onevip1.win Open in urlscan Pro
2606:4700:3035::6815:5d23  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response onevip1.win/	54 KB 13 KB	685ms 511ms	Document text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash a013574fc651ef80844399f9469a58d1558ba077d4f8a755ebfc64281ee17453 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e1df7fbfbef72ad-EWR content-encoding zstd content-type text/html date Wed, 13 Nov 2024 10:09:52 GMT last-modified Tue, 12 Nov 2024 13:53:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhipFT5D%2BlP0%2BPc8W4hGaAHXUFLAfWqLjimodNhAeSF6Rz4vV%2B2Yk2uculgYCeg845nCgEkTvW70HLcvu%2Bvs8ndlOVaoPuGesc1JG07lZSyUoz80i9gg1ZgQZyWqrjkkIuy4vX3OmT444g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=21858&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4214&recv_bytes=4469&delivery_rate=585&cwnd=12000&unsent_bytes=0&cid=caa58827005d80f7&ts=604&x=1" cfHdrFlush;dur=0 vary Accept-Encoding x-powered-by ASP.NET
GET H3	200	baner.js Show response onevip1.win/	953 B 1 KB	521ms 516ms	Script application/javascript	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/baner.js Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 4c65403cf0ded1b70b834ee40b42c294832f76d79627e25ec7ae639842aa29d6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip cf-cache-status REVALIDATED etag "e5c46b9a4784da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZgzZgXkwIVz3R5pBF17b6aBkOBLYqCkuNDmqmPXrk1mRZynqp8xRbaO7R%2Fa3ERJKbxTB2GP8B7DzfQ1x%2BOlnO1QD%2BRNOS%2BCHUmf3Yz4Qf8SBhu35%2F%2F32rPIFfYux18ZHwxF2dMxRUWhSA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25348&sent=37&recv=25&lost=0&retrans=0&sent_bytes=29371&recv_bytes=6862&delivery_rate=302544&cwnd=12000&unsent_bytes=0&cid=caa58827005d80f7&ts=1488&x=1", cfHdrFlush;dur=16 date Wed, 13 Nov 2024 10:09:53 GMT content-type application/javascript last-modified Mon, 01 Apr 2024 15:16:42 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80188dc72ad-EWR accept-ranges bytes content-length 668 x-powered-by ASP.NET server cloudflare
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	399ms 85ms	Stylesheet text/css	2607:f8b0:4006:823::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4c2ff4dee068491550897e54cdd19b8b0c8152cfb97f3261863ac83940662bb6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 13 Nov 2024 10:09:53 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 10:09:53 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 13 Nov 2024 09:26:04 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	bootstrap.min.css onevip1.win/vendor/bootstrap/css/	150 KB 35 KB	551ms 548ms	Stylesheet text/css	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/vendor/bootstrap/css/bootstrap.min.css Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip cf-cache-status REVALIDATED etag "06339f08683da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ae9Tdw5Sq7Jkx%2BH7SP4z0ENXIE2SJiRy3iTb8T1GYdMBgIp%2BfvEGa7EStRYR%2F6CJq7l9SHKdFtmDFvVgE97zZF2RCIfVFEt7ho18KyBYr0xpEVSrf0WlAqAnrFWLHue2Vr7QVb117oli8g%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25745&sent=57&recv=30&lost=0&retrans=0&sent_bytes=50971&recv_bytes=7077&delivery_rate=24698&cwnd=21600&unsent_bytes=0&cid=caa58827005d80f7&ts=1507&x=1", cfHdrFlush;dur=22 date Wed, 13 Nov 2024 10:09:53 GMT content-type text/css last-modified Sun, 31 Mar 2024 16:17:34 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80188dd72ad-EWR accept-ranges bytes content-length 35084 x-powered-by ASP.NET server cloudflare
GET H3	200	all.min.css onevip1.win/vendor/fontawesome-free/css/	55 KB 15 KB	492ms 488ms	Stylesheet text/css	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/vendor/fontawesome-free/css/all.min.css Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip cf-cache-status REVALIDATED etag "06339f08683da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLhZkvTrq%2B3oXdzKW74tyTwn59k%2FzK0LGKtl4zLx3XVmAdk7rwj9hHU0JFiPEATSYuoc3geBa5kLO2HAPNJXo0OaJolZUDNGG1oJvTFvwvvZpyX5cwcVG8PDDzqUvElm8H5lwf3NLsDmqg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25348&sent=27&recv=25&lost=0&retrans=0&sent_bytes=17371&recv_bytes=6862&delivery_rate=302544&cwnd=12000&unsent_bytes=0&cid=caa58827005d80f7&ts=1478&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:53 GMT content-type text/css last-modified Sun, 31 Mar 2024 16:17:34 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80188de72ad-EWR accept-ranges bytes content-length 14886 x-powered-by ASP.NET server cloudflare
GET H3	200	style.min.css onevip1.win/build/	50 KB 15 KB	550ms 547ms	Stylesheet text/css	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/build/style.min.css?v=2.16.70 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash cbb1b2208e128bdb5a826aedc98fac78aad95d53e9b02afcbc6df5e19ea6df67 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip cf-cache-status REVALIDATED etag "06339f08683da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nugh6G1x9wWH74M9qWbj%2FpG3VHLDOGpSHk7%2BduzHoq1s2o0Yw2qQUHgjM%2B4uNgHbQeCpOPFlLwsGOtO17F9RtMFDtLcENwCxvpTbpGFm9byb9w2Wzg0T9RqbMcu%2B7SHdUrWGXmxP1OFYzg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25745&sent=57&recv=30&lost=0&retrans=0&sent_bytes=50971&recv_bytes=7077&delivery_rate=24698&cwnd=21600&unsent_bytes=0&cid=caa58827005d80f7&ts=1507&x=1", cfHdrFlush;dur=22 date Wed, 13 Nov 2024 10:09:53 GMT content-type text/css last-modified Sun, 31 Mar 2024 16:17:34 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80188e072ad-EWR accept-ranges bytes content-length 15030 x-powered-by ASP.NET server cloudflare
GET H3	200	apphd.min.js Show response onevip1.win/build/	123 KB 45 KB	518ms 514ms	Script application/javascript	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/build/apphd.min.js?v=2.16.16 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 8f02d3507ef1ed51776fad74653aba8b83a249bd8335c065d6323f14b2008833 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip cf-cache-status REVALIDATED etag "496188ee9886da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YlvQV8mfj1GOSy5CVlF89xY9CPJIryo0nqsKSDtomqpxKy0ZKKMGkw%2Fzc3N4kPJAUiBvYBkh3A0bgj%2BMAdbk%2BGqNlXdBN8sq33Bhs8W5wAqqoq%2FADwAe0icoHAjeBIpF3AGjr1cB%2BSpchg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25348&sent=37&recv=25&lost=0&retrans=0&sent_bytes=29371&recv_bytes=6862&delivery_rate=302544&cwnd=12000&unsent_bytes=0&cid=caa58827005d80f7&ts=1495&x=1", cfHdrFlush;dur=9 date Wed, 13 Nov 2024 10:09:53 GMT content-type application/javascript last-modified Thu, 04 Apr 2024 14:03:55 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80188e172ad-EWR accept-ranges bytes content-length 45787 x-powered-by ASP.NET server cloudflare
GET H3	200	telegram.png onevip1.win/images/	161 KB 162 KB	1003ms 999ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/telegram.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash d905030e80916ce7a04fbc0bb219e2df838019de3800cd5a8c177a88796bf074 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "675e9a518b83da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DpQxZYFdA6yvDMkJu9OomG1fGm52RV326%2BkmrlmGAahqOMrNMee49dg9ULafm8ShswRKnGzQ8P9RnBbF0Pz1SONF2vVSjAtSmGCeYU6rs2rnyngQiAWe3YzBUacI9cqWtVycv7PDA3XXeg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32024&sent=177&recv=107&lost=0&retrans=0&sent_bytes=183782&recv_bytes=20544&delivery_rate=132697&cwnd=64800&unsent_bytes=0&cid=caa58827005d80f7&ts=1987&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:53 GMT content-type image/png last-modified Sun, 31 Mar 2024 16:48:55 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80188e272ad-EWR accept-ranges bytes content-length 164717 x-powered-by ASP.NET server cloudflare
GET H3	200	facebook.png onevip1.win/images/	161 KB 162 KB	994ms 991ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/facebook.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 70a6d77eb3a4d631bc3bd0a35ac9a2a8123a0899a9c3f5df54225f3effeb8361 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "e71a91e78a83da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LgaErT87EmszYryVmxBGDhqZ1wXDfzNtn22y6nfCOHC7RwcaBKjZ63N%2BTmhgbtW6oo83hlK%2Bj7ewCFzrEH6lk6p%2Fx%2BcQtgUll%2FYZ1EIScfFo1%2FGDPiprhCxSo%2BoNvx21acuutf1aDgXBqQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=29499&sent=136&recv=104&lost=0&retrans=0&sent_bytes=134903&recv_bytes=20412&delivery_rate=984972&cwnd=64800&unsent_bytes=0&cid=caa58827005d80f7&ts=1948&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:53 GMT content-type image/png last-modified Sun, 31 Mar 2024 16:45:57 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80188e372ad-EWR accept-ranges bytes content-length 165357 x-powered-by ASP.NET server cloudflare
GET H3	404	logo-lazy.png onevip1.win/images/	1 KB 1 KB	559ms 535ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/logo-lazy.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BWWt0cYkZA7FtdghgY1psrDzhF6DC6FSYLb4bPzs0rzYV40rJeRkaNQ7VVrZnjylZk9mNao9VWkbsfD5mzKUete%2Fq0ngPUDl6rQLDXcjkEdfngxxGe34RT6Jr7YRMx11nfm7%2FaMeuFb5YQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805ec5872ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32760&sent=259&recv=112&lost=0&retrans=0&sent_bytes=280706&recv_bytes=20768&delivery_rate=164898&cwnd=64800&unsent_bytes=0&cid=caa58827005d80f7&ts=2193&x=1", cfHdrFlush;dur=11 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	slogan-lazy.png onevip1.win/images/	1 KB 1 KB	517ms 493ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/slogan-lazy.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mMSjPXcpP9KOFaesxZoZ5UfObqps1RX%2F52O3W36ft2T0sAdKq0kh%2FtOiTiBlfdgUPMUXVZpCPKHeuYd5iZLCdlQ%2FmaGNktXtfPdBJa2SbBtxEUObUxjW%2BZqyHFFdNCBGbAsIR19Mhnx0sQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805ec5972ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32760&sent=204&recv=112&lost=0&retrans=0&sent_bytes=215906&recv_bytes=20768&delivery_rate=164898&cwnd=64800&unsent_bytes=0&cid=caa58827005d80f7&ts=2177&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	200	slogan.png onevip1.win/images/	66 KB 66 KB	993ms 969ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/slogan.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash bd4184ba392c0b1c77d5eed77176124b48397af3fc143a0fabb68c53c90b0444 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "d28563986d86da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDbmNwkgz6V2IcZ3U7AamgX1hXARnG8jKOLN06K87JA2heFfaWHJTh6wOCkYb6m9tvaCZDk%2BhnQvYeaQVwKfXOfgIjYXyeXuoLhz9f5Rt%2BctHsVlJsXb8tS6bGKKB8uOIi7P2tKqHA%2Fo7w%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=26535&sent=809&recv=192&lost=0&retrans=0&sent_bytes=905979&recv_bytes=32296&delivery_rate=3154834&cwnd=266700&unsent_bytes=0&cid=caa58827005d80f7&ts=2642&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/png last-modified Thu, 04 Apr 2024 08:53:42 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805ec5b72ad-EWR accept-ranges bytes content-length 67099 x-powered-by ASP.NET server cloudflare
GET H3	404	banner-center.png onevip1.win/images/	1 KB 1 KB	620ms 596ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/banner-center.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHV3Lj5j4fHQSgtG14kwtCqW97odG3M3J0xpYHHhfLE75TzA8ekFzg0wOby3FTbu%2FgAijQ3zNtaVcOnBkakeHlcH%2BTVkPkyj4lBP76bgF2Z%2Bchca1n3eKZujx1yeG4mhllFMi%2BnLBw3d7w%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805ec5d72ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32760&sent=259&recv=112&lost=0&retrans=0&sent_bytes=280706&recv_bytes=20768&delivery_rate=164898&cwnd=64800&unsent_bytes=0&cid=caa58827005d80f7&ts=2190&x=1", cfHdrFlush;dur=14 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	banner-center-mobile-lazy.png onevip1.win/images/	1 KB 1 KB	617ms 593ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/banner-center-mobile-lazy.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AWhQxRtc0VtCMFZ%2Bn7ptNLDxWnP80Pd7XGQQwYV6%2FZ12DbStnoaQwSfi65AXkKeeFOIN%2FStXMnfT8Jf12IO37fIX7%2FlVe7OmkDNpkH%2FovDXbfb7AW7RC%2F55YfMi6ZmZmgyRPH%2F9aenVADg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805ec5e72ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32760&sent=259&recv=112&lost=0&retrans=0&sent_bytes=280706&recv_bytes=20768&delivery_rate=164898&cwnd=64800&unsent_bytes=0&cid=caa58827005d80f7&ts=2189&x=1", cfHdrFlush;dur=15 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	line-lazy.png onevip1.win/images/	1 KB 1 KB	614ms 594ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/line-lazy.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3VLN59V7P3FmPuNSH1A1QCDnziqQ1npClzgRTzsxGUfH4QHFCak5RpKC%2FQl0p4iVPQdv2EnX%2F5DprBUDQSQbrd6xvpSHCCrBWhEz0coSD8mmkHLvNfZIj7h2CIkhcw4kG6ilqOUtkWovKA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805fc6072ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32760&sent=259&recv=112&lost=0&retrans=0&sent_bytes=280706&recv_bytes=20768&delivery_rate=164898&cwnd=64800&unsent_bytes=0&cid=caa58827005d80f7&ts=2193&x=1", cfHdrFlush;dur=11 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	playweb-lazy.png onevip1.win/images/	1 KB 1 KB	614ms 594ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/playweb-lazy.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RO8XbB63oXcR8UX%2Fsc0e3iXjfu8lOJIe41blDeSgs3hYRWTWUEaPAjbu1e1HD7Lkjpf4ckw4oitBtnweSxqGAnTR%2By9Xx3rypju2toSyMKw6vh9u2wKwSiNh%2BKEIGcvvYKn9jMWBmOxJNA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805fc6172ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32760&sent=259&recv=112&lost=0&retrans=0&sent_bytes=280706&recv_bytes=20768&delivery_rate=164898&cwnd=64800&unsent_bytes=0&cid=caa58827005d80f7&ts=2203&x=1", cfHdrFlush;dur=1 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	btn-1111-lazy.png onevip1.win/images/	1 KB 1 KB	614ms 595ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/btn-1111-lazy.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0VXau1e2NCbSSEXRAVOrLV9dU4%2Bb2HsLbvhjWdmMY5KKea0pytqL0pNl39pcydwKXC1qISOW9qMFl6RR%2FZU1QU6RcGx%2FwTUhCy%2BG8oRtUA1ahkJAlg08%2BFGw%2BAk3ITJqhX7SjujUNs%2FDOg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805fc6272ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32760&sent=259&recv=112&lost=0&retrans=0&sent_bytes=280706&recv_bytes=20768&delivery_rate=164898&cwnd=64800&unsent_bytes=0&cid=caa58827005d80f7&ts=2194&x=1", cfHdrFlush;dur=10 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	bg-thank-lazy.png onevip1.win/images/	1 KB 1 KB	611ms 595ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/bg-thank-lazy.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yrAzqQW%2B7vxmn%2F3ZD69%2BmiLbKewmm%2FaYMUdd%2B6QgcHE3ApCtLlySj4iuxD%2Fr8g1G3Xv4aZUm5EtYCjljrt07%2FMR%2Fzv65WsOuOkVmKEnQ24xRlwWpe21fQ4HR8kR1Zx71XBFt0VRKYwg8EQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805fc6372ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=31466&sent=299&recv=114&lost=0&retrans=0&sent_bytes=326445&recv_bytes=20858&delivery_rate=845388&cwnd=87600&unsent_bytes=0&cid=caa58827005d80f7&ts=2210&x=1", cfHdrFlush;dur=5 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	btn-dl-lazy.png onevip1.win/images/	1 KB 1 KB	617ms 600ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/btn-dl-lazy.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9exJLE1KPwcc85wlMCvZ%2BY7ZgT8o72XoaLQoO8BOZfqiiFAAErvO%2BhNJqievlF%2F35If4Wrme5aVZC67A%2FZU94paq6BOdz39Sje05y2Kmkr8weNyRHT4vaU4yUG9CXmB%2FXVWe3Y%2F%2BHaEIBg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805fc6572ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32760&sent=259&recv=112&lost=0&retrans=0&sent_bytes=280706&recv_bytes=20768&delivery_rate=164898&cwnd=64800&unsent_bytes=0&cid=caa58827005d80f7&ts=2203&x=1", cfHdrFlush;dur=1 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	200	line.png onevip1.win/images/	504 B 1 KB	617ms 600ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/line.png?v=1.5.2.22 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 2d70d93d5d64fe7813fe7c7095599a532d473653171d583d3088b9ec5c3cc5f8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "06339f08683da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1g0WMMxGxmD%2FQQ%2FcayMj0%2BxlRwjvSldvlJ7OLTjmEl9tOuNHIdxIBt5AWP5bTmw83qcoSg3oEbwldAGNU91q0hGvoDoRoG4zD2Ks1BprkEshYXLqq3GUnyrRYM7Xh8MxXBLZY0hIEJfOiA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=31466&sent=299&recv=114&lost=0&retrans=0&sent_bytes=326445&recv_bytes=20858&delivery_rate=845388&cwnd=87600&unsent_bytes=0&cid=caa58827005d80f7&ts=2212&x=1", cfHdrFlush;dur=3 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/png last-modified Sun, 31 Mar 2024 16:17:34 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc6672ad-EWR accept-ranges bytes content-length 504 x-powered-by ASP.NET server cloudflare
GET H3	200	image10.jpg onevip1.win/images/seo/	381 KB 381 KB	1020ms 1004ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/seo/image10.jpg Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash d292efd2fe496834775220d9c2f75983d535bced31a31cc285b9f4390985ec46 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "914cc688d484da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1SmLVCUj8VcE9af64Ykla8eAS1upBfQdrTvuvH%2F7LLsIqbWbXFQucM8HUztFJRerHJL4ga14VgMPnTdUh%2FVAdDVubnYB%2FiYgeMsDswqPCIRI%2FoSHWiIyndAQ0DXWPwPFRzKaTutSgU%2Fyg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24641&sent=1016&recv=198&lost=0&retrans=0&sent_bytes=1152781&recv_bytes=32560&delivery_rate=1895626&cwnd=266700&unsent_bytes=0&cid=caa58827005d80f7&ts=2663&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/jpeg last-modified Tue, 02 Apr 2024 08:05:32 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc6772ad-EWR accept-ranges bytes content-length 389719 x-powered-by ASP.NET server cloudflare
GET H3	200	image9.jpg onevip1.win/images/seo/	437 KB 438 KB	1031ms 1015ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/seo/image9.jpg Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 65b155d497026c8bd060180c9248e296b4fd64b32febd72528bf87996db5a6f3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "4c9bd68d4484da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbty%2Bg8dHsg2PddxDG2svoQec78vLHY9rLAPDNAvo3e0Sp3A5NQOYKfS7NGoV3K8qy7dGKgMnoVwhygphBOmE4KiOgefZaSS2II4p9FhoVGdIVl4Hc9SyzUKzF97RM%2BSkOWr%2FJbaSeSDcw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25159&sent=1142&recv=204&lost=0&retrans=0&sent_bytes=1299879&recv_bytes=32829&delivery_rate=3929090&cwnd=332700&unsent_bytes=0&cid=caa58827005d80f7&ts=2677&x=1", cfHdrFlush;dur=2 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/jpeg last-modified Mon, 01 Apr 2024 14:54:53 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc6972ad-EWR accept-ranges bytes content-length 447677 x-powered-by ASP.NET server cloudflare
GET H3	200	banner.png onevip1.win/images/seo/	1 MB 1 MB	1053ms 1038ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/seo/banner.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash fad969e13d90d5e77b42e715f731cd63c0066c5aad6a57a2453db681498fd1f8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "af0b27bd684da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dOx584pbnIROrGnzYXOCay3piyJ5E0BvQeCtZAne8gYsrb3CSXRvJw1czihfS34BCgWyQI8Z8A%2B4cZ2sfdjPmEDuQ%2BI%2FQwomRkpP2VQFZf0cM24cCv1xG7vxd%2FMkNQAXirXvwrcNnPQfrQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25159&sent=1142&recv=204&lost=0&retrans=0&sent_bytes=1299879&recv_bytes=32829&delivery_rate=3929090&cwnd=332700&unsent_bytes=0&cid=caa58827005d80f7&ts=2679&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/png last-modified Tue, 02 Apr 2024 08:19:29 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc6b72ad-EWR accept-ranges bytes content-length 1272663 x-powered-by ASP.NET server cloudflare
GET H3	200	image3.jpg onevip1.win/images/seo/	444 KB 445 KB	977ms 966ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/seo/image3.jpg Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 3627af9cee5816e11687d011c6c28ebf7d5e970a95c4da6ff049cb8b1e3f3a16 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "7caeca94584da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GsfmMU85sTci0PXPwtsdfDey62iDtCWyrn5yCE0ZsHMXn7R40GenBoithuKmXn4L6g34cv9Y0WkFMZ2d%2Fv7U5tMBAyW%2BmuwJTPv8kl%2FqcTyceHXjOF%2FDbxYWeNFEmbIrxV9i4%2Bd4EA%2BFdA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=26535&sent=867&recv=192&lost=0&retrans=0&sent_bytes=975224&recv_bytes=32296&delivery_rate=3154834&cwnd=266700&unsent_bytes=0&cid=caa58827005d80f7&ts=2647&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/jpeg last-modified Mon, 01 Apr 2024 15:02:48 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc6d72ad-EWR accept-ranges bytes content-length 454967 x-powered-by ASP.NET server cloudflare
GET H3	200	image11.jpg onevip1.win/images/seo/	351 KB 352 KB	997ms 986ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/seo/image11.jpg Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 85463161b21bd345c06d82bc4bbab02a9b3906c9fce66b7a7a2eeab3c0ea0c45 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "b046d7724484da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9xoFS%2FnY1f%2B1Zo2ZdpXXWUPlky7shz0L54CqeXi%2FF6CqW2UKQmq%2BabtdsdCQGKZpTXXEAJ%2FqwpqcwrDrTNUx9NPE5OZUW1GXfU3LwNXvd6DbN4cqCc9fnsGusE8xEwcVEb%2Bo62GS2aTew%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24641&sent=921&recv=198&lost=0&retrans=0&sent_bytes=1039531&recv_bytes=32560&delivery_rate=1895626&cwnd=266700&unsent_bytes=0&cid=caa58827005d80f7&ts=2659&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/jpeg last-modified Mon, 01 Apr 2024 14:54:08 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc6e72ad-EWR accept-ranges bytes content-length 359304 x-powered-by ASP.NET server cloudflare
GET H3	200	image5.jpg onevip1.win/images/seo/	381 KB 381 KB	1002ms 990ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/seo/image5.jpg Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 37e40bf70a9efc87330e1df858622a553f3eef3623ac9f9f3b87fb655c63f60f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "7667df24484da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mS8tozuZiJGrYjm4YAQ5JnIylrY8HBeRdQA%2Ffo3nWvAjD%2FTsSKb9uIC7FNp%2BU48yg3sMDxQFE5rIHKuSxpBHgE2rOHYdv3gUWMmn8p%2BPavGkmwKdAyaIYa03lVgZsu%2B76YCrwe9UqAgsDA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24641&sent=962&recv=198&lost=0&retrans=0&sent_bytes=1088472&recv_bytes=32560&delivery_rate=1895626&cwnd=266700&unsent_bytes=0&cid=caa58827005d80f7&ts=2662&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/jpeg last-modified Mon, 01 Apr 2024 14:57:42 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc7072ad-EWR accept-ranges bytes content-length 389856 x-powered-by ASP.NET server cloudflare
GET H3	200	image6.jpg onevip1.win/images/seo/	493 KB 494 KB	981ms 970ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/seo/image6.jpg Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e360122007911cf1d1dad6d71e348cb544d46354a30f20f53b12b36be4f6825e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "1e2bf6d4984da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vh9%2BL40dAz1iM83K%2FKe7W84pl0sCwbs1PXqjckJ819Y%2FsDdnOi5S6QBknbrdLWy3Qi8UOEhI3gQVnWtCe0%2BtxC9vVtCSoYQFSdoLeDKdcDZIhF8NYw4%2FBY0%2Fa4ANiZ6BiOPHgRsejZJmUA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25793&sent=894&recv=193&lost=0&retrans=0&sent_bytes=1007378&recv_bytes=32340&delivery_rate=37988&cwnd=266700&unsent_bytes=0&cid=caa58827005d80f7&ts=2653&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/jpeg last-modified Mon, 01 Apr 2024 15:29:46 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc7172ad-EWR accept-ranges bytes content-length 504625 x-powered-by ASP.NET server cloudflare
GET H3	200	image7.jpg onevip1.win/images/seo/	455 KB 455 KB	1033ms 1022ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/seo/image7.jpg Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash fa15e1da0911c77f183fb396ccf7637c6949952d8fa284621925dded048f9d28 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "f83f47894984da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ixWlD0CVxO7yqyO3wHUV1LdB5t2S2E1cqQw%2BZ7PiGtrPNUaw23GAiB0w%2FK9dlM9b%2Fe%2BG2yVAn60l2cnXvauV0w97rO1wW9kj0Jig8Yxp8aE6R5Xdc%2BE%2FO8eyyb6PZFu7Dc5fszQunmNug%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=27913&sent=1261&recv=211&lost=0&retrans=0&sent_bytes=1439431&recv_bytes=33144&delivery_rate=3812864&cwnd=390300&unsent_bytes=0&cid=caa58827005d80f7&ts=2690&x=1", cfHdrFlush;dur=11 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/jpeg last-modified Mon, 01 Apr 2024 15:30:33 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc7272ad-EWR accept-ranges bytes content-length 465575 x-powered-by ASP.NET server cloudflare
GET H3	200	image2.jpg onevip1.win/images/seo/	303 KB 304 KB	1009ms 998ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/seo/image2.jpg Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 408f8df3476aaff315b8fec6a532d636d6d52b857746bede9442092ef3337228 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "3b47779cd884da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uhFQRMXTQTppDK22ZQxiih0zZhWm9IWuN%2BX6kPu2cMfljnTu0ddQsPEgXP23X9BD%2FbiywBWovt8ifHUpXDNtos40q%2FVx4XGtoc2GuAC%2FvqYx7A6mrhuiafjjIelapG9wh4v1TVcXGJn%2FKg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24641&sent=989&recv=198&lost=0&retrans=0&sent_bytes=1120628&recv_bytes=32560&delivery_rate=1895626&cwnd=266700&unsent_bytes=0&cid=caa58827005d80f7&ts=2663&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/jpeg last-modified Tue, 02 Apr 2024 08:34:43 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc7372ad-EWR accept-ranges bytes content-length 310389 x-powered-by ASP.NET server cloudflare
GET H3	200	image4.jpg onevip1.win/images/seo/	229 KB 230 KB	1030ms 1020ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/seo/image4.jpg Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 91d5bb365ebecf2d13249aad4714a9d03b6b17d61629598a65e0a62f32e30f84 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "1c37e8ca4584da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2FertljvsrBph4bN1IpFkC1zTm0Vyn4aqMKBHDVLTqDJ9yXia68PA6LSN75WSseau1fGs7g0ULzFIZCQBB9cUvfnQ0VwlG8Fe5WQJPx38kNSJcd1o7WguEqFrSClmExq3aB6dId%2FI1WNGg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=27913&sent=1226&recv=211&lost=0&retrans=0&sent_bytes=1397652&recv_bytes=33144&delivery_rate=3812864&cwnd=390300&unsent_bytes=0&cid=caa58827005d80f7&ts=2686&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/jpeg last-modified Mon, 01 Apr 2024 15:03:45 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc7472ad-EWR accept-ranges bytes content-length 234366 x-powered-by ASP.NET server cloudflare
GET H3	200	banner1.jpg onevip1.win/baner/	109 KB 110 KB	951ms 940ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/baner/banner1.jpg Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 661e97bdb5ea14a10a59034794a8816f8428ea69d21be85a90e4b41f79fd0276 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "a7c84404884da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w1CoqaYV3gqN97uu4O75UjTwPp8LjQ%2FKo0Ge56Q8PwnDfrDpLdmW4SPlSOZjzWkDeD7xLWKmP%2FjxXK38aZVfXuEfeCiuY76L5QHCZuIbLF6XtiM4LnQyo6FuaBt%2BjuXJjHK9aIRBx2aMNA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=26535&sent=754&recv=192&lost=0&retrans=0&sent_bytes=840300&recv_bytes=32296&delivery_rate=3154834&cwnd=266700&unsent_bytes=0&cid=caa58827005d80f7&ts=2632&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/jpeg last-modified Mon, 01 Apr 2024 15:21:21 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc7772ad-EWR accept-ranges bytes content-length 112079 x-powered-by ASP.NET server cloudflare
GET H3	200	banner0.png onevip1.win/baner/	190 KB 191 KB	1039ms 1029ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/baner/banner0.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 4e01387bf64194b089f2ee7495138aa60cbf91bb8be83933c0edb5fa8f86c008 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "54ba6dfb1284da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P1AsosS32BNh%2FQ8HoZQA0dnmZNLTtexoAndmV2PXIddW4DaxAS4VBO4L2eXX8LSJmXlSro7YTwrTM7Fbj%2BD0RthmBrCu58jLKvjJPghXEe%2FSSTQSo1JG%2BE9dP4pIX1ajRdpcLBoYl4HYhQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=37080&sent=1363&recv=218&lost=0&retrans=0&sent_bytes=1561330&recv_bytes=33464&delivery_rate=5845371&cwnd=445500&unsent_bytes=0&cid=caa58827005d80f7&ts=2708&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/png last-modified Mon, 01 Apr 2024 09:00:02 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc7872ad-EWR accept-ranges bytes content-length 195007 x-powered-by ASP.NET server cloudflare
GET H3	200	banner2.jpg onevip1.win/baner/	143 KB 144 KB	1024ms 1014ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/baner/banner2.jpg Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 675052fb3116f4732c1d154a9cc0bcbd64444e2e2841e52d9b80abadae96b8d0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "12ff715f4884da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZTKD9BwcSW1xSlPmcXnLNHmfckuTfody2RIKCfeWWntiKq62Q8UJE94ZYdPqvw1GYCy%2F8NSh0e3GR8Bn%2FGYh7Z7KlSj2Wm4LZgaYAOT4xYkP%2F%2BDZGrIwCSInQg%2B06h3tT83IJAWn7r9aNw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23945&sent=1081&recv=201&lost=0&retrans=0&sent_bytes=1227879&recv_bytes=32694&delivery_rate=2814507&cwnd=296700&unsent_bytes=0&cid=caa58827005d80f7&ts=2667&x=1", cfHdrFlush;dur=2 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/jpeg last-modified Mon, 01 Apr 2024 15:22:13 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc7972ad-EWR accept-ranges bytes content-length 146250 x-powered-by ASP.NET server cloudflare
GET H3	200	banner4.jpg onevip1.win/baner/	113 KB 113 KB	1012ms 1002ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/baner/banner4.jpg Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 3e172bbd23d9e493f36b93c036bd6f83d3bafd54b183d52a5001cb9d9d37d6bb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "df17c15e1284da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AL2hFTbwJ9y2UGuEcTs%2B48LjanGSQPe7h4UNndmfGqoeuE2BxH9zo1DlX5Y4vCV6JYZF4em30WLO9JjHr%2Ft%2FHgQ7f34ctMhEuU9grBtHVZ7kbxNSBJrIQOfRYKvpV98GXlZmkZxKmoSpMA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24641&sent=1029&recv=198&lost=0&retrans=0&sent_bytes=1168200&recv_bytes=32560&delivery_rate=1895626&cwnd=266700&unsent_bytes=0&cid=caa58827005d80f7&ts=2663&x=1", cfHdrFlush;dur=2 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/jpeg last-modified Mon, 01 Apr 2024 08:55:39 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc7a72ad-EWR accept-ranges bytes content-length 115411 x-powered-by ASP.NET server cloudflare
GET H3	404	icon-close-lazy.png onevip1.win/images/	1 KB 1 KB	603ms 593ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/icon-close-lazy.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0uUH7QWpiov1ZAhpsEGRdzwC8EjH1tA1n7fIMJBqCrDr4OxZsLkR9mSK28IFxZ%2FEqQL9dWCad3skzF3yQKyI%2BYVTNc0nrnsEWqB4mURslWHFJkO9YAA9CCCcVCDeGqo75z9ni%2BY4O2sEg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805fc7b72ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=33654&sent=350&recv=118&lost=0&retrans=0&sent_bytes=386006&recv_bytes=21039&delivery_rate=2388123&cwnd=105300&unsent_bytes=0&cid=caa58827005d80f7&ts=2220&x=1", cfHdrFlush;dur=10 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	tab.png onevip1.win/images/	1 KB 1 KB	603ms 594ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/tab.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yEKw9Nq8HUjNG7xMiSTUcFykyFn9%2FJGeDz0zczMP4f%2BG3WP7RhxfXIxOI1bRECBwr6j6O3F78LZeXUcjteR69s2ToAsm%2B2aH%2B9lINv7u%2BDEULl6koe0FPp99Q%2FEgNlDKTCX%2FUMW8ZVjJkA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805fc7d72ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=33654&sent=350&recv=118&lost=0&retrans=0&sent_bytes=386006&recv_bytes=21039&delivery_rate=2388123&cwnd=105300&unsent_bytes=0&cid=caa58827005d80f7&ts=2218&x=1", cfHdrFlush;dur=12 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	girl-lazy.png onevip1.win/images/	1 KB 1 KB	605ms 596ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/girl-lazy.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5Fk97cnew7M4aer%2BkBNtlPYbx5zzR8QeNk1JOl4LIMMt51tdvVyz4BtRb5gNX9iOMDGwOuHX0pWJqZw%2FEjOuxYvJliMUgreHc9XG5XdEUhkNXMdMlk7rxnajsmi6vDbgSZqnhKrY4cOWQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805fc7e72ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=31466&sent=299&recv=114&lost=0&retrans=0&sent_bytes=326445&recv_bytes=20858&delivery_rate=845388&cwnd=87600&unsent_bytes=0&cid=caa58827005d80f7&ts=2210&x=1", cfHdrFlush;dur=5 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	title-modal-content-lazy.png onevip1.win/images/	1 KB 1 KB	610ms 601ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/title-modal-content-lazy.png Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qk0RKk%2BHgnujYc5Je0VqXpp7O7eBZ9YbMStUoZHDsq4JTEIcbF4xu%2BFMoFaIuhwMkMvnfz1hxDxPpgO19iZ0tF1%2BubzClkMBZXYwWBBGsIdtjcAL7hT7wSC1UMjMmmo7DtoV%2BI5MzLn1OA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805fc7f72ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=33654&sent=350&recv=118&lost=0&retrans=0&sent_bytes=386006&recv_bytes=21039&delivery_rate=2388123&cwnd=105300&unsent_bytes=0&cid=caa58827005d80f7&ts=2216&x=1", cfHdrFlush;dur=14 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	200	banner-qc.png onevip1.win/images/	198 KB 199 KB	1034ms 1024ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/banner-qc.png?v=1.5 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 4d287a37f864e93b4653e0232975ad230f3f8444845f486f1a764a4d883731ab Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "06339f08683da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUWJhsgBFmIjGsLkTeIEtRVOPlrVYHi8pXYvV3nnCENfykqAw7rPGQF3db1gEXbG7jMDIKU889CCm53TmiiyBSFRrZByoPXm3PwRFvWhzhv4LGigSd6rylq%2Fhk58%2BaMCCKazHxFH23VWEA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=27913&sent=1261&recv=211&lost=0&retrans=0&sent_bytes=1439431&recv_bytes=33144&delivery_rate=3812864&cwnd=390300&unsent_bytes=0&cid=caa58827005d80f7&ts=2692&x=1", cfHdrFlush;dur=9 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/png last-modified Sun, 31 Mar 2024 16:17:34 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc8072ad-EWR accept-ranges bytes content-length 202820 x-powered-by ASP.NET server cloudflare
GET H3	200	loading.gif onevip1.win/images/	2 KB 2 KB	610ms 600ms	Image image/gif	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/loading.gif Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 5ade47c7bfe9cb00a16c8b4fa265aa07e8fa676f051e23d1d8a4fbfdb86fef1b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "06339f08683da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HN%2FM6s1FkNLFP2585WY9ggl8loSZLq41VAbmoXmeIqX1Vm%2BHdEF3RyxT2SRGj67s0QVff7n9NqOw78ieOmU1RlQk9%2BFtzCLkhnGTrCnnCtULYC4NGVZrF4ZnkgVBURPnVG5aC4nEvfQYGw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=33654&sent=350&recv=118&lost=0&retrans=0&sent_bytes=386006&recv_bytes=21039&delivery_rate=2388123&cwnd=105300&unsent_bytes=0&cid=caa58827005d80f7&ts=2220&x=1", cfHdrFlush;dur=10 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/gif last-modified Sun, 31 Mar 2024 16:17:34 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc8172ad-EWR accept-ranges bytes content-length 1635 x-powered-by ASP.NET server cloudflare
GET H3	200	app.min.js Show response onevip1.win/build/	764 KB 240 KB	559ms 535ms	Script application/javascript	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/build/app.min.js?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 04db771cab207ebf42b9e4264b027286b2ed472f35b5c23df2aebd3824165918 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag "488573e8a35db1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mFlGi02hBDWL0egkttuEx0aA62DY83hTTFmcwY37E8khYtSii9RXtnAiTsi7MlGqu7kSWyT8esxNkna3LT99mzmBkyeJAT5KaUEesEzUviveVZcuafHcn7ZgSSvqDAnR0CeBasvlKaz17w%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df805ec5c72ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32760&sent=259&recv=112&lost=0&retrans=0&sent_bytes=280706&recv_bytes=20768&delivery_rate=164898&cwnd=64800&unsent_bytes=0&cid=caa58827005d80f7&ts=2191&x=1", cfHdrFlush;dur=13 date Wed, 13 Nov 2024 10:09:54 GMT content-type application/javascript last-modified Tue, 12 Nov 2024 13:58:10 GMT vary Accept-Encoding server cloudflare x-powered-by ASP.NET
GET H2	200	tracking.js Show response cdn.livechatinc.com/	84 KB 28 KB	251ms 27ms	Script application/javascript	23.48.224.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.livechatinc.com/tracking.js Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.224.16 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-48-224-16.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 37cd83f5fb8a7197cfb3545388594f601b4aa7575b639710a1d99a1e7f8df8d2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br x-amz-version-id Qbh.KWprU3gvDKB1OUca1yqTEspItfur etag W/"d448e190bc8237221f1ef31329b0a953" expires Wed, 13 Nov 2024 18:09:53 GMT x-amz-cf-id kvD-lQAyrWbVeIWMkCoXSfo7iIw6vYQt3lPolJLPyJf7GNYVs8ElkA== date Wed, 13 Nov 2024 10:09:53 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 12 Nov 2024 07:50:10 GMT vary accept-encoding cache-control max-age=28800 cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 28693 x-amz-cf-pop JFK52-P9 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	gtm.js Show response www.googletagmanager.com/	318 KB 107 KB	246ms 55ms	Script application/javascript	2607:f8b0:4006:821::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TP4Q725 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bcf750b8279977a87f81955c1aa2df33fd940a7eace980aba7188a31d092d6e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Wed, 13 Nov 2024 10:09:53 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 10:09:53 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Wed, 13 Nov 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 108685 x-xss-protection 0 server Google Tag Manager
GET H3	200	bg.jpg onevip1.win/images/	569 KB 570 KB	1037ms 1029ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/bg.jpg?v=6.44.22 Requested by Host: onevip1.win URL: https://onevip1.win/build/style.min.css?v=2.16.70 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash ccf0eb5eb3247e7699f80ae5df7411ab0b4287a316de8d3763a865680bd6a390 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onevip1.win/build/style.min.css?v=2.16.70 Response headers cf-cache-status MISS etag "bd25e15c5f86da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Shd%2FrDMTjHqjCL79a0w9O8%2BMg%2FiFF78pw3whECfTpc4K%2FeEQoMpo2TPBcG1tHCmUcuR6J8tcfS2un4QBhTXLfRQGR2uBpWPtrwUrLoP7ZKhhVtBXM%2BXakCn8muHSt%2FG0L5uiyokLSoUqLg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=42142&sent=1418&recv=222&lost=0&retrans=0&sent_bytes=1627077&recv_bytes=33644&delivery_rate=5500345&cwnd=476700&unsent_bytes=0&cid=caa58827005d80f7&ts=2714&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/jpeg last-modified Thu, 04 Apr 2024 07:11:49 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc8372ad-EWR accept-ranges bytes content-length 583015 x-powered-by ASP.NET server cloudflare
GET H3	200	shadow.png onevip1.win/images/	11 KB 11 KB	602ms 595ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/shadow.png Requested by Host: onevip1.win URL: https://onevip1.win/build/style.min.css?v=2.16.70 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 0daea885450c5e541d9953a8dcdafb2bdf30ee40c802966535c1bda1cb1c9529 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onevip1.win/build/style.min.css?v=2.16.70 Response headers cf-cache-status MISS etag "06339f08683da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=duvjmrjpG2z%2BU47J3GJU4rAi0DfdNkn39tj1jYIAlsZtnU1qc39BLld3idAF70izxmvjXxbUMg%2FPB4VA3Vpa3VOJKx4jhbzck7QnycrXFzNstbs0T%2B3JSi8DJm8jIz2D4FjdY6bg2sjDVA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=33654&sent=350&recv=118&lost=0&retrans=0&sent_bytes=386006&recv_bytes=21039&delivery_rate=2388123&cwnd=105300&unsent_bytes=0&cid=caa58827005d80f7&ts=2219&x=1", cfHdrFlush;dur=11 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/png last-modified Sun, 31 Mar 2024 16:17:34 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df805fc8572ad-EWR accept-ranges bytes content-length 10758 x-powered-by ASP.NET server cloudflare
GET H3	200	UTM.ttf onevip1.win/fonts/	38 KB 39 KB	502ms 498ms	Font application/octet-stream	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/fonts/UTM.ttf Requested by Host: onevip1.win URL: https://onevip1.win/build/style.min.css?v=2.16.70 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 7b277458036e6680e115ee58317da527ed2319b1d2c65d7a71c01b320a2bbadc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://onevip1.win Referer https://onevip1.win/build/style.min.css?v=2.16.70 Response headers cf-cache-status REVALIDATED etag "06339f08683da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oTHUb52WIFJ71Wghvoz%2BdJ5kw%2B92DXPQ2GqNiBpXOl4cxzzuC0Nmt7a7vf40oJg%2F80ykFClU4BOhnrt28oEdzktg8hPb7GnTndXtgiNb4WrbXz2lEWyom%2Bw5RD%2FZW%2BunK3Mjm8UMuNshBA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32176&sent=677&recv=163&lost=0&retrans=0&sent_bytes=758252&recv_bytes=23077&delivery_rate=696373&cwnd=266700&unsent_bytes=0&cid=caa58827005d80f7&ts=2369&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type application/octet-stream last-modified Sun, 31 Mar 2024 16:17:34 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df8071d2172ad-EWR accept-ranges bytes content-length 39308 x-powered-by ASP.NET server cloudflare
GET H3	200	UTMBold.ttf onevip1.win/fonts/	38 KB 39 KB	508ms 503ms	Font application/octet-stream	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/fonts/UTMBold.ttf Requested by Host: onevip1.win URL: https://onevip1.win/build/style.min.css?v=2.16.70 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e43f88561ceb65fb298094c9ee36b8063c05ff0e7b61599ffc301a2042881583 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://onevip1.win Referer https://onevip1.win/build/style.min.css?v=2.16.70 Response headers cf-cache-status REVALIDATED etag "06339f08683da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7vNn290lAC2YP4P5gYTy5WwFEMrclVQA3AnYtclZJl7Fl6yKKAC9cHCSrM6zd68WwdF2%2FS0VNaN%2FTdQImp3mMnfOOy0SY6i1xHQ35707lyOLVgqFQ%2FZZCiUNsdjgOy90c1nTUtoyemPLQw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32176&sent=712&recv=163&lost=0&retrans=0&sent_bytes=799164&recv_bytes=23077&delivery_rate=696373&cwnd=266700&unsent_bytes=0&cid=caa58827005d80f7&ts=2381&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type application/octet-stream last-modified Sun, 31 Mar 2024 16:17:34 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df8071d2272ad-EWR accept-ranges bytes content-length 39364 x-powered-by ASP.NET server cloudflare
GET H2	200	get_dynamic_configuration Show response api.livechatinc.com/v3.6/customer/action/	126 B 254 B	682ms 266ms	Script application/javascript	23.200.88.61 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=17573202&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fonevip1.win%2F&channel_type=code&jsonp=__7g6eczrdh07 Requested by Host: cdn.livechatinc.com URL: https://cdn.livechatinc.com/tracking.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.200.88.61 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-200-88-61.deploy.static.akamaitechnologies.com Software / Resource Hash c1d737918c0a790ef89e2bbdcf94e2cc04c5f6533e9fd4c727c698af209c4229 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-length 126 date Wed, 13 Nov 2024 10:09:54 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding cross-origin-resource-policy cross-origin
POST H3	200	collect www.google.com/ccm/	0 0	537ms 45ms	Ping text/plain	2607:f8b0:4006:823::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fonevip1.win%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1515904828.1731492594&auid=411684426.1731492594&npa=0&gtm=45He4b70v831415919za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&tft=1731492593988&tfd=2179&apve=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP4Q725 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers
GET H2	200	js Show response www.googletagmanager.com/gtag/	340 KB 111 KB	54ms 51ms	Script application/javascript	2607:f8b0:4006:821::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-1JXQQW9KLG&l=dataLayer&cx=c&gtm=45He4b70v831415919za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP4Q725 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a47ec5ed2fb3dc1ee8db5faefc916863f429a7d4cf39f0689d9bdf437effbdc7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 13 Nov 2024 10:09:54 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 10:09:54 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 113122 x-xss-protection 0 server Google Tag Manager
GET H2	200	hotjar-5082463.js Show response static.hotjar.com/c/	13 KB 6 KB	632ms 116ms	Script application/javascript	13.33.252.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-5082463.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP4Q725 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.252.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-252-108.jfk50.r.cloudfront.net Software / Resource Hash 7082f79fac72e82ec4cf9a158a2d995be61ddee875bdb262ea99d4e26ea8a5e6 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=2592000; includeSubDomains cache-control max-age=60 content-encoding br etag W/47b71e63b35bfb0806af5bc7bce985b6 cross-origin-resource-policy cross-origin x-content-type-options nosniff x-cache-hit 1 via 1.1 8a7d8c5d00025d5082538e58b376bbb2.cloudfront.net (CloudFront) access-control-allow-origin * x-cache RefreshHit from cloudfront x-amz-cf-id 8M0RyR7ix_BiCA7g3q4pIg1otsTWOeE6pVljuc5uvmLPnna0o9Ku3Q== date Wed, 13 Nov 2024 10:09:54 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding x-amz-cf-pop JFK50-P10
GET H3	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	9 KB 3 KB	519ms 43ms	Script application/javascript	2606:4700::6811:6fdf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP4Q725 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=15552000; includeSubDomains cache-control public, max-age=259200 content-encoding br cf-cache-status HIT etag W/"09282956186c8515ef0d208902803581" age 861 via 1.1 google cf-ray 8e1df80b8e484257-EWR expires Sat, 16 Nov 2024 10:09:54 GMT alt-svc h3=":443"; ma=86400 date Wed, 13 Nov 2024 10:09:54 GMT content-type application/javascript vary Accept-Encoding server cloudflare access-control-allow-headers OneSignal-Subscription-Id
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	381ms 26ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-L3azEzkT' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Wed, 13 Nov 2024 10:09:54 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-L3azEzkT' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=5830, tp=13, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug FYSdqGqxgVjPa0QOwImc61ZdQ07cYi3t/tipEE0tf0HKFHSB+whcAzk1bXNvoXjIxDIgw6S5RaQF2kZIv9NZ7Q== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 62107 x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	sw_iframe.html www.googletagmanager.com/static/service_worker/4al0/ Frame FFFA	0 0	210ms 0ms	Document text/html	2607:f8b0:4006:821::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fonevip1.win Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP4Q725 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 1476 content-type text/html cross-origin-opener-policy same-origin; report-to="analytics-container-tag-serving" cross-origin-resource-policy cross-origin date Wed, 13 Nov 2024 10:09:54 GMT expires Thu, 13 Nov 2025 10:09:54 GMT last-modified Mon, 21 Oct 2024 16:58:00 GMT report-to {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]} server sffe service-worker-allowed /static/service_worker vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect analytics.google.com/g/	0 0	353ms 32ms	Fetch text/plain	2607:f8b0:4006:824::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-1JXQQW9KLG&gtm=45je4b70v9125815605z8831415919za200zb831415919&_p=1731492593541&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102077854&cid=1843153495.1731492594&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1731492594&sct=1&seg=0&dl=https%3A%2F%2Fonevip1.win%2F&dt=ONEVIP%20-%20Game%20B%C3%A0i%20%C4%90%E1%BB%95i%20Th%C6%B0%E1%BB%9Fng%20Uy%20T%C3%ADn%20H%C3%A0ng%20%C4%90%E1%BA%A7u&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2382 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1JXQQW9KLG&l=dataLayer&cx=c&gtm=45He4b70v831415919za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://onevip1.win cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 551 B	355ms 36ms	Ping text/plain	2607:f8b0:4004:c19::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1JXQQW9KLG&cid=1843153495.1731492594&gtm=45je4b70v9125815605z8831415919za200zb831415919&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101925629~102077854 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1JXQQW9KLG&l=dataLayer&cx=c&gtm=45He4b70v831415919za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://onevip1.win cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/plain server Golfe2
GET H2	200	rul td.doubleclick.net/td/ga/ Frame 8845	0 0	248ms 48ms	Document text/html	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/ga/rul?tid=G-1JXQQW9KLG&gacid=1843153495.1731492594&gtm=45je4b70v9125815605z8831415919za200zb831415919&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629~102077854&z=399275500 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1JXQQW9KLG&l=dataLayer&cx=c&gtm=45He4b70v831415919za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 13 Nov 2024 10:09:54 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	telegram.png onevip1.win/images/	161 KB 162 KB	1257ms 1210ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/telegram.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash d905030e80916ce7a04fbc0bb219e2df838019de3800cd5a8c177a88796bf074 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "675e9a518b83da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3zO73RF7jR5EZw60V9vBrpMhtfQmh35oY3TfLssZrmKS0q6Feexq42i1mVOha1gp%2Fq8beKg4ZOAOOJpIl6QLu27Qayx9EXkq90q%2FMfBFBUQMZIOacN0yPsaPQUlryLsDtaZwNDQnTjthQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=29897&sent=6894&recv=843&lost=238&retrans=238&sent_bytes=8022894&recv_bytes=63353&delivery_rate=1178159&cwnd=268034&unsent_bytes=0&cid=caa58827005d80f7&ts=3803&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:55 GMT content-type image/png last-modified Sun, 31 Mar 2024 16:48:55 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80b985c72ad-EWR accept-ranges bytes content-length 164717 x-powered-by ASP.NET server cloudflare
GET H3	200	facebook.png onevip1.win/images/	161 KB 162 KB	1007ms 961ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/facebook.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 70a6d77eb3a4d631bc3bd0a35ac9a2a8123a0899a9c3f5df54225f3effeb8361 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "e71a91e78a83da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dgs4e3IiuFuNbDqInUrZ97wygWlc7HrK6S%2Bc93cZ8lsmLpmZwggHorn7z2tidns5bMbS4W%2Bwaec8KU51ddfx77M9BQDeMltJzxMaenC44qKxn%2FsDrKyfuVUR%2BCHOLcj59lc9wAt9HUx6VQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24576&sent=5991&recv=746&lost=217&retrans=217&sent_bytes=6956067&recv_bytes=58691&delivery_rate=8011433&cwnd=265634&unsent_bytes=0&cid=caa58827005d80f7&ts=3549&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:55 GMT content-type image/png last-modified Sun, 31 Mar 2024 16:45:57 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80b985d72ad-EWR accept-ranges bytes content-length 165357 x-powered-by ASP.NET server cloudflare
GET H3	200	logo.png onevip1.win/images/	48 KB 49 KB	1034ms 988ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/logo.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 25a5a2eb4133d6ad609f816816788eeecd30a791208fd43fa54f4e06258e8eb9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "1f9ddad88c83da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YfOdbE%2FdSoCFiaAI%2BKbIK3044S%2FMqditH8AM%2FmOWSlwRVt3xlVG46Za3O5FcGOpR0L1LyrqvMZ0hGoxk1KvyFI41Vk3Zr9hZY0X58KEcCpHEhseElHaeBFDQZQcYvDQ6Mzx6wEGbJYzeNw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24478&sent=6100&recv=750&lost=217&retrans=217&sent_bytes=7086070&recv_bytes=58872&delivery_rate=1211717&cwnd=265634&unsent_bytes=0&cid=caa58827005d80f7&ts=3583&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:55 GMT content-type image/png last-modified Sun, 31 Mar 2024 16:59:51 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80b985e72ad-EWR accept-ranges bytes content-length 49116 x-powered-by ASP.NET server cloudflare
GET H3	200	slogan.png onevip1.win/images/	66 KB 66 KB	1058ms 1012ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/slogan.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash bd4184ba392c0b1c77d5eed77176124b48397af3fc143a0fabb68c53c90b0444 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "d28563986d86da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lXi80ZZFi7J9kO%2B%2BpB59vHaNeK1HNxe%2BcGx0jXwlzTAuP%2FoqClKGQaxQicK4iBqQyMuH%2BQP%2BdX7l%2FeeUGUTxv92%2BFoz%2BlX90pAj1NdtMnM7Lp85oATU63BykJ%2Fpdf8Unmk4mdZQsOoI7CQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24071&sent=6293&recv=756&lost=217&retrans=217&sent_bytes=7314783&recv_bytes=59148&delivery_rate=2388562&cwnd=265634&unsent_bytes=0&cid=caa58827005d80f7&ts=3600&x=1", cfHdrFlush;dur=1 date Wed, 13 Nov 2024 10:09:55 GMT content-type image/png last-modified Thu, 04 Apr 2024 08:53:42 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80b985f72ad-EWR accept-ranges bytes content-length 67099 x-powered-by ASP.NET server cloudflare
GET H3	200	Oklog.png onevip1.win/images/	292 KB 292 KB	967ms 920ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/Oklog.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 27f4f784c86787565c1e11375a22bc6ea483233935492107d169bee729350f95 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "3bb4a28e6d86da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZccoQQF%2FjLbcAXLHvqHc1tGupX0dOGUkVjZvFH4XIqzMNyA8kSUk6AuSiiPP3AiL5D%2BKcO8mJEN5I2CH2ZioN6p1ivEe06Zll6QMXA8rlA2PE43TyqdQjiLIsPNducwsfmjrMe0fTSw65A%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24179&sent=4513&recv=573&lost=217&retrans=217&sent_bytes=5239685&recv_bytes=50862&delivery_rate=8628488&cwnd=259634&unsent_bytes=0&cid=caa58827005d80f7&ts=3346&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:55 GMT content-type image/png last-modified Thu, 04 Apr 2024 08:53:26 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80b986072ad-EWR accept-ranges bytes content-length 298588 x-powered-by ASP.NET server cloudflare
GET H3	200	line.png onevip1.win/images/	504 B 1 KB	591ms 545ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/line.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 2d70d93d5d64fe7813fe7c7095599a532d473653171d583d3088b9ec5c3cc5f8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "06339f08683da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Tq9CkwOvoFxXvZANgIpl3T5jxVu%2FZvdibyTwYznGHmp3RI%2Bkz1zK92NdNVTnmUf0%2FRU6qJXecNEnhKU%2FH3hZ%2FCb%2FZFNmjVOflxLtae%2FlccUEwBcBLwn8RWMj8tqUyfqYXRqnyRengzWtg%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=33703&sent=2924&recv=415&lost=123&retrans=123&sent_bytes=3379236&recv_bytes=43428&delivery_rate=7440546&cwnd=249794&unsent_bytes=0&cid=caa58827005d80f7&ts=3091&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/png last-modified Sun, 31 Mar 2024 16:17:34 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80b986272ad-EWR accept-ranges bytes content-length 504 x-powered-by ASP.NET server cloudflare
GET H3	200	playweb-pc.png onevip1.win/images/	14 KB 15 KB	968ms 921ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/playweb-pc.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 0df74b0bcb14d166c710fe740c4735fc7a800f21fdbf62fda081ba036501c293 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "ca39e6a15084da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UVeo%2FxPvG9f243CRHLRRGMSNLnJ8Gx%2Fd%2Bvqg7yJ83ae13O8phr9JZO1FUjdzLDpuerAdiDdL%2FELrIkEQyE9TQTZAfDt755OSPdSgMDzAiC6iGI9VkFFNZH5kfpMScDLYsuThtjvr%2F1m8MA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=26374&sent=4287&recv=550&lost=217&retrans=217&sent_bytes=4976451&recv_bytes=49817&delivery_rate=10189770&cwnd=258434&unsent_bytes=0&cid=caa58827005d80f7&ts=3320&x=1", cfHdrFlush;dur=4 date Wed, 13 Nov 2024 10:09:55 GMT content-type image/png last-modified Mon, 01 Apr 2024 16:21:20 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80b986372ad-EWR accept-ranges bytes content-length 14443 x-powered-by ASP.NET server cloudflare
GET H3	200	btn-1111.png onevip1.win/images/	7 KB 7 KB	972ms 924ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/btn-1111.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash eab296f5c1662bbc96f09064072cb160b9bfb60edb3a66af2914fcc3718fbe75 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "06339f08683da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=geCj8ECqAhZgvKz9S%2FaCBdeEnFMeUa%2BkRfydJxrkz9zZAhAkqh7Z2AhVOVDVDGUiNzYUD5mC%2BkDoCrXTztNFV6r0wrQo2ISBKReAWlw5F3trg%2FmvnqhevsZmSlBitG6TleU2tvTtOOVvuw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46113&sent=3060&recv=419&lost=123&retrans=123&sent_bytes=3539665&recv_bytes=43612&delivery_rate=4212088&cwnd=249794&unsent_bytes=0&cid=caa58827005d80f7&ts=3106&x=1", cfHdrFlush;dur=10 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/png last-modified Sun, 31 Mar 2024 16:17:34 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80b986972ad-EWR accept-ranges bytes content-length 6755 x-powered-by ASP.NET server cloudflare
GET H3	404	bg-thank.png onevip1.win/images/	1 KB 1 KB	588ms 540ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/bg-thank.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IoVjBvZf1atiHnHzpQRSZgomVrHme35LA147Amap%2FarPeSShxjy5sCbSmzta%2FBtXU8Wt4fuZ7B8mTkuEMpP4DXpNjVt%2FnfYrlddouHJcDyFa7bx2ij68wti3iTeTSUg%2FoGrwlfJr3trTrQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df80b986b72ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=33703&sent=2922&recv=415&lost=123&retrans=123&sent_bytes=3377843&recv_bytes=43428&delivery_rate=7440546&cwnd=249794&unsent_bytes=0&cid=caa58827005d80f7&ts=3086&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	200	btn-android.png onevip1.win/images/	8 KB 9 KB	586ms 539ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/btn-android.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 2a54f8154b2e25141a5826d9e6336495d434500e2c10c74596a472680309e6ed Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "06339f08683da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PqRCMmmVT6TwvHWIaC9CHY7oubK6sE31mGiNKZ2TejCbSK%2FuIr%2FOI34qrslxQy0AXIsDH5yGMepWkyBFjMGqFp9kun3IwoachiGJhdIraVIv2puNcZ7UOdwWoGONKnyi1EbN86Sl0sMBJA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=33703&sent=2914&recv=415&lost=123&retrans=123&sent_bytes=3368702&recv_bytes=43428&delivery_rate=7440546&cwnd=249794&unsent_bytes=0&cid=caa58827005d80f7&ts=3079&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/png last-modified Sun, 31 Mar 2024 16:17:34 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80b986c72ad-EWR accept-ranges bytes content-length 8284 x-powered-by ASP.NET server cloudflare
GET H3	200	btn-ios.png onevip1.win/images/	8 KB 9 KB	588ms 541ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/btn-ios.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash a900c4f78dd575e2aa9afc2962fbf6b05fb4097d0d0eda582b14e8624c5a9591 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "06339f08683da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hOgcVbb04fT5ccfny6iSOutsvgs9OcEC8VYMsh1WXO0RV9iACQczojwXdsjLqyRsBd7lOeLdn1MMHKV2Oyk9xjCRPvApmK0haB7kFkWQ2g5fNK%2F%2Fx1Cd9IidBTorRa5%2FxYzFFW%2BuPNjd2Q%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46113&sent=2925&recv=419&lost=123&retrans=123&sent_bytes=3380432&recv_bytes=43612&delivery_rate=4212088&cwnd=249794&unsent_bytes=0&cid=caa58827005d80f7&ts=3099&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type image/png last-modified Sun, 31 Mar 2024 16:17:34 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80b986d72ad-EWR accept-ranges bytes content-length 8171 x-powered-by ASP.NET server cloudflare
GET H3	200	btn-playweb.png onevip1.win/images/	14 KB 15 KB	971ms 925ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/btn-playweb.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 0df74b0bcb14d166c710fe740c4735fc7a800f21fdbf62fda081ba036501c293 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "ca39e6a15084da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2psCcdDHk1yVzriJJPTsIrnx9scr%2BWnUEmrPMZuYDns5emGVPvzDX8Z9ba1mM2EgH3taYhnN6gQlgWAckBhPegOGwMDGj%2FICMRlOdyy8v76cO3%2B4V4uMkjDftUPLqb8jcEfO5tUeHlvQyQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24708&sent=4503&recv=572&lost=217&retrans=217&sent_bytes=5228765&recv_bytes=50817&delivery_rate=9979292&cwnd=259634&unsent_bytes=0&cid=caa58827005d80f7&ts=3344&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:55 GMT content-type image/png last-modified Mon, 01 Apr 2024 16:21:20 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80b986e72ad-EWR accept-ranges bytes content-length 14443 x-powered-by ASP.NET server cloudflare
GET H3	200	banner1.jpg onevip1.win/baner/	109 KB 110 KB	1045ms 998ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/baner/banner1.jpg?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 661e97bdb5ea14a10a59034794a8816f8428ea69d21be85a90e4b41f79fd0276 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "a7c84404884da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JdUxL1VJyNXXvV0QryQz%2F%2BWkc6kH4sVC8GIJtRefN1gBv%2BQiuYDRzfMeqGqCGfcv%2Fi1JCpOQNKxpk1V7orcaCWrUgihhK16EOqOaPJvzFZ%2BQX4Bgh4wm1gghjyUSEdD%2FmR%2BvrAdWhg%2B0Gw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24328&sent=6227&recv=751&lost=217&retrans=217&sent_bytes=7237576&recv_bytes=58917&delivery_rate=1162778&cwnd=265634&unsent_bytes=0&cid=caa58827005d80f7&ts=3591&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:55 GMT content-type image/jpeg last-modified Mon, 01 Apr 2024 15:21:21 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80ba86f72ad-EWR accept-ranges bytes content-length 112079 x-powered-by ASP.NET server cloudflare
GET H3	200	banner0.png onevip1.win/baner/	190 KB 191 KB	1022ms 974ms	Image image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/baner/banner0.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 4e01387bf64194b089f2ee7495138aa60cbf91bb8be83933c0edb5fa8f86c008 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "54ba6dfb1284da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LjJDuj5yvJF3U0syy1L2fJ2PfkiIaxj8H9WQnR742K2kGFZ58Y3yMnaXccE%2FVvZcQRg7QWbTlqG%2BMCFIFc8bGY86tGqEHJA%2FtnvcBfLuyIaVUuXoz7SnWj6un8J2w74AfkllpfIMu7vu8Q%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24385&sent=6059&recv=749&lost=217&retrans=217&sent_bytes=7037149&recv_bytes=58826&delivery_rate=906053&cwnd=265634&unsent_bytes=0&cid=caa58827005d80f7&ts=3578&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:55 GMT content-type image/png last-modified Mon, 01 Apr 2024 09:00:02 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80ba87072ad-EWR accept-ranges bytes content-length 195007 x-powered-by ASP.NET server cloudflare
GET H3	200	banner2.jpg onevip1.win/baner/	143 KB 144 KB	1045ms 998ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/baner/banner2.jpg?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 675052fb3116f4732c1d154a9cc0bcbd64444e2e2841e52d9b80abadae96b8d0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "12ff715f4884da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rg45J7wSYXlpaUatpUuPjWWcwxyjRClV8A7%2BUSxXDF5Zdwz9Wro0KCPwvTJ2z%2F78UpJzOXQwMzC%2FmWED2UnhuATTc%2BCTr1HV2RHr6jOUIH7L%2FBBzWFvfVqJ5igbvWlAuHns0BThnjla2RQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24392&sent=6255&recv=754&lost=217&retrans=217&sent_bytes=7269780&recv_bytes=59057&delivery_rate=2110652&cwnd=265634&unsent_bytes=0&cid=caa58827005d80f7&ts=3596&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:55 GMT content-type image/jpeg last-modified Mon, 01 Apr 2024 15:22:13 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80ba87272ad-EWR accept-ranges bytes content-length 146250 x-powered-by ASP.NET server cloudflare
GET H3	200	banner4.jpg onevip1.win/baner/	113 KB 113 KB	1011ms 963ms	Image image/jpeg	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/baner/banner4.jpg?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 3e172bbd23d9e493f36b93c036bd6f83d3bafd54b183d52a5001cb9d9d37d6bb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "df17c15e1284da1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KzNoPcbz%2FY%2Fpj4fM6nYf3YfYoVApo65kjDtjArIluU%2Fieqe1jNmph0CullOjiaealhmN1k5ry7%2BDvfwbcnNvJ%2FdpnqvrVboYYWS9idLGtCy7T2SyVJ8LgpBoYuexnDcjbmpjYl0rSrqK1w%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24213&sent=6018&recv=747&lost=217&retrans=217&sent_bytes=6988229&recv_bytes=58736&delivery_rate=5323452&cwnd=265634&unsent_bytes=0&cid=caa58827005d80f7&ts=3567&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:55 GMT content-type image/jpeg last-modified Mon, 01 Apr 2024 08:55:39 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df80ba87372ad-EWR accept-ranges bytes content-length 115411 x-powered-by ASP.NET server cloudflare
GET H3	404	icon-closex.png onevip1.win/images/	1 KB 1 KB	972ms 924ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/icon-closex.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aPe22gEC1AJILwRXhKBtx0TyYmAf9e7NaqzqCFM8sFfCnrTPj%2BAI%2FqVV%2FBYAqBTHPu%2Bq8kSuF%2BYy5QPbProAvHpP1x2dTPTkKzkOavw94N%2BtVEkkOkfsm7hdC85FH1gpJK7Z%2Fc%2BmMZc%2BQg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df80ba87472ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=64057&sent=3207&recv=426&lost=123&retrans=123&sent_bytes=3714427&recv_bytes=43927&delivery_rate=3045346&cwnd=359250&unsent_bytes=0&cid=caa58827005d80f7&ts=3130&x=1", cfHdrFlush;dur=1 date Wed, 13 Nov 2024 10:09:55 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	tab.png onevip1.win/images/	1 KB 1 KB	972ms 924ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/tab.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQith1FtujsvyGYw4iiP9vsovrugkgX7oNdtwR%2FG0yQJdLIWjbcj8GUb0dD6OvRz1Q%2F0mipIq5E0wDnhXXkCqEt8wI229gXsVGXuW44fovNB41wJXCPdQZybaKhUPDL%2FolJ1teDIl8xI4g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df80ba87572ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=56638&sent=3183&recv=423&lost=123&retrans=123&sent_bytes=3686681&recv_bytes=43792&delivery_rate=3710474&cwnd=358050&unsent_bytes=0&cid=caa58827005d80f7&ts=3121&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	girl.png onevip1.win/images/	1 KB 1 KB	969ms 922ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/girl.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RHUoSefK9EXEqviW6phFQT8x%2F5bARWn6K6iSJBV6Ru2LKvpAIMrZj9KbCK0KjHBkSXLKoAWFp%2FZQE%2BRaw45ppqJlowZ16HyZYgGFkwmLsVaWeGKq7H5zhKccbZRB5Qm945VPv59c4BcLeQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df80ba87772ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46113&sent=3060&recv=419&lost=123&retrans=123&sent_bytes=3539665&recv_bytes=43612&delivery_rate=4212088&cwnd=249794&unsent_bytes=0&cid=caa58827005d80f7&ts=3113&x=1", cfHdrFlush;dur=3 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	title-modal-content.png onevip1.win/images/	1 KB 1 KB	583ms 536ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/title-modal-content.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UoPetswHmC7dNRvFOiX938z6UJUWbYoxmrMJv%2F5cvaMKdZh%2BM8R439BMictTugyMVQSJegCKeXbdsXCc6fK4jaF1SWQqpTL4LaV%2BfGxRaaEoJFrvJ5kL%2FbUHmuWPBpFBcwFRZjDC0tsWuw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df80ba87872ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46113&sent=2933&recv=419&lost=123&retrans=123&sent_bytes=3389462&recv_bytes=43612&delivery_rate=4212088&cwnd=249794&unsent_bytes=0&cid=caa58827005d80f7&ts=3102&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	icon-close.png onevip1.win/images/	1 KB 1 KB	970ms 923ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/icon-close.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RO8EDyP1gVKctTRlBk7tXjOzkpz40cm5bcuexuTpeVjR6GPxJVXyYDSWn1g2NpYpQ%2BiB6Pfz%2Ba%2BqAV5UjHl0BvCyuawkJHq5MWhmrKdYz8HTstdbrDaC6LJZZQ5ag7HM0LKHs8IDEnZGAw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df80ba87b72ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46113&sent=3060&recv=419&lost=123&retrans=123&sent_bytes=3539665&recv_bytes=43612&delivery_rate=4212088&cwnd=249794&unsent_bytes=0&cid=caa58827005d80f7&ts=3110&x=1", cfHdrFlush;dur=6 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	200	OneSignalPageSDKES6.js Show response cdn.onesignal.com/sdks/	284 KB 68 KB	54ms 54ms	Script application/javascript	2606:4700::6811:6fdf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=15552000; includeSubDomains cache-control public, max-age=259200 content-encoding br cf-cache-status HIT etag W/"7e91359b46e1da637080a03b759164fa" age 2605 via 1.1 google cf-ray 8e1df80cbf584257-EWR expires Sat, 16 Nov 2024 10:09:54 GMT alt-svc h3=":443"; ma=86400 date Wed, 13 Nov 2024 10:09:54 GMT content-type application/javascript vary Accept-Encoding server cloudflare access-control-allow-headers OneSignal-Subscription-Id
GET H2	200	modules.6f60e575cf8ad7cb10f7.js Show response script.hotjar.com/	222 KB 55 KB	138ms 26ms	Script application/javascript	18.164.96.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-5082463.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.90 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-90.jfk50.r.cloudfront.net Software / Resource Hash f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers x-robots-tag none content-encoding br etag "56b1b49a4bdc4c874445907df778d045" age 762596 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id GdFI5kmnasB-Dw4DqrtdHLwxcSLCtnN9pKwuRWqwJzORGTzeUiu6wQ== date Mon, 04 Nov 2024 14:19:58 GMT content-type application/javascript; charset=utf-8 last-modified Mon, 04 Nov 2024 14:19:24 GMT vary Accept-Encoding strict-transport-security max-age=2592000; includeSubDomains cache-control max-age=31536000 cross-origin-resource-policy cross-origin via 1.1 8a9cdb228e33f8d52a4b42c56ca26590.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 56128 x-amz-cf-pop JFK50-P5
GET H3	200	web Show response onesignal.com/api/v1/sync/c8438e34-8bea-43b1-8001-b39cc515cec1/	5 KB 2 KB	213ms 57ms	Script text/javascript	2606:4700::6810:a091 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/sync/c8438e34-8bea-43b1-8001-b39cc515cec1/web?callback=__jp0 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c25b314ccf7ebc0d6254cac01c0a42207674bdc2c6ee433d00735a8dc4fe6295 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers x-request-id ee185a07-0641-48da-a010-9aa4c70e5656 content-encoding br cf-cache-status HIT etag W/"c25b314ccf7ebc0d6254cac01c0a4220" age 2048 x-permitted-cross-domain-policies none x-content-type-options nosniff expires Wed, 13 Nov 2024 11:09:54 GMT alt-svc h3=":443"; ma=86400 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/javascript; charset=utf-8 vary Origin, Accept-Encoding x-runtime 0.037456 access-control-allow-headers SDK-Version x-frame-options SAMEORIGIN strict-transport-security max-age=15552000; includeSubDomains cache-control public, max-age=3600 referrer-policy strict-origin-when-cross-origin x-download-options noopen via 1.1 google cf-ray 8e1df80ea9e2439f-EWR access-control-allow-origin * x-xss-protection 1; mode=block server cloudflare
GET H2	200	browser-perf.8417c6bba72228fa2e29.js Show response script.hotjar.com/	5 KB 2 KB	53ms 22ms	Script application/javascript	18.164.96.90 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.90 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-90.jfk50.r.cloudfront.net Software / Resource Hash 70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers x-robots-tag none content-encoding br etag "b83b61bc5871e9a23a0434e2c539f4f3" age 4811555 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id K1r8GEO4PwLKbkG62U_GWySEe193oSqtQ7AIeaHnh1fhOukWZta3qg== date Wed, 18 Sep 2024 17:37:20 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 17 Sep 2024 15:41:53 GMT vary Accept-Encoding strict-transport-security max-age=2592000; includeSubDomains cache-control max-age=31536000 cross-origin-resource-policy cross-origin via 1.1 8a9cdb228e33f8d52a4b42c56ca26590.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 1782 x-amz-cf-pop JFK50-P5
GET H3	404	bg-thank.png onevip1.win/images/	1 KB 1 KB	5ms 4ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/bg-thank.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IoVjBvZf1atiHnHzpQRSZgomVrHme35LA147Amap%2FarPeSShxjy5sCbSmzta%2FBtXU8Wt4fuZ7B8mTkuEMpP4DXpNjVt%2FnfYrlddouHJcDyFa7bx2ij68wti3iTeTSUg%2FoGrwlfJr3trTrQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df80b986b72ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=33703&sent=2922&recv=415&lost=123&retrans=123&sent_bytes=3377843&recv_bytes=43428&delivery_rate=7440546&cwnd=249794&unsent_bytes=0&cid=caa58827005d80f7&ts=3086&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	title-modal-content.png onevip1.win/images/	1 KB 1 KB	6ms 5ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/title-modal-content.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UoPetswHmC7dNRvFOiX938z6UJUWbYoxmrMJv%2F5cvaMKdZh%2BM8R439BMictTugyMVQSJegCKeXbdsXCc6fK4jaF1SWQqpTL4LaV%2BfGxRaaEoJFrvJ5kL%2FbUHmuWPBpFBcwFRZjDC0tsWuw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df80ba87872ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46113&sent=2933&recv=419&lost=123&retrans=123&sent_bytes=3389462&recv_bytes=43612&delivery_rate=4212088&cwnd=249794&unsent_bytes=0&cid=caa58827005d80f7&ts=3102&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	girl.png onevip1.win/images/	1 KB 1 KB	2ms 1ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/girl.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RHUoSefK9EXEqviW6phFQT8x%2F5bARWn6K6iSJBV6Ru2LKvpAIMrZj9KbCK0KjHBkSXLKoAWFp%2FZQE%2BRaw45ppqJlowZ16HyZYgGFkwmLsVaWeGKq7H5zhKccbZRB5Qm945VPv59c4BcLeQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df80ba87772ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46113&sent=3060&recv=419&lost=123&retrans=123&sent_bytes=3539665&recv_bytes=43612&delivery_rate=4212088&cwnd=249794&unsent_bytes=0&cid=caa58827005d80f7&ts=3113&x=1", cfHdrFlush;dur=3 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	icon-close.png onevip1.win/images/	1 KB 1 KB	2ms 2ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/icon-close.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RO8EDyP1gVKctTRlBk7tXjOzkpz40cm5bcuexuTpeVjR6GPxJVXyYDSWn1g2NpYpQ%2BiB6Pfz%2Ba%2BqAV5UjHl0BvCyuawkJHq5MWhmrKdYz8HTstdbrDaC6LJZZQ5ag7HM0LKHs8IDEnZGAw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df80ba87b72ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=46113&sent=3060&recv=419&lost=123&retrans=123&sent_bytes=3539665&recv_bytes=43612&delivery_rate=4212088&cwnd=249794&unsent_bytes=0&cid=caa58827005d80f7&ts=3110&x=1", cfHdrFlush;dur=6 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	icon-closex.png onevip1.win/images/	1 KB 1 KB	3ms 3ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/icon-closex.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aPe22gEC1AJILwRXhKBtx0TyYmAf9e7NaqzqCFM8sFfCnrTPj%2BAI%2FqVV%2FBYAqBTHPu%2Bq8kSuF%2BYy5QPbProAvHpP1x2dTPTkKzkOavw94N%2BtVEkkOkfsm7hdC85FH1gpJK7Z%2Fc%2BmMZc%2BQg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df80ba87472ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=64057&sent=3207&recv=426&lost=123&retrans=123&sent_bytes=3714427&recv_bytes=43927&delivery_rate=3045346&cwnd=359250&unsent_bytes=0&cid=caa58827005d80f7&ts=3130&x=1", cfHdrFlush;dur=1 date Wed, 13 Nov 2024 10:09:55 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	tab.png onevip1.win/images/	1 KB 1 KB	3ms 3ms	Image text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onevip1.win/images/tab.png?v=2.16.2.32 Requested by Host: onevip1.win URL: https://onevip1.win/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQith1FtujsvyGYw4iiP9vsovrugkgX7oNdtwR%2FG0yQJdLIWjbcj8GUb0dD6OvRz1Q%2F0mipIq5E0wDnhXXkCqEt8wI229gXsVGXuW44fovNB41wJXCPdQZybaKhUPDL%2FolJ1teDIl8xI4g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df80ba87572ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=56638&sent=3183&recv=423&lost=123&retrans=123&sent_bytes=3686681&recv_bytes=43792&delivery_rate=3710474&cwnd=358050&unsent_bytes=0&cid=caa58827005d80f7&ts=3121&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:54 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	200	ico.png onevip1.win/	388 KB 389 KB	959ms 958ms	Other image/png	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/ico.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash adf3d1dff45c2c1ea73e47833381ecb48252f9086e96ed6dcb2878858446ec8e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "a627ebaed4dda1:0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m8cZET4r2GFuUQYcAEoLlTRq4VrOp2zV%2FpSAmKQPD8XNghoDlwCaY3NNSEuk3m2ynWStRD0gwYF0AOyEVDOMLQYnL04YsAVuAk8AjDkgGyp3%2B02osxeo5ks0oNhj3uplONJUQNKlk3VpFw%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=24571&sent=7701&recv=937&lost=250&retrans=250&sent_bytes=8964481&recv_bytes=68364&delivery_rate=8784616&cwnd=274034&unsent_bytes=0&cid=caa58827005d80f7&ts=5042&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:56 GMT content-type image/png last-modified Tue, 23 Jan 2024 11:17:19 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e1df814ef6f72ad-EWR accept-ranges bytes content-length 397091 x-powered-by ASP.NET server cloudflare
GET H3	404	favicon.ico onevip1.win/	1 KB 1 KB	530ms 529ms	Other text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lSxHFSS090SihI7fmJyn2LZutwjaelCYf2g%2B57aCyFdi%2Bf58bLLdaPmk%2F7pJsU4l0fExnVgwi8xcYGr0JatKRz1zV3o9hxWhz6uzju4bma0VBfamxULHSqdrm1L1cryrfimgAyhtWOqJzQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df822081172ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=31174&sent=8058&recv=979&lost=264&retrans=264&sent_bytes=9388235&recv_bytes=70898&delivery_rate=475650&cwnd=191823&unsent_bytes=0&cid=caa58827005d80f7&ts=6706&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:58 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	favicon-32x32.png onevip1.win/images/favicons/	1 KB 1 KB	525ms 522ms	Other text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/images/favicons/favicon-32x32.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EesawAfZ1BAMIpD4CXwgLGoB%2Fx8AQcHG%2FwA4AEltHtG7v%2Fp7g0uDH7X6ntr8Z1RxJh1NA42iZzdXTqraUxUkhS5wy87UKYRjm7JHpgUXrmmIRwgMCNGUIjAuOfOs8TmrSn%2F0HGXZXT19Hg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df8288cd872ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=29928&sent=8061&recv=981&lost=264&retrans=264&sent_bytes=9389653&recv_bytes=71626&delivery_rate=2622&cwnd=191823&unsent_bytes=0&cid=caa58827005d80f7&ts=7745&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:09:59 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	favicon-16x16.png onevip1.win/images/favicons/	1 KB 1 KB	504ms 503ms	Other text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/images/favicons/favicon-16x16.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QHJEG12N05eN2aEW3OBF%2BQJOYe520J%2BDNoRw7Tk5IiDXKvE98dXXzUMcX8I%2BxEVeaCUsaMCgpl2VHPNZCxO73wOLOWgoRdKU%2BgR%2B6%2Fb%2FAO1axWV8zhqxpDSF5aldR7iaWZRcBYyzGE6yjA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df82d283f72ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=29114&sent=8064&recv=983&lost=264&retrans=264&sent_bytes=9391071&recv_bytes=72354&delivery_rate=2687&cwnd=191823&unsent_bytes=0&cid=caa58827005d80f7&ts=8475&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:10:00 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	favicon-96x96.png onevip1.win/images/favicons/	1 KB 1 KB	511ms 511ms	Other text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/images/favicons/favicon-96x96.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LjVn3Gy3fzv7qE1Ap2kEVEI40mPLMcMstft%2F7hNvrBIPqtzCa7xmHJrC5xdfDUNIXS8%2BRA1dQoZ5imdss4LVukMBd1VuUmmVNzchc6eiwG66aQLIQ9BIBKM%2FO%2FJeLT0nOXISVCToZXpFkw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df8306a4072ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28410&sent=8067&recv=985&lost=264&retrans=264&sent_bytes=9392494&recv_bytes=73083&delivery_rate=2737&cwnd=191823&unsent_bytes=0&cid=caa58827005d80f7&ts=8998&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:10:00 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare
GET H3	404	android-icon-192x192.png onevip1.win/images/favicons/	1 KB 1 KB	522ms 521ms	Other text/html	2606:4700:3035::6815:5d23 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onevip1.win/images/favicons/android-icon-192x192.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5d23 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RS12tTN%2Bb9zdxYbDa1UXBSXPoL5W7U2VkvmzwZEvrCixRjXOg6dKF2gVOysQF8qLN9y4dHSr9sNL1N373llH%2BUSYyCFTHKlCktcb4IcaZEqTaTbSX3HQxwEmB9YuyS3RM4UVmyFbYpKyoA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e1df8350d3f72ad-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=27554&sent=8070&recv=987&lost=264&retrans=264&sent_bytes=9393912&recv_bytes=73816&delivery_rate=2710&cwnd=191823&unsent_bytes=0&cid=caa58827005d80f7&ts=9737&x=1", cfHdrFlush;dur=0 date Wed, 13 Nov 2024 10:10:01 GMT content-type text/html x-powered-by ASP.NET vary Accept-Encoding server cloudflare