cdn.com
8	1waypp.top	1 redirects 1win-cdn.com 1waypp.top
4	mc.yandex.ru	1 redirects 1waypp.top
2	adservice.google.nl	adservice.google.com
2	adservice.google.com	12688802.fls.doubleclick.net 12572451.fls.doubleclick.net
2	12572451.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	12688802.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	1waypp.top www.googletagmanager.com
2	api.lab.amplitude.com	1win-cdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.amplitude.com	1waypp.top
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	1waypp.top
48	14

This site contains no links.

Subject Issuer	Validity	Valid
1waypp.top R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
*.1win-cdn.com GTS CA 1P5	`2022-12-12` - `2023-03-12`	3 months	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-24` - `2023-06-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M01	`2023-01-12` - `2024-02-11`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://1waypp.top/
Frame ID: 797E2D5E3BCE6885D5C39525EB2308F0
Requests: 41 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: 97F741EBAB039A4979795D19CE10DADD
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome
Frame ID: EF3AC7AFB8986053DD28A6B3BC8FA27A
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7512114026635.013
Frame ID: D4D83E4CEBB3909546C5504784BDBBE2
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome
Frame ID: 8368DCC0535B8F6A40D92D5D822C4217
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7512114026635.013;~oref=https://1waypp.top/
Frame ID: B65D60EC87163FFBDE5349DD6EF7EB9C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.nl/ddm/fls/i/dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome
Frame ID: 8F938BC54130849F056BF6ECD0C69B9C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.nl/ddm/fls/i/dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7512114026635.013;~oref=https://1waypp.top/
Frame ID: 6C4126D06D69E21A735CFB5733A73432
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1win

Page URL History Show full URLs

http://1waypp.top/ HTTP 301
https://1waypp.top/ Page URL

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

48
Requests

98 %
HTTPS

46 %
IPv6

10
Domains

14
Subdomains

14
IPs

4
Countries

1596 kB
Transfer

3844 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1waypp.top/ HTTP 301
https://1waypp.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome

Request Chain 38

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7512114026635.013 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7512114026635.013

Request Chain 44

https://mc.yandex.ru/watch/92006234?wmode=7&page-url=https%3A%2F%2F1waypp.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A4011%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A724864520916%3Ahid%3A334731756%3Az%3A0%3Ai%3A20230206094857%3Aet%3A1675676937%3Ac%3A1%3Arn%3A768662347%3Arqn%3A1%3Au%3A1675676937875670036%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C118%2C3059%2C1%2C636%2C0%2C%2C38%2C0%2C4328%2C4328%2C0%2C4132%3Aco%3A0%3Acpf%3A1%3Ans%3A1675676931743%3Arqnl%3A1%3Ast%3A1675676937%3At%3A1win&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1waypp.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A4011%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A724864520916%3Ahid%3A334731756%3Az%3A0%3Ai%3A20230206094857%3Aet%3A1675676937%3Ac%3A1%3Arn%3A768662347%3Arqn%3A1%3Au%3A1675676937875670036%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C118%2C3059%2C1%2C636%2C0%2C%2C38%2C0%2C4328%2C4328%2C0%2C4132%3Aco%3A0%3Acpf%3A1%3Ans%3A1675676931743%3Arqnl%3A1%3Ast%3A1675676937%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
1waypp.top/
Redirect Chain

http://1waypp.top/
https://1waypp.top/

22 KB
9 KB

3180ms
3059ms

Document
text/html

190.115.19.101
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1waypp.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.115.19.101 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: indal14.com
Software: openresty/1.19.9.1 /
Resource Hash: 055ec6b37e2f453f754e9b762666f13808644029328b6b3d728ecf460fc77563

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 06 Feb 2023 09:48:55 GMT
etag: W/"63db917f-58be"
last-modified: Thu, 02 Feb 2023 10:33:35 GMT
server: openresty/1.19.9.1

Redirect headers

Connection: keep-alive
Content-Length: 175
Content-Type: text/html
Date: Mon, 06 Feb 2023 09:48:52 GMT
Location: https://1waypp.top
Server: openresty/1.19.9.1
X-Frame-Options: DENY

GET
H2 200 chunk-vendors.b204489a.js Show response
1win-cdn.com/js/ 417 KB
130 KB 171ms
73ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/chunk-vendors.b204489a.js
Requested by: Host: 1waypp.top
URL: https://1waypp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebab49b68577b689bab64e219e1dbc281f64e6fb98da9185fb088f8587dae613

Request headers

Referer: https://1waypp.top/
Origin: https://1waypp.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 10:33:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63db9175-68484"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfy3K1cxnVIKhjyIi7zs2jC%2Bylxlde4ueGSrs%2FvUcVn2adOX5SkvAyoiPPopHPR%2BaEg%2BJcc9iqyIeHWT68X3%2BLa%2FS2%2FRV7ZGpqwHzoQVM4gq9hwDF7pozKW0o7OCByGMoAJbnKbb9QM6FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f90ff8e40e39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-common.e248ac5d.js Show response
1win-cdn.com/js/ 16 KB
6 KB 134ms
36ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/chunk-common.e248ac5d.js
Requested by: Host: 1waypp.top
URL: https://1waypp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46628a441aecd1ebc9f784d76278463ea8eb9fa05b3ed7f062002f969d88bc51

Request headers

Referer: https://1waypp.top/
Origin: https://1waypp.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 10:33:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63db9175-4163"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZq%2FthrVqN7Oi6rw5YYUZj%2FBZoJxZlycUumAMobmCTvXM0K6sP%2FI%2FSEfLYRDTrzJBlwAFbogP3fDdwde72U0FqTrVCVf1%2FVY59I0MQrboKtKQY8CKtHD37k9nhcQrwotmQHnNH9IHWCgLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f90ff8e50e39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.f3d3990d.js Show response
1win-cdn.com/js/ 89 KB
30 KB 114ms
42ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/index.f3d3990d.js
Requested by: Host: 1waypp.top
URL: https://1waypp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d378c62dca05a5ebd32a4724469e685a2473c76ff496d86794499a018bfbdff0

Request headers

Referer: https://1waypp.top/
Origin: https://1waypp.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 10:33:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63db9174-16552"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJFm2F2LH1GMwdK46X1z%2F31OazJ8LTcg9BZxVPlelBrM56OGn9Iq4dqchGtdjGfMZyRMyVxrgYshtkymtuqUlpie2z6pJ26jsdlUvV9uV6R3hOXxDXnUYZ0GjEbzPOQGTRsON%2F2ETmc7bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f90ff8de0e39-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.d41825b9.js Show response
1win-cdn.com/js/ 116 KB
30 KB 115ms
41ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/desktop.d41825b9.js
Requested by: Host: 1waypp.top
URL: https://1waypp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13e5cf8e4ff7cad2989335c5bdc83c4418b1de11c93c329737dcd4d97015198d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342888
cf-polished: origSize=119138
cf-bgj: minify
last-modified: Thu, 02 Feb 2023 10:33:26 GMT
server: cloudflare
etag: W/"63db9176-1d162"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpRi6y8oQerUxjvRAIlKPAPYMMEDviEz1RkNrcTFJ2zxk1sJ27%2BcgTm5sXGW4%2FJPum20%2BYR56JhKRYvWNO%2BFgVoWAcKxoa9CLBNpLOE%2BAETZEHYSpl461fctZB4b9NiTDP34qWve4mqexQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f90ffc651c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.31e6deb9.css
1win-cdn.com/css/ 94 KB
16 KB 112ms
39ms Stylesheet
text/css 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/desktop.31e6deb9.css
Requested by: Host: 1waypp.top
URL: https://1waypp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 706faf901aff057e9010dce6ae5f8bc625c7a014c5a619ea4479d9500e6f36e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2418585
cf-polished: origSize=95906
cf-bgj: minify
last-modified: Mon, 09 Jan 2023 09:58:55 GMT
server: cloudflare
etag: W/"63bbe55f-176a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOnmIFmm272j2OQ1bjVmwIgao2v%2BOHlPo4Zrmb8G3T8ABehxC0U%2FpZMsLat43fDHceorCYvGVCd%2BNmWOIdYsGFfQnZuxaWFut%2BnKxJzMSZTBwtrdxAC6bh7fRydOIzlT54UDFMD4%2FQ%2BrNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f90ffc5f1c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6610.4f034e44.css
1win-cdn.com/css/ 0
497 B 111ms
38ms Stylesheet
text/css 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/6610.4f034e44.css
Requested by: Host: 1waypp.top
URL: https://1waypp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3973783
content-length: 0
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
server: cloudflare
etag: "63a42a53-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPpJ2vVPO6TLnact3mIbZ3AtV97E0sgddz41f3RRuLiA99czJ80u9sy8RttEYONG7OabFcN%2FFYmdkqdjq%2F234y0FS0c36oqvh1kPsP%2BTSmZXImVNZbQ7GaGYtaUhQWWFQzCHV57RQnSpkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7952f90ffc641c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 affiliate:link_visit Show response
1waypp.top/ 15 B
404 B 134ms
133ms XHR
application/json 190.115.19.101
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1waypp.top/affiliate:link_visit?visit_domain=1waypp.top&sub_ids=undefined

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors.b204489a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.101 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

indal14.com

Software

openresty/1.19.9.1 / Express

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:55 GMT
server: openresty/1.19.9.1
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: undefined
access-control-expose-headers: Authorization
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 15

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 icons-common.c0259c25.js Show response
1win-cdn.com/js/ 226 KB
63 KB 41ms
40ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/icons-common.c0259c25.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f615ab12417ad4f7f8fb9d58a83c35087fdf0508b19577597d8c946f16da1bb8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1723620
cf-polished: origSize=231782
cf-bgj: minify
last-modified: Tue, 17 Jan 2023 11:01:35 GMT
server: cloudflare
etag: W/"63c6800f-38966"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9QAvM%2FPmN3SOZ35jnvI%2BfUJx%2FW4cJ2jnBdO8%2BKNfvBdGtw9FL1xQQOJ8sjB8SPD3xshZJW6Ck%2FMVefXq79yr%2B9ef%2BmalAHlSz%2BaQv6ymwWUUNja%2FjLs%2BqGfRp8ZnzLsoqbJeGw4vNK7gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9114e021c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1705.d306728f.js Show response
1win-cdn.com/js/ 29 KB
10 KB 35ms
35ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/1705.d306728f.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270fd7ec5b3a45c223ebd2f7740a48447e8d190b0ae2487cf6c4ddfc94cea1b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3973783
cf-polished: origSize=29313
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
server: cloudflare
etag: W/"63a42a53-7281"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFCAAsdVIag4S90wLnN6j%2FkbIZmdMkGbw6PU8x4r5RoiCOsnSVhwPQIU2ajMi29DGCDdmtwwa7uDqiwjsq%2BsiD64fDhmfEmCs4zE7mgx2nXsDrwmExQc4umKXAHXg3dR%2Fm2il8bIaB8VMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9114e061c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1895.80662a88.js Show response
1win-cdn.com/js/ 59 KB
17 KB 36ms
36ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/1895.80662a88.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a57bf2f70b0f2d8895f235f3a2b1f53fee0f285d3206f47ac272f92ef49ea30

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 591082
cf-polished: origSize=60416
cf-bgj: minify
last-modified: Mon, 30 Jan 2023 13:36:58 GMT
server: cloudflare
etag: W/"63d7c7fa-ec00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNQb4Kjzkfz1A%2By%2BdxWnFxDv%2BNgHxkmeA2YsD5BHhQofBk9%2BpMhmr8%2F%2BV9b7eYxsPk4mpuT3SIG6cra8pYR5TUKR8k6MIXRhmyc14S7MdBSXsYeyfF0iPPKCddDk2Nzz4caBWPOnP1EhWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9114e071c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2950.0a35ca33.css
1win-cdn.com/css/ 19 KB
5 KB 33ms
33ms Stylesheet
text/css 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/2950.0a35ca33.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 991d3406bc3df3c53ede6247bd54d1fb2fbf348da2b27b993b7ec4801664d2c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1205520
cf-polished: origSize=19535
cf-bgj: minify
last-modified: Mon, 23 Jan 2023 10:56:35 GMT
server: cloudflare
etag: W/"63ce67e3-4c4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDOjZh8CCbF2cA24nAbdaIElOaUUOfBT49SFfBM6yRDM5QB4crg2zxqJczSR3GZQL6t%2Bpa8aBoUt%2FrpvKGO%2FqYbX9R7lBpZRtWdZqe3YUn3w3fBdVr2aTJ0ICtapvvZkjpIWXp%2BsLIsl9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9114e081c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2950.f117965c.js Show response
1win-cdn.com/js/ 527 KB
144 KB 59ms
59ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/2950.f117965c.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6608208ba0f8f0e1c21b44ea9d9e2b365aac164757596ba2f9b71ea2bd602958

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342902
cf-polished: origSize=540139
cf-bgj: minify
last-modified: Thu, 02 Feb 2023 10:33:26 GMT
server: cloudflare
etag: W/"63db9176-83deb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZ7GhjpaGzbtuj1i2gLm3f4kF%2FIU6hbL27B2MGowIXGLaCoXWPpSayI2PoNd1G6YijZomiHaTMA07HajQYDMW64SdZkVOShJ5jl8KjxHSZnyPH9vgyouLOZs7CCldGf4EAUJlC1WASgZZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9114e0a1c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFNSText.c652402c.woff2
1win-cdn.com/fonts/ 370 KB
371 KB 37ms
37ms Font
application/octet-stream 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/fonts/SFNSText.c652402c.woff2
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/css/2950.0a35ca33.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49073903870a8bb345c24e632270bc480dde66725f0af85c66df5cb7269c4214

Request headers

Referer: https://1win-cdn.com/css/2950.0a35ca33.css
Origin: https://1waypp.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:55 GMT
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 10:33:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63db9178-5c9b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSjpIwkQwRlRXs1Jq9OZX%2BsIbOlmzssfLyJGO6bdiJ%2F60kkQyEeQR9PwaafJtL2cjz%2FFu1Y0FDNLfxeSTn9rvb28QbozY2Toxkpb3gDMU1QfSs%2FcXUhhuIIMD0D8NAVi99Ttp4d04YoR%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7952f9118ae00e39-AMS
content-length: 379312
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 386ms
182ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://1waypp.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://1waypp.top
access-control-max-age: 1800
date: Mon, 06 Feb 2023 09:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-63e0cd08-19de6fcf4f6b5483256a6c68
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-ewr18173-EWR
x-timer: S1675676936.302926,VS0,VE88

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 2 B
128 B 186ms
185ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/2950.f117965c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1waypp.top/
accept-language: nl-NL,nl;q=0.9
Authorization: Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS41LjUiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMDkiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9wcm9wZXJ0aWVzIjp7fX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by: cache-ewr18173-EWR
date: Mon, 06 Feb 2023 09:48:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
x-timer: S1675676936.486459,VS0,VE91
x-amzn-trace-id: Root=1-63e0cd08-43eec9494999f1c55c0504ea
vary: Origin, Origin
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1waypp.top
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2
x-cache-hits: 0

GET
H2 200 en Show response
1waypp.top/lang/site/ 208 KB
66 KB 93ms
93ms XHR
application/json 190.115.19.101
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1waypp.top/lang/site/en?tag=

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors.b204489a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.101 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

indal14.com

Software

openresty/1.19.9.1 /

Resource Hash

d9e53b9b87f3ce93b8a698c69c216b115e7ebe744b7e06966c65518d4fc540c4

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1waypp.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: gzip
server: openresty/1.19.9.1
x-frame-options: DENY
content-type: application/json; charset=utf-8

GET
H2 200 get-authorization Show response
1waypp.top/ 19 B
186 B 474ms
474ms XHR
application/json 190.115.19.101
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1waypp.top/get-authorization?random=1675676936052-0.903104646465047

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors.b204489a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.101 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

indal14.com

Software

openresty/1.19.9.1 /

Resource Hash

759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1waypp.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://1waypp.top
date: Mon, 06 Feb 2023 09:48:56 GMT
access-control-allow-credentials: true
server: openresty/1.19.9.1
content-length: 19
x-frame-options: DENY
content-type: application/json; charset=utf-8

GET
H2 200 firebase-app.js Show response
1waypp.top/firebase/8.1.1/ 19 KB
7 KB 65ms
62ms Script
application/javascript 190.115.19.101
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1waypp.top/firebase/8.1.1/firebase-app.js

Requested by

Host: 1waypp.top
URL: https://1waypp.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.101 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

indal14.com

Software

openresty/1.19.9.1 /

Resource Hash

01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 10:33:35 GMT
server: openresty/1.19.9.1
etag: W/"63db917f-4ded"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 155 KB
56 KB 209ms
75ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Requested by

Host: 1waypp.top
URL: https://1waypp.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27d65eee062c3ab4134936f30a3eeb527ca0d9a57757c9af6743d6c94399411b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57244
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Feb 2023 09:48:56 GMT

GET
H2 200 hotjar-2606090.js Show response
static.hotjar.com/c/ 8 KB
4 KB 85ms
27ms Script
application/javascript 18.65.39.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Requested by

Host: 1waypp.top
URL: https://1waypp.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-42.ams1.r.cloudfront.net

Software

Resource Hash

8c2d36f4db7efc19072c6badd9d2aba26578ad1458cf6b7f65b4319e993b4165

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 09:48:18 GMT
via: 1.1 0e12b175c31e0e750266df78bf0e1068.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 38
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/1ff02b3ff8cf4b15a8c942d8055ef571
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: maYiUauK9AfnSwisr-xS1byzavX5JrfDrzJDn2euf8sQ2AfFyuU0wQ==

GET
H2 200 5616.80aa74eb.css
1win-cdn.com/css/ 20 KB
3 KB 48ms
46ms Stylesheet
text/css 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/5616.80aa74eb.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1044c52db2b5fb2415bb7b2161ce330982b737169ed5e0586de79167ed5f131a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3973726
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
server: cloudflare
etag: W/"63a42a53-5088"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5M4%2BA0mDRRx7%2F%2BtwNw0sQCQWl77jzGZ3r3QaB5HzH690ICWRVBZLX6hEQ07P01ZqaNHerw1EHWxnnonoio9VjPl6aVXb6%2BJeMtj8WdU53v7%2BaTXmZWMRJkxQpKQ4twIp2O%2Fl%2BIjazVdrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9165d8a1c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1883.ce7803cd.js Show response
1win-cdn.com/js/ 13 KB
5 KB 37ms
35ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/1883.ce7803cd.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 952fc95c0b994becce7780ba0dfa5f7b8038ca1b56357258bd5bd73dbb2f554c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3973726
cf-polished: origSize=13732
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
server: cloudflare
etag: W/"63a42a53-35a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vySwv04w29AHmjrWUlMi18Trr0eVg60y%2B4WrATk%2F8ZCFAA4I9HhvS2yUhtycykVeNcPn2rRrJhcHYFRdvevGPX3gnqQWoiAvbQNFxIpkvmjCUJULlg5bbVqT%2FDnM95yECfdURSSRLS8ibw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9165d8c1c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5862.39aa5820.js Show response
1win-cdn.com/js/ 93 KB
17 KB 39ms
37ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/5862.39aa5820.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 305b57ab0a34ec27f240f50fc3244320833282babd1ae8d7caf5b21ade621565

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1723430
cf-polished: origSize=95351
cf-bgj: minify
last-modified: Tue, 17 Jan 2023 11:01:42 GMT
server: cloudflare
etag: W/"63c68016-17477"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmZfLDBkivpYDhSz%2Fb%2BxetSzA3YxVceb%2FM0mfdw%2B2LM9rTVOFwms2u4aTfv%2BKKBjUU5%2FUlVsm1iEK9bOz4qzvmiF8mI9%2Fs5mcxvjto5W%2BdI2va5ayIorMzFIxiBSSXptXVDDnjjeCFdeaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9165d8e1c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 541.d536ea95.js Show response
1win-cdn.com/js/ 11 KB
4 KB 40ms
39ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/541.d536ea95.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5523f0aca6dd2b93fd327050842a07f999bc5e8e2f78fbfa935b8413f9809c7c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3968872
cf-polished: origSize=11217
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 11:20:10 GMT
server: cloudflare
etag: W/"63a43d6a-2bd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPQtVDjaJ314nfJkAz55eVRsQRBOmJJVHNk9RRyXY0YRi6CdyZPnck0wyP0GUk6wF9zcsZqA%2Fzer4iJ9qxSAtOsUAxS7mqw%2F3TLEVlL4%2FbxW9J52lf7YlA5eC6jCGgOatzT2%2B0wVrFCWWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9165d8f1c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10.fff54e18.js Show response
1win-cdn.com/js/ 11 KB
4 KB 45ms
44ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/10.fff54e18.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4aa44699f6b614d92047394ce220f841afb548cc5f1903a71222d2483f81bee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1114229
cf-polished: origSize=11301
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 12:18:01 GMT
server: cloudflare
etag: W/"63cfcc79-2c25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5mczQJjKeN4h569z4q7IDDrZPnfU3bFP4l0oFKyZ2R0IGJaCzmEUII82AhlWmeslbkInFuRzXY9e6RY2B1HR4Kb8uOOAkbf%2Fd4OU3vNp5vJasqDBZxDOJnXIgkJ%2FJh5IcmvoRUKVvhbnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9165d901c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7057.6c4e5731.css
1win-cdn.com/css/ 67 KB
11 KB 37ms
36ms Stylesheet
text/css 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/7057.6c4e5731.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93b28330b05456496ae125f41c0a18353efd389d88c520bb747adbc7a309500d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1114229
cf-polished: origSize=68681
cf-bgj: minify
last-modified: Tue, 24 Jan 2023 12:18:03 GMT
server: cloudflare
etag: W/"63cfcc7b-10c49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFXyblL0bQZ24%2BiaG6bTijgAGDEO6JhBoCZRtT59MHOzJ%2FZrDnQiqT4d056YOuo%2B7o%2Fl6X4CjbLPHwM3ehMK6o2wl0GgK4cJQLszDGbW9zgEDi546aRbH0jfi6c71xbAjkrqiCttkwl%2Fig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9165d8b1c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7057.890c5529.js Show response
1win-cdn.com/js/ 97 KB
26 KB 40ms
39ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/7057.890c5529.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef5c9522a13b286bb81bd4961c7659e72335f214bf1c16adbfa9fbd40ca2c72c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345393
cf-polished: origSize=99219
cf-bgj: minify
last-modified: Thu, 02 Feb 2023 09:51:25 GMT
server: cloudflare
etag: W/"63db879d-18393"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYzlkUjWONUtfgsykmfuuu8%2B28L7fBANzp71zMuxaXVW5KVDTQExJ0tTsn0k8Bdhf4R0%2FAWVpTW3UgTgFH6E0J02BlJWiQjTSUGroy3yjJjQZRlUHa8jqIXs0TCCe1KUYm3aD3w%2BQ86isQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9165d911c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 539.677ecef1.js Show response
1win-cdn.com/js/ 22 KB
7 KB 34ms
33ms Script
application/javascript 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/539.677ecef1.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d426fdaff211928727e406be6f5c0831f2220c584a6ed35fc3ed931f6685ebc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 429994
cf-polished: origSize=22657
cf-bgj: minify
last-modified: Wed, 01 Feb 2023 10:19:56 GMT
server: cloudflare
etag: W/"63da3ccc-5881"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kjmNczUZfQSwIdIdUO8Rr944jIUishHDHznbK7MmebrTGToCTUIooX20lbKGc947nK7Le20rtTAn3R14Hy8hf1Irs1PP3%2BIvUd7Wf3ZCOd9wgfxa%2F3PqtrPDY0VPZnqWkOjd3y1eRSsLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9165d931c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 546.f10717d0.css
1win-cdn.com/css/ 11 KB
3 KB 35ms
34ms Stylesheet
text/css 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/546.f10717d0.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.f3d3990d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd649c46cb24fcc4eda36cc6a685121e8a271875bd6acadb5dca1274ce0260ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3968872
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 11:20:11 GMT
server: cloudflare
etag: W/"63a43d6b-2bb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQH0DsLqHxa2SXc6tHvqW7ax6047RprTA9fCXUQII1vBzjzCM6jazrYMVHzYXixFW8DtqijjHcVvCQAh8UHOEOzsFbFz9MhZErMnmAnRLzupzvNYeSuOIRnP4twk%2FNdzTrB48byJnPbGfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f9165d951c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 title Show response
1waypp.top/common/ 16 B
132 B 232ms
232ms XHR
application/json 190.115.19.101
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1waypp.top/common/title?path=bets&lang=en

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors.b204489a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.101 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

indal14.com

Software

openresty/1.19.9.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1waypp.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
server: openresty/1.19.9.1
content-length: 16
vary: Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8

GET
H2 200 firebase-messaging.js Show response
1waypp.top/firebase/8.1.1/ 40 KB
12 KB 72ms
64ms Script
application/javascript 190.115.19.101
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1waypp.top/firebase/8.1.1/firebase-messaging.js

Requested by

Host: 1waypp.top
URL: https://1waypp.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.101 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

indal14.com

Software

openresty/1.19.9.1 /

Resource Hash

58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 10:33:35 GMT
server: openresty/1.19.9.1
etag: W/"63db917f-9f25"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nl.svg
1win-cdn.com/img/flags/ 245 B
491 B 41ms
38ms Image
image/svg+xml 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-cdn.com/img/flags/nl.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 317b23c0c68de40a09f524be5874131d6d06fb49bb45037a15575448dbd94852

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Jan 2023 10:56:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1205521
etag: W/"63ce67e2-f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clHIYqN2OD1WeRQLgsK6z6UjSfPWbKluk4%2FcwJij0hcciDcXEYtkEvNmSKoMrHBrzTn%2FXxLv%2FZKS9nzy7FqTiCTY%2BzdOBv8x15q5Rq4ojQQOvvBBW5myrQ5yyADHfZunyQ1mofVrPJHC7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7952f916de661c8d-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFNSDisplay.2b5dc965.woff2
1win-cdn.com/fonts/ 288 KB
289 KB 54ms
39ms Font
application/octet-stream 2606:4700:20::ac43:47db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/fonts/SFNSDisplay.2b5dc965.woff2
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/css/2950.0a35ca33.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efdc0e9caf5e1b3f650e8ecd022ecd000bb070e1b0cf359eeb228603c325384b

Request headers

Referer: https://1win-cdn.com/css/2950.0a35ca33.css
Origin: https://1waypp.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:56 GMT
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 10:33:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63db9178-48088"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZWF7Ku6PNeFt%2BmK%2F%2FyGbGu0958oGX9mzJrSO1TPf2uQyIYksqmo3D8O1K4dAupSuk6zKx9NNN8BszEidxyRRLd5Ys95EDVZIKeF2nJn0Q0LlsCIVt6HiWcw0DSbH2K84p8MNhZfQgRK9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7952f9170aa00e39-AMS
content-length: 295048
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modules.bca0d1c28285412bb689.js Show response
script.hotjar.com/ 260 KB
67 KB 167ms
28ms Script
application/javascript 18.65.39.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bca0d1c28285412bb689.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-37.ams1.r.cloudfront.net

Software

Resource Hash

8a2eec716594a088e751fb0238d964df99bbab6d347cd0ad8f61316ae4caa0b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 13:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 247130
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 67924
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
etag: "e923aa360dc485b9df86355bd040c998"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: SP2ilMyl5hKp49l26d6i_2uzW9qlw0AoTFGjeL-RBkkzaaFR6YrrXg==

GET
H2 200 box-e031119f9e9e307a08fa610f85dbfb52.html Show response
vars.hotjar.com/ Frame 97F7 2 KB
1 KB 95ms
37ms Document
text/html 108.156.60.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.60.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-60-31.ams1.r.cloudfront.net

Software

Resource Hash

f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://1waypp.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 247131
cache-control: max-age=31536000
content-encoding: br
content-length: 1034
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:10:06 GMT
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 d5eb9a3c77e185d15862aa8fa0e3c8f0.cloudfront.net (CloudFront)
x-amz-cf-id: AYiv0VCfXj6vIo1gb6b5LTmAEqv4fpF0ibdNk5P3mb0XDUbGvCOqtg==
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2

200

activityi;dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome Show response
12688802.fls.doubleclick.net/ Frame EF3A
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome?
https://12688802.fls.doubleclick.net/activityi;dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2...

493 B
457 B

90ms
79ms

Document
text/html

142.251.39.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f6.1e100.net

Software

cafe /

Resource Hash

3c947a6bc8dc77cf37d5bbe5d609a2bba60344e52be32721dbf4ed8ef4cee13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1waypp.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 282
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:48:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:48:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amplitude-8.17.0-min.gz.js Show response
cdn.amplitude.com/libs/ 92 KB
27 KB 149ms
45ms Script
application/javascript 52.222.206.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
Requested by: Host: 1waypp.top
URL: https://1waypp.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6

Request headers

Referer: https://1waypp.top/
Origin: https://1waypp.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 00:01:12 GMT
content-encoding: gzip
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-version-id: wr63ICD3duh0Opi8j2KDhI34Ow38BHG0
x-amz-cf-pop: FRA56-P3
age: 121666
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27400
last-modified: Fri, 25 Mar 2022 19:53:18 GMT
server: AmazonS3
etag: "e5211b7cbee53b6912f07a1cd72a4582"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: qFoZSne8gs3G1GU3dKuc-wia8aLjsYgBgC4_i9FuxqklTewyLqO6-A==

GET
H2

200

activityi;dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame D4D8
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

554 B
481 B

108ms
87ms

Document
text/html

142.251.39.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7512114026635.013?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f6.1e100.net

Software

cafe /

Resource Hash

6909bf77db3d884087d9fde393e816142c0c7d5cdcb2ff4154315c55872a3292

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1waypp.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:48:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:48:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7512114026635.013?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 303ms
135ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 1waypp.top
URL: https://1waypp.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e920c8868829d751996c981a49d415d9a1abc190bc51cc719826441236231e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63c93a4b-12029"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73769
expires: Mon, 06 Feb 2023 10:48:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
78 KB 87ms
69ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

046c76867f598a45fe71919e3d2a9807480f8ea76646d0b297ff3f17f1bbe082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79851
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Feb 2023 09:48:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
241 B 102ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je3210&_p=26305419&cid=430929295.1675676937&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675676937&sct=1&seg=0&dl=https%3A%2F%2F1waypp.top%2Fbets%2Fhome&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:48:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1waypp.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome Show response
adservice.google.com/ddm/fls/i/ Frame 8368 492 B
659 B 215ms
86ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome

Requested by

Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa97ab3d33aaf9531c7326209706b62a081ef1427184c687d152bfc07cd9a5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:48:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame B65D 553 B
375 B 203ms
87ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7512114026635.013;~oref=https://1waypp.top/

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7512114026635.013?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e85a8dd96f0a523d24d2f67158286519933e1a372cf7435ef400849c0bcbe30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:48:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/92006234/
Redirect Chain

https://mc.yandex.ru/watch/92006234?wmode=7&page-url=https%3A%2F%2F1waypp.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A4011%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.ru/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1waypp.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A4011%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

435 B
518 B

74ms
74ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1waypp.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A4011%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A724864520916%3Ahid%3A334731756%3Az%3A0%3Ai%3A20230206094857%3Aet%3A1675676937%3Ac%3A1%3Arn%3A768662347%3Arqn%3A1%3Au%3A1675676937875670036%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C118%2C3059%2C1%2C636%2C0%2C%2C38%2C0%2C4328%2C4328%2C0%2C4132%3Aco%3A0%3Acpf%3A1%3Ans%3A1675676931743%3Arqnl%3A1%3Ast%3A1675676937%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ee455fc0d71d7c6c6cad21b6e1b33fb901fe9a3df733999ee8aa29ee00d90273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:48:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 06-Feb-2023 09:48:57 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1waypp.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Mon, 06-Feb-2023 09:48:57 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 09:48:57 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 06-Feb-2023 09:48:57 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1waypp.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A4011%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A724864520916%3Ahid%3A334731756%3Az%3A0%3Ai%3A20230206094857%3Aet%3A1675676937%3Ac%3A1%3Arn%3A768662347%3Arqn%3A1%3Au%3A1675676937875670036%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C118%2C3059%2C1%2C636%2C0%2C%2C38%2C0%2C4328%2C4328%2C0%2C4132%3Aco%3A0%3Acpf%3A1%3Ans%3A1675676931743%3Arqnl%3A1%3Ast%3A1675676937%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://1waypp.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 06-Feb-2023 09:48:57 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
113 B 490ms
489ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1waypp.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:48:57 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63c93a4b-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 06 Feb 2023 10:48:57 GMT

GET
H2 200 dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome Show response
adservice.google.nl/ddm/fls/i/ Frame 8F93 194 B
515 B 231ms
93ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/ddm/fls/i/dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNy85YTPgP0CFSXMOwIdFR0GjA;src=12688802;type=actio0;cat=allpa0;ord=1;num=8696068396636;gtm=45He3210;auiddc=60016726.1675676937;~oref=https%3A%2F%2F1waypp.top%2Fbets%2Fhome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:48:57 GMT
expires: Mon, 06 Feb 2023 09:48:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.nl/ddm/fls/i/dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG... Frame 6C41 194 B
150 B 231ms
94ms Document
text/html 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/ddm/fls/i/dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7512114026635.013;~oref=https://1waypp.top/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLe75YTPgP0CFdG0mgodyvoJRQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7512114026635.013;~oref=https://1waypp.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:48:57 GMT
expires: Mon, 06 Feb 2023 09:48:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1waypp.top/	1970-01-20 10:12:35	Name: visit_domain Value: 1waypp.top
1waypp.top/	1969-12-31 23:59:59	Name: core-sticky Value: http://10.233.97.208:80
1waypp.top/	1970-01-20 18:13:32	Name: 1w_lang Value: en
1waypp.top/	1969-12-31 23:59:59	Name: 1w_locale Value: 9
.1waypp.top/	1970-01-20 11:37:32	Name: _gcl_au Value: 1.1.60016726.1675676937
.1waypp.top/	1970-01-20 18:13:32	Name: _hjSessionUser_2606090 Value: eyJpZCI6IjVlYzhjMzBmLWUyNmMtNTc0Ny05Nzk2LTEyNjExOTk3MjlhOSIsImNyZWF0ZWQiOjE2NzU2NzY5MzcwNDMsImV4aXN0aW5nIjpmYWxzZX0=
.1waypp.top/	1970-01-20 09:27:58	Name: _hjFirstSeen Value: 1
1waypp.top/	1970-01-20 09:27:57	Name: _hjIncludedInSessionSample Value: 0
.1waypp.top/	1970-01-20 09:27:58	Name: _hjSession_2606090 Value: eyJpZCI6IjZiZjczODkxLWM1OGUtNDlhMS05ZWYyLWMxZTA3OTdhNDk1ZiIsImNyZWF0ZWQiOjE2NzU2NzY5MzcwNzUsImluU2FtcGxlIjpmYWxzZX0=
.1waypp.top/	1970-01-20 09:27:58	Name: _hjAbsoluteSessionInProgress Value: 0
1waypp.top/	1969-12-31 23:59:59	Name: _hjHasCachedUserAttributes Value: true
.1waypp.top/	1970-01-20 19:03:56	Name: _ga Value: GA1.1.430929295.1675676937
.1waypp.top/	1970-01-20 19:03:56	Name: _ga_548949LWLW Value: GS1.1.1675676937.1.0.1675676937.0.0.0
.1waypp.top/	1970-01-20 18:13:32	Name: amp_494ccc Value: lFGfq0rkTDxD7_FEpTYevE...1goj21r10.1goj21r10.0.0.0
.doubleclick.net/	1970-01-20 09:27:57	Name: test_cookie Value: CheckForPermission
.1waypp.top/	1970-01-20 18:13:32	Name: _ym_uid Value: 1675676937875670036
.1waypp.top/	1970-01-20 18:13:32	Name: _ym_d Value: 1675676937
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1196052831675676937
.yandex.ru/	1970-01-20 19:03:56	Name: i Value: 8A4gI7n2Y+82IxDEzs7AAquLD7IpW3Arc44ALYdCTOj8I9ecyIXYEAClbFt9YZOMQFXtH3Vg+uamicmK3emXcQSXtvg=
.yandex.ru/	1970-01-20 18:13:32	Name: yandexuid Value: 132387481675676937
.yandex.ru/	1970-01-20 18:13:32	Name: yuidss Value: 132387481675676937
.yandex.ru/	1970-01-20 18:13:32	Name: ymex Value: 1707212937.yc.1675676937#1707212937.yrts.1675676937#1707212937.yrtsi.1675676937
.1waypp.top/	1970-01-20 09:29:08	Name: _ym_isad Value: 2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://1waypp.top/bets/home Message: The resource https://1win-cdn.com/css/6610.4f034e44.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1waypp.top
1win-cdn.com
adservice.google.com
adservice.google.nl
api.lab.amplitude.com
cdn.amplitude.com
mc.yandex.ru
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.googletagmanager.com
108.156.60.31
142.251.39.6
151.101.130.132
18.65.39.37
18.65.39.42
190.115.19.101
2001:4860:4802:34::36
2606:4700:20::ac43:47db
2a00:1450:400d:803::2002
2a00:1450:400d:806::2002
2a00:1450:400d:808::2008
2a02:6b8::1:119
52.222.206.6
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
046c76867f598a45fe71919e3d2a9807480f8ea76646d0b297ff3f17f1bbe082
055ec6b37e2f453f754e9b762666f13808644029328b6b3d728ecf460fc77563
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
1044c52db2b5fb2415bb7b2161ce330982b737169ed5e0586de79167ed5f131a
13e5cf8e4ff7cad2989335c5bdc83c4418b1de11c93c329737dcd4d97015198d
1a57bf2f70b0f2d8895f235f3a2b1f53fee0f285d3206f47ac272f92ef49ea30
270fd7ec5b3a45c223ebd2f7740a48447e8d190b0ae2487cf6c4ddfc94cea1b6
27d65eee062c3ab4134936f30a3eeb527ca0d9a57757c9af6743d6c94399411b
305b57ab0a34ec27f240f50fc3244320833282babd1ae8d7caf5b21ade621565
317b23c0c68de40a09f524be5874131d6d06fb49bb45037a15575448dbd94852
3c947a6bc8dc77cf37d5bbe5d609a2bba60344e52be32721dbf4ed8ef4cee13d
3e85a8dd96f0a523d24d2f67158286519933e1a372cf7435ef400849c0bcbe30
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46628a441aecd1ebc9f784d76278463ea8eb9fa05b3ed7f062002f969d88bc51
49073903870a8bb345c24e632270bc480dde66725f0af85c66df5cb7269c4214
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5523f0aca6dd2b93fd327050842a07f999bc5e8e2f78fbfa935b8413f9809c7c
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
6608208ba0f8f0e1c21b44ea9d9e2b365aac164757596ba2f9b71ea2bd602958
6909bf77db3d884087d9fde393e816142c0c7d5cdcb2ff4154315c55872a3292
706faf901aff057e9010dce6ae5f8bc625c7a014c5a619ea4479d9500e6f36e7
759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca
7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6
8a2eec716594a088e751fb0238d964df99bbab6d347cd0ad8f61316ae4caa0b9
8c2d36f4db7efc19072c6badd9d2aba26578ad1458cf6b7f65b4319e993b4165
93b28330b05456496ae125f41c0a18353efd389d88c520bb747adbc7a309500d
952fc95c0b994becce7780ba0dfa5f7b8038ca1b56357258bd5bd73dbb2f554c
991d3406bc3df3c53ede6247bd54d1fb2fbf348da2b27b993b7ec4801664d2c1
9d426fdaff211928727e406be6f5c0831f2220c584a6ed35fc3ed931f6685ebc
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bd649c46cb24fcc4eda36cc6a685121e8a271875bd6acadb5dca1274ce0260ba
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d378c62dca05a5ebd32a4724469e685a2473c76ff496d86794499a018bfbdff0
d9e53b9b87f3ce93b8a698c69c216b115e7ebe744b7e06966c65518d4fc540c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aa44699f6b614d92047394ce220f841afb548cc5f1903a71222d2483f81bee
e920c8868829d751996c981a49d415d9a1abc190bc51cc719826441236231e32
ebab49b68577b689bab64e219e1dbc281f64e6fb98da9185fb088f8587dae613
ee455fc0d71d7c6c6cad21b6e1b33fb901fe9a3df733999ee8aa29ee00d90273
ef5c9522a13b286bb81bd4961c7659e72335f214bf1c16adbfa9fbd40ca2c72c
efdc0e9caf5e1b3f650e8ecd022ecd000bb070e1b0cf359eeb228603c325384b
f615ab12417ad4f7f8fb9d58a83c35087fdf0508b19577597d8c946f16da1bb8
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
fa97ab3d33aaf9531c7326209706b62a081ef1427184c687d152bfc07cd9a5c0

1waypp.top Open in urlscan Pro 190.115.19.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

98 %HTTPS

46 %IPv6

10 Domains

14 Subdomains

14 IPs

4 Countries

1596 kBTransfer

3844 kBSize

23 Cookies

0 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1waypp.top Open in urlscan Pro
190.115.19.101 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

46 %
IPv6

10
Domains

14
Subdomains

14
IPs

4
Countries

1596 kB
Transfer

3844 kB
Size

23
Cookies

48 HTTP transactions
1 data transactions