urlscan.io logo urlscan.io
SecurityTrails logo

1wbest.com Open in urlscan Pro
154.197.121.2  Public Scan

Go To Rescan Add Verdict Report
URL: https://1wbest.com/
Submission: On May 24 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 26 HTTP transactions. The main IP is 154.197.121.2, located in Seychelles and belongs to Africa-on-Cloud-AS, ZA. The main domain is 1wbest.com.
TLS certificate: Issued by GTS CA 1P5 on May 20th 2024. Valid for: 3 months.
This is the only time 1wbest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 154.197.121.2 328608 (Africa-on...)
16 154.197.121.128 328608 (Africa-on...)
1 172.217.16.196 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
26 4
Apex Domain
Subdomains		 Transfer
16 cdn1win.com
cdn1win.com
963 KB
9 1wbest.com
1wbest.com
192 KB
1 gstatic.com
www.gstatic.com
209 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
948 B
26 4
Domain Requested by
16 cdn1win.com 1wbest.com
cdn1win.com
9 1wbest.com 1 redirects 1wbest.com
cdn1win.com
1 www.gstatic.com www.google.com
1 www.google.com cdn1win.com
26 4

This site contains no links.

Subject Issuer Validity Valid
1wbest.com
GTS CA 1P5		 2024-05-20 -
2024-08-18		 3 months crt.sh
cdn1win.com
GTS CA 1P5		 2024-04-17 -
2024-07-16		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://1wbest.com/
Frame ID: FCC4EE466DD4C9BAD06E88C7579953D2
Requests: 24 HTTP requests in this frame

Frame: https://1wbest.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Frame ID: DB9EF68510EC6AB72935F6ECB5CB7E22
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1win - ставки на спорт - 1898218.3579640742

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

26
Requests

96 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1365 kB
Transfer

2770 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://1wbest.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://1wbest.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1wbest.com/ 		374 KB
95 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.2 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
2a8913098e0581aa8b14d10aaf8de78ab606c4c34b344a944d400ae549f36145
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
888b0315094458f0-TXL
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 24 May 2024 05:51:07 GMT
server
cloudflare
vary
Origin
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
x-match-domain
1wbest.com
x-request-id
7tuGNNN0d94G5h7N
minified.js
1wbest.com/core-js/3.33.3/ 		238 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wbest.com/core-js/3.33.3/minified.js
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.2 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
ce68e1614ab493deaecfa6eb9711736de0348248e1d559b5f6dfb5dc4c29b459
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 21 May 2024 14:07:41 GMT
server
cloudflare
etag
W/"664caaad-3b989"
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=315360000
cf-ray
888b03161c2858f0-TXL
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 May 2034 05:51:07 GMT
chunk-vendors.13af00704.js
cdn1win.com/js/ 		239 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1win.com/js/chunk-vendors.13af00704.js
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
66cffd73c0461f1f00e1fd25f4f1c63f1263183456eb005d024c24890ca5ebc6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 21 May 2024 12:42:03 GMT
server
cloudflare
age
233841
etag
W/"664c969b-3bb30"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
888b0316b8f64528-TXL
expires
Mon, 22 May 2034 05:51:07 GMT
chunk-common.c0284425b.js
cdn1win.com/js/ 		322 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1win.com/js/chunk-common.c0284425b.js
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
42bc3e0e344761cd300d50fb5a7cef711a6f9b1ab060aa783a17822661fae48a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 May 2024 10:58:23 GMT
server
cloudflare
age
67133
etag
W/"664f214f-5063d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
888b031719a64528-TXL
expires
Mon, 22 May 2034 05:51:07 GMT
vipDomain.8a572e54c.js
cdn1win.com/js/ 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1win.com/js/vipDomain.8a572e54c.js
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
74141536ef43287f9124ac9f363c769891c4dd6428988563922c5dfd1507603a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 May 2024 10:58:23 GMT
server
cloudflare
etag
W/"664f214f-b6ce"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
888b031719a94528-TXL
expires
Mon, 22 May 2034 05:51:07 GMT
vipDomain.3844324dd.css
cdn1win.com/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn1win.com/css/vipDomain.3844324dd.css
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
8c97a25eb4f211d1c5d92ef04c8036790757e02ad24303889a20fa44911bb658

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 May 2024 10:44:51 GMT
server
cloudflare
etag
W/"664340a3-2255"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
888b0316b8f44528-TXL
expires
Mon, 22 May 2034 05:51:07 GMT
1win-normal.svg
1wbest.com/img/logo/main/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1wbest.com/img/logo/main/1win-normal.svg
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.2 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 21 May 2024 14:07:42 GMT
server
cloudflare
age
220239
etag
W/"664caaae-1221"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
888b03161c3458f0-TXL
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 May 2034 05:51:07 GMT
23865.ee841d793.js
cdn1win.com/js/ 		111 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1win.com/js/23865.ee841d793.js
Requested by
Host: cdn1win.com
URL: https://cdn1win.com/js/vipDomain.8a572e54c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
61c74522db7553d2a0c0182eafeb536ae75ffa3e1007bbb15669de8997a0de67

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 May 2024 10:58:23 GMT
server
cloudflare
age
67128
etag
W/"664f214f-1ba4d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
888b0317bb344528-TXL
expires
Mon, 22 May 2034 05:51:07 GMT
vip.a1016137e.css
cdn1win.com/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn1win.com/css/vip.a1016137e.css
Requested by
Host: cdn1win.com
URL: https://cdn1win.com/js/vipDomain.8a572e54c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
23895d885adda7079fd376bd4cae566bd2c2e926a8d71a251ec4207fb404ed44

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 May 2024 09:29:17 GMT
server
cloudflare
etag
W/"6644806d-423d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
888b0317bb3a4528-TXL
expires
Mon, 22 May 2034 05:51:07 GMT
vip.79701b011.js
cdn1win.com/js/ 		190 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1win.com/js/vip.79701b011.js
Requested by
Host: cdn1win.com
URL: https://cdn1win.com/js/vipDomain.8a572e54c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
60e59888664557a991769bc2cb746cb5b1406df01e2ae8e07e14b735bbe7bb82

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 May 2024 10:58:23 GMT
server
cloudflare
etag
W/"664f214f-2f74d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
888b0317bb3d4528-TXL
expires
Mon, 22 May 2034 05:51:07 GMT
main.js
1wbest.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/ Frame DB9E
Redirect Chain
  • https://1wbest.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://1wbest.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wbest.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H3
Server
154.197.121.2 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
4431f2fa5bffb069527c4d1307c09818b0b14d626d09cabf2206b2f2b49978b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
888b0318299758ea-TXL
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 24 May 2024 05:51:07 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
888b0317b8af58ea-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
affiliate:link_visit
1wbest.com/ 		37 B
1001 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1wbest.com/affiliate:link_visit?visit_domain=1wbest.com&sub_ids=undefined
Requested by
Host: cdn1win.com
URL: https://cdn1win.com/js/vip.79701b011.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.2 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
cf-cache-status
DYNAMIC
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
content-length
37
server
cloudflare
etag
W/"25-Zj67mG54TfZ031q1ea2QwFUXWX4"
access-control-max-age
7200
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
undefined
access-control-expose-headers
Authorization
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
access-control-allow-credentials
true
cf-ray
888b03185a0a58ea-TXL
access-control-allow-headers
Content-Type, Authorization, X-Origin
en
1wbest.com/fss/translations/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://1wbest.com/fss/translations/en?domain=1wbest.com&appName=vip-domain
Requested by
Host: cdn1win.com
URL: https://cdn1win.com/js/chunk-common.c0284425b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.2 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee86ffd9d66ba6dd03a6779517d7f33742056f25cbc4014b1ce0295f6c5a1cf
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Origin
1wbest.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://1wbest.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"8c4cd-koL70fMKVpxo9bv9x2mp5duJEHY"
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
x-match-domain
1wbest.com
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Origin
cf-ray
888b03186a4558ea-TXL
alt-svc
h3=":443"; ma=86400
x-request-id
mEt1Tlwj42fcqgwV
ball.00c32fa0d-956.png
cdn1win.com/img/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1win.com/img/ball.00c32fa0d-956.png
Requested by
Host: cdn1win.com
URL: https://cdn1win.com/js/chunk-vendors.13af00704.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
56eadf0d0ad740575e937eb1f3ec73699b0b83a65aa83ab12af32b64e66bf71a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
cf-cache-status
REVALIDATED
cf-polished
origSize=60539
content-length
55491
cf-bgj
imgq:100,h2pri
last-modified
Thu, 23 May 2024 12:47:21 GMT
server
cloudflare
etag
"664f3ad9-ec7b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
888b03187d3b4528-TXL
expires
Fri, 24 May 2024 09:51:07 GMT
oval_desktop.8f2aeb981.svg
cdn1win.com/img/ 		442 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1win.com/img/oval_desktop.8f2aeb981.svg
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
e404f809b50370e2802a48b6866e55603360a7d26390a40285533525e06398a7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 23 May 2024 12:47:23 GMT
server
cloudflare
etag
W/"664f3adb-1ba"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
888b03188d5d4528-TXL
expires
Fri, 24 May 2024 09:51:07 GMT
oval_mobile.c021c21ab.svg
cdn1win.com/img/ 		442 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1win.com/img/oval_mobile.c021c21ab.svg
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
e89de209341ccdb377df6bd23cef1bf95a3b8e3033c2b129df450b6496cf5f51

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 23 May 2024 12:47:23 GMT
server
cloudflare
etag
W/"664f3adb-1ba"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
888b03188d604528-TXL
expires
Fri, 24 May 2024 09:51:07 GMT
logo.a4ede1eb0.svg
cdn1win.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1win.com/img/logo.a4ede1eb0.svg
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
997446ac4dbd97e18cc8eb0dcaa6b8d21136718a975a058d7d94d86ac70b7621

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 23 May 2024 12:47:22 GMT
server
cloudflare
etag
W/"664f3ada-7e0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
888b03188d634528-TXL
expires
Fri, 24 May 2024 09:51:07 GMT
vk.c77f501b2.svg
cdn1win.com/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1win.com/img/vk.c77f501b2.svg
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
399923e70346009de05ea614992ebfc77bdaad8eac88eb364a3fa4482f43bf2c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 23 May 2024 12:47:24 GMT
server
cloudflare
etag
W/"664f3adc-afb"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
888b03188d674528-TXL
expires
Fri, 24 May 2024 09:51:07 GMT
ok.bacaf99b0.svg
cdn1win.com/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1win.com/img/ok.bacaf99b0.svg
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
481c624f7222809daed055419646cf54e319c488807e61ee2f42e6074fc03584

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 23 May 2024 12:47:23 GMT
server
cloudflare
etag
W/"664f3adb-cbe"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
888b03189d6b4528-TXL
expires
Fri, 24 May 2024 09:51:07 GMT
g+.54da64268.svg
cdn1win.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1win.com/img/g+.54da64268.svg
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
7df240d31584fde66a4420bce4b7e2702686f5697ad6b1ccb8c4e9fe3f911cc9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 23 May 2024 12:47:22 GMT
server
cloudflare
etag
W/"664f3ada-7b2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
888b03189d6d4528-TXL
expires
Fri, 24 May 2024 09:51:07 GMT
api.js
www.google.com/recaptcha/ 		1 KB
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: cdn1win.com
URL: https://cdn1win.com/js/vip.79701b011.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f4.1e100.net
Software
GSE /
Resource Hash
b41e2aeede535ac85f5df5d9372090a3640bd3b6c27839188aae426f3da77860
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 24 May 2024 05:51:07 GMT
ball.bd6eba87.webm
cdn1win.com/media/ 		572 KB
572 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn1win.com/media/ball.bd6eba87.webm
Requested by
Host: 1wbest.com
URL: https://1wbest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
7fdb426667d689498c9354a144d255bb47c808f8eb367b15cfc92dc2c7f757e7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://1wbest.com/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
cf-cache-status
HIT
last-modified
Thu, 23 May 2024 10:14:31 GMT
server
cloudflare
age
69203
etag
"664f1707-8eeee"
vary
Accept-Encoding
content-type
video/webm
access-control-allow-origin
*
Content-Range
bytes 0-585453/585454
cache-control
public, max-age=315360000
cf-ray
888b03189d934528-TXL
Content-Length
585454
expires
Mon, 22 May 2034 05:51:07 GMT
SFNSText-latin.f09aa5229.woff2
cdn1win.com/font/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn1win.com/font/SFNSText-latin.f09aa5229.woff2
Requested by
Host: cdn1win.com
URL: https://cdn1win.com/css/vipDomain.3844324dd.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdn1win.com/css/vipDomain.3844324dd.css
Origin
https://1wbest.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
cf-cache-status
HIT
last-modified
Tue, 21 May 2024 14:07:41 GMT
server
cloudflare
age
220238
etag
"664caaad-a9f8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
888b031918cb44f8-TXL
content-length
43512
expires
Mon, 22 May 2034 05:51:07 GMT
888b0315094458f0
1wbest.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame DB9E 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1wbest.com/cdn-cgi/challenge-platform/h/b/jsd/r/888b0315094458f0
Requested by
Host: 1wbest.com
URL: https://1wbest.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.2 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 May 2024 05:51:07 GMT
server
cloudflare
cf-ray
888b03191c0d58ea-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8
recaptcha__de.js
www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/ 		526 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/joHA60MeME-PNviL59xVH9zs/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4689d94dc41ea32f15bc7f216bf276e4cc0dd5125057ecd3d793b4d1daee8a4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Origin
https://1wbest.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 18:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
213445
x-xss-protection
0
last-modified
Mon, 20 May 2024 04:00:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 May 2025 18:06:18 GMT
favicon-32x32.png
1wbest.com/img/icons/ 		536 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://1wbest.com/img/icons/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.2 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
82dcbd3db370fd49d3a130886970cfd48796750ab3767c8b6985a2bf825b250b
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1wbest.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 05:51:08 GMT
cf-cache-status
MISS
last-modified
Thu, 23 May 2024 11:45:03 GMT
server
cloudflare
etag
"664f2c3f-218"
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
888b031b494958ea-TXL
alt-svc
h3=":443"; ma=86400
content-length
536
expires
Mon, 22 May 2034 05:51:08 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| INITIAL_DATA function| clearImmediate function| setImmediate object| lang function| deepFreeze object| LangEnum string| releaseTag string| buildName object| webpackChunk_1win_frontend_main object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| dataLayer boolean| __VUE_PROD_HYDRATION_MISMATCH_DETAILS__ boolean| __VUE__ object| socket object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

5 Cookies

Domain/Path Name / Value
.1wbest.com/ Name: __cf_bm
Value: DB5EQn3AN249qjs83dj9I47zMNBgCtYpZtMt7F0iTEw-1716529867-1.0.1.1-K8XaHSnJn5ZrRDQxOtDVP1CqGZ0FAohrrE1AJezSVl5Pwt4rtShsmYNYRL82auoyfBhSoQ03_O2Hw25j6Kgs2w
.1wbest.com/ Name: _cfuvid
Value: 7tU_9QIDojdgUmJ6rZpTEpGgyt7XZzDocqinR_Rsiuk-1716529867137-0.0.1.1-604800000
1wbest.com/ Name: visit_domain
Value: 1wbest.com
1wbest.com/ Name: core-sticky
Value: http://10.233.84.204:8090
.1wbest.com/ Name: cf_clearance
Value: aa4X77KyKpSteJEvoFtb724nxepyy57.V5wl0zaJBWo-1716529867-1.0.1.1-APDsaawiLfTYlWmrkBE14xfTrpdgBpi8p7hyHxZa_R18xt4ufFHYHPOxauXUxEOWmZ8asuUMkiMXvTifp8Z4QQ

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://1wbest.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1wbest.com
cdn1win.com
www.google.com
www.gstatic.com
154.197.121.128
154.197.121.2
172.217.16.196
2a00:1450:4001:811::2003
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6
23895d885adda7079fd376bd4cae566bd2c2e926a8d71a251ec4207fb404ed44
2a8913098e0581aa8b14d10aaf8de78ab606c4c34b344a944d400ae549f36145
399923e70346009de05ea614992ebfc77bdaad8eac88eb364a3fa4482f43bf2c
42bc3e0e344761cd300d50fb5a7cef711a6f9b1ab060aa783a17822661fae48a
4431f2fa5bffb069527c4d1307c09818b0b14d626d09cabf2206b2f2b49978b3
4689d94dc41ea32f15bc7f216bf276e4cc0dd5125057ecd3d793b4d1daee8a4f
481c624f7222809daed055419646cf54e319c488807e61ee2f42e6074fc03584
56eadf0d0ad740575e937eb1f3ec73699b0b83a65aa83ab12af32b64e66bf71a
60e59888664557a991769bc2cb746cb5b1406df01e2ae8e07e14b735bbe7bb82
61c74522db7553d2a0c0182eafeb536ae75ffa3e1007bbb15669de8997a0de67
66cffd73c0461f1f00e1fd25f4f1c63f1263183456eb005d024c24890ca5ebc6
74141536ef43287f9124ac9f363c769891c4dd6428988563922c5dfd1507603a
7df240d31584fde66a4420bce4b7e2702686f5697ad6b1ccb8c4e9fe3f911cc9
7fdb426667d689498c9354a144d255bb47c808f8eb367b15cfc92dc2c7f757e7
82dcbd3db370fd49d3a130886970cfd48796750ab3767c8b6985a2bf825b250b
8c97a25eb4f211d1c5d92ef04c8036790757e02ad24303889a20fa44911bb658
997446ac4dbd97e18cc8eb0dcaa6b8d21136718a975a058d7d94d86ac70b7621
9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f
9ee86ffd9d66ba6dd03a6779517d7f33742056f25cbc4014b1ce0295f6c5a1cf
a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb
b41e2aeede535ac85f5df5d9372090a3640bd3b6c27839188aae426f3da77860
ce68e1614ab493deaecfa6eb9711736de0348248e1d559b5f6dfb5dc4c29b459
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e404f809b50370e2802a48b6866e55603360a7d26390a40285533525e06398a7
e89de209341ccdb377df6bd23cef1bf95a3b8e3033c2b129df450b6496cf5f51