urlscan.io logo urlscan.io
SecurityTrails logo

1xbet.com Open in urlscan Pro
2606:4700:4400::ac40:92c0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s.viiudkje.com/h/1079/m2quuqnqsz7fvmp553aitlgjwktuk5523lj6bkhizz5hrl2llzbfiwaloyuxipm2rti6gra3esxez32m75bkxzdkq...
Effective URL: https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee...
Submission: On November 25 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2606:4700:4400::ac40:92c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1xbet.com. The Cisco Umbrella rank of the primary domain is 292255.
TLS certificate: Issued by GTS CA 1P5 on November 19th 2023. Valid for: 3 months.
This is the only time 1xbet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 185.98.54.153 39572 (ADVANCEDH...)
1 1 45.135.120.2 56630 (MELBICOM-...)
1 3 2606:4700:440... 13335 (CLOUDFLAR...)
7 67.26.139.250 3356 (LEVEL3)
11 3
Apex Domain
Subdomains		 Transfer
7 traincdn.com
v2l.traincdn.com — Cisco Umbrella Rank: 454880
352 KB
3 1xbet.com
1xbet.com — Cisco Umbrella Rank: 292255
32 KB
2 viiudkje.com
s.viiudkje.com
21 KB
1 refpaucqkl.top
refpaucqkl.top — Cisco Umbrella Rank: 286851
290 B
11 4
Domain Requested by
7 v2l.traincdn.com 1xbet.com
v2l.traincdn.com
3 1xbet.com 1 redirects 1xbet.com
2 s.viiudkje.com s.viiudkje.com
1 refpaucqkl.top 1 redirects
11 4

This site contains no links.

Subject Issuer Validity Valid
viiudkje.com
R3		 2023-10-20 -
2024-01-18		 3 months crt.sh
1xbet.com
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.traincdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-02 -
2024-12-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
Frame ID: EC6A47E2EFDC41A953D6A308676B4624
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access to website is restricted

Page URL History Show full URLs

  1. https://s.viiudkje.com/h/1079/m2quuqnqsz7fvmp553aitlgjwktuk5523lj6bkhizz5hrl2llzbfiwaloyuxipm2rti6g... Page URL
  2. https://refpaucqkl.top/L?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7... HTTP 303
    https://1xbet.com/nl?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv... HTTP 308
    https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv... Page URL

Page Statistics

11
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

404 kB
Transfer

1175 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s.viiudkje.com/h/1079/m2quuqnqsz7fvmp553aitlgjwktuk5523lj6bkhizz5hrl2llzbfiwaloyuxipm2rti6gra3esxez32m75bkxzdkqjz7zu2szbf65rxm2dn7nbgtzvfyavz7ujzftxsm2lpkty3qqvr3r2em3bi7asgovclnnmvwt2ejes6ykrfoq4krmydoqrt77nzxblzqcqkf435ajbx3m3srwnfwt53oyk3bdqcbvxyxddk373sy5edxwayxa63zrbz3pmnn3ji2wsxqowcussowjsjlpve5jp5eatlsizcvec2difhwird3lj7fqzd6pjlecxt7pbrhw5cc4mzezecatcby333j5b3ho3xdoh6w7jdikljulgltmxbe2uwyi5zpgm4n2tw4ktddazvm5c7ipnapfxkflzwxayyrnml7gqbax5h6u4w46vfoqrmn2j4z2y55wf2yeuktfeadawzufv4agqiofr7taklwcztfo6doe4zcmrsgazirisy6gzaxyx3x5rjevqldroknas6ojjlm4ujb7kexzesb5utcwcvhobx6pilstzcnttvbsx4jpf7oirgb2scxmzjs6ybhgytecwcqabaugvlfcr4a622vgn7xctcplyxhszrkozbwuvjlhzkpdgxjugj5zq6re54pbyex7zvretmyszyl7pkpa2mnli7rgmk5rexr3v6rl47dwkgybl4pwwiuotqpipiw23j2ei6ceodylr6fokjley4dmhyrhviqoli3eajsymjhbassopj6a4bdqjr6e43bwjsuci4sm6rccngviasgcyogqqlhbnzquylgpqbbgwthoe3s2626mibs4prhmz2eeqkrbndvygz7dv2v5l3lpbextmnt5lqu43d5jjzexomol5si3utzlagsa4oiju6ozysxp6gnpbflfqks35ijkzeef666ev4godcdcnsr25sdnt3zgaoiks5xs===?u=https://refpaucqkl.top/L?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder Page URL
  2. https://refpaucqkl.top/L?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder HTTP 303
    https://1xbet.com/nl?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder HTTP 308
    https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
m2quuqnqsz7fvmp553aitlgjwktuk5523lj6bkhizz5hrl2llzbfiwaloyuxipm2rti6gra3esxez32m75bkxzdkqjz7zu2szbf65rxm2dn7nbgtzvfyavz7ujzftxsm2lpkty3qqvr3r2em3bi7asgovclnnmvwt2ejes6ykrfoq4krmydoqrt77nzxblzqcqkf4...
s.viiudkje.com/h/1079/ 		50 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.viiudkje.com/h/1079/m2quuqnqsz7fvmp553aitlgjwktuk5523lj6bkhizz5hrl2llzbfiwaloyuxipm2rti6gra3esxez32m75bkxzdkqjz7zu2szbf65rxm2dn7nbgtzvfyavz7ujzftxsm2lpkty3qqvr3r2em3bi7asgovclnnmvwt2ejes6ykrfoq4krmydoqrt77nzxblzqcqkf435ajbx3m3srwnfwt53oyk3bdqcbvxyxddk373sy5edxwayxa63zrbz3pmnn3ji2wsxqowcussowjsjlpve5jp5eatlsizcvec2difhwird3lj7fqzd6pjlecxt7pbrhw5cc4mzezecatcby333j5b3ho3xdoh6w7jdikljulgltmxbe2uwyi5zpgm4n2tw4ktddazvm5c7ipnapfxkflzwxayyrnml7gqbax5h6u4w46vfoqrmn2j4z2y55wf2yeuktfeadawzufv4agqiofr7taklwcztfo6doe4zcmrsgazirisy6gzaxyx3x5rjevqldroknas6ojjlm4ujb7kexzesb5utcwcvhobx6pilstzcnttvbsx4jpf7oirgb2scxmzjs6ybhgytecwcqabaugvlfcr4a622vgn7xctcplyxhszrkozbwuvjlhzkpdgxjugj5zq6re54pbyex7zvretmyszyl7pkpa2mnli7rgmk5rexr3v6rl47dwkgybl4pwwiuotqpipiw23j2ei6ceodylr6fokjley4dmhyrhviqoli3eajsymjhbassopj6a4bdqjr6e43bwjsuci4sm6rccngviasgcyogqqlhbnzquylgpqbbgwthoe3s2626mibs4prhmz2eeqkrbndvygz7dv2v5l3lpbextmnt5lqu43d5jjzexomol5si3utzlagsa4oiju6ozysxp6gnpbflfqks35ijkzeef666ev4godcdcnsr25sdnt3zgaoiks5xs===?u=https://refpaucqkl.top/L?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.98.54.153 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
9f73073da31d3256b6ba0805b01e11c13b447a100ba31a34c053e2ec80dfdb82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Width, Viewport-Width, DPR, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
cache-control
no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 25 Nov 2023 12:03:53 GMT
server
nginx/1.23.2
vary
Accept-Encoding
index
s.viiudkje.com/cnt/api/ 		0
223 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s.viiudkje.com/cnt/api/index
Requested by
Host: s.viiudkje.com
URL: https://s.viiudkje.com/h/1079/m2quuqnqsz7fvmp553aitlgjwktuk5523lj6bkhizz5hrl2llzbfiwaloyuxipm2rti6gra3esxez32m75bkxzdkqjz7zu2szbf65rxm2dn7nbgtzvfyavz7ujzftxsm2lpkty3qqvr3r2em3bi7asgovclnnmvwt2ejes6ykrfoq4krmydoqrt77nzxblzqcqkf435ajbx3m3srwnfwt53oyk3bdqcbvxyxddk373sy5edxwayxa63zrbz3pmnn3ji2wsxqowcussowjsjlpve5jp5eatlsizcvec2difhwird3lj7fqzd6pjlecxt7pbrhw5cc4mzezecatcby333j5b3ho3xdoh6w7jdikljulgltmxbe2uwyi5zpgm4n2tw4ktddazvm5c7ipnapfxkflzwxayyrnml7gqbax5h6u4w46vfoqrmn2j4z2y55wf2yeuktfeadawzufv4agqiofr7taklwcztfo6doe4zcmrsgazirisy6gzaxyx3x5rjevqldroknas6ojjlm4ujb7kexzesb5utcwcvhobx6pilstzcnttvbsx4jpf7oirgb2scxmzjs6ybhgytecwcqabaugvlfcr4a622vgn7xctcplyxhszrkozbwuvjlhzkpdgxjugj5zq6re54pbyex7zvretmyszyl7pkpa2mnli7rgmk5rexr3v6rl47dwkgybl4pwwiuotqpipiw23j2ei6ceodylr6fokjley4dmhyrhviqoli3eajsymjhbassopj6a4bdqjr6e43bwjsuci4sm6rccngviasgcyogqqlhbnzquylgpqbbgwthoe3s2626mibs4prhmz2eeqkrbndvygz7dv2v5l3lpbextmnt5lqu43d5jjzexomol5si3utzlagsa4oiju6ozysxp6gnpbflfqks35ijkzeef666ev4godcdcnsr25sdnt3zgaoiks5xs===?u=https://refpaucqkl.top/L?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.98.54.153 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash

Request headers

device-memory
8
Referer
https://s.viiudkje.com/h/1079/m2quuqnqsz7fvmp553aitlgjwktuk5523lj6bkhizz5hrl2llzbfiwaloyuxipm2rti6gra3esxez32m75bkxzdkqjz7zu2szbf65rxm2dn7nbgtzvfyavz7ujzftxsm2lpkty3qqvr3r2em3bi7asgovclnnmvwt2ejes6ykrfoq4krmydoqrt77nzxblzqcqkf435ajbx3m3srwnfwt53oyk3bdqcbvxyxddk373sy5edxwayxa63zrbz3pmnn3ji2wsxqowcussowjsjlpve5jp5eatlsizcvec2difhwird3lj7fqzd6pjlecxt7pbrhw5cc4mzezecatcby333j5b3ho3xdoh6w7jdikljulgltmxbe2uwyi5zpgm4n2tw4ktddazvm5c7ipnapfxkflzwxayyrnml7gqbax5h6u4w46vfoqrmn2j4z2y55wf2yeuktfeadawzufv4agqiofr7taklwcztfo6doe4zcmrsgazirisy6gzaxyx3x5rjevqldroknas6ojjlm4ujb7kexzesb5utcwcvhobx6pilstzcnttvbsx4jpf7oirgb2scxmzjs6ybhgytecwcqabaugvlfcr4a622vgn7xctcplyxhszrkozbwuvjlhzkpdgxjugj5zq6re54pbyex7zvretmyszyl7pkpa2mnli7rgmk5rexr3v6rl47dwkgybl4pwwiuotqpipiw23j2ei6ceodylr6fokjley4dmhyrhviqoli3eajsymjhbassopj6a4bdqjr6e43bwjsuci4sm6rccngviasgcyogqqlhbnzquylgpqbbgwthoe3s2626mibs4prhmz2eeqkrbndvygz7dv2v5l3lpbextmnt5lqu43d5jjzexomol5si3utzlagsa4oiju6ozysxp6gnpbflfqks35ijkzeef666ev4godcdcnsr25sdnt3zgaoiks5xs===?u=https://refpaucqkl.top/L?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
dpr
1
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
viewport-width
1600
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 25 Nov 2023 12:03:53 GMT
server
nginx/1.23.2
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://s.viiudkje.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type
content-length
0
Primary Request en
1xbet.com/
Redirect Chain
  • https://refpaucqkl.top/L?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
  • https://1xbet.com/nl?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
  • https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
29 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:92c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e020f16cd3aaf64fb816cd5a4cc58adcf110d5c2460f7e2f236d260a61f57c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://s.viiudkje.com/h/1079/m2quuqnqsz7fvmp553aitlgjwktuk5523lj6bkhizz5hrl2llzbfiwaloyuxipm2rti6gra3esxez32m75bkxzdkqjz7zu2szbf65rxm2dn7nbgtzvfyavz7ujzftxsm2lpkty3qqvr3r2em3bi7asgovclnnmvwt2ejes6ykrfoq4krmydoqrt77nzxblzqcqkf435ajbx3m3srwnfwt53oyk3bdqcbvxyxddk373sy5edxwayxa63zrbz3pmnn3ji2wsxqowcussowjsjlpve5jp5eatlsizcvec2difhwird3lj7fqzd6pjlecxt7pbrhw5cc4mzezecatcby333j5b3ho3xdoh6w7jdikljulgltmxbe2uwyi5zpgm4n2tw4ktddazvm5c7ipnapfxkflzwxayyrnml7gqbax5h6u4w46vfoqrmn2j4z2y55wf2yeuktfeadawzufv4agqiofr7taklwcztfo6doe4zcmrsgazirisy6gzaxyx3x5rjevqldroknas6ojjlm4ujb7kexzesb5utcwcvhobx6pilstzcnttvbsx4jpf7oirgb2scxmzjs6ybhgytecwcqabaugvlfcr4a622vgn7xctcplyxhszrkozbwuvjlhzkpdgxjugj5zq6re54pbyex7zvretmyszyl7pkpa2mnli7rgmk5rexr3v6rl47dwkgybl4pwwiuotqpipiw23j2ei6ceodylr6fokjley4dmhyrhviqoli3eajsymjhbassopj6a4bdqjr6e43bwjsuci4sm6rccngviasgcyogqqlhbnzquylgpqbbgwthoe3s2626mibs4prhmz2eeqkrbndvygz7dv2v5l3lpbextmnt5lqu43d5jjzexomol5si3utzlagsa4oiju6ozysxp6gnpbflfqks35ijkzeef666ev4godcdcnsr25sdnt3zgaoiks5xs===?u=https://refpaucqkl.top/L?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
82b9c044fd6ebbec-FRA
content-type
text/html; charset=UTF-8
date
Sat, 25 Nov 2023 12:03:54 GMT
server
cloudflare
server-timing
p;dur=321
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-block
505
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
82b9c0445cb3bbec-FRA
content-type
text/html; charset=UTF-8
date
Sat, 25 Nov 2023 12:03:53 GMT
location
https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
server
cloudflare
server-timing
p;dur=48 wf-uht;dur=0.057
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
x-reason
1079,1016
vendor.f98438d5639b93639ac7.js
v2l.traincdn.com/bundle/library/ 		402 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2l.traincdn.com/bundle/library/vendor.f98438d5639b93639ac7.js
Requested by
Host: 1xbet.com
URL: https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.26.139.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
b2207546d084746dd412f6a593eca729abaecba298cd46a018954e7e8fc8fa85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1xbet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 12:03:54 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 16 Nov 2023 07:21:52 GMT
server
nginx
age
793560
etag
W/"6555c310-64620"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
wf-uht;dur=0.034
accept-ranges
bytes
content-length
142075
expires
Sat, 16 Dec 2023 07:37:56 GMT
dictionary_da668e55be5a38fa0e87dda9298a9f82.js
v2l.traincdn.com/genfiles/web-app-v2/dictionary/prod/main/en/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2l.traincdn.com/genfiles/web-app-v2/dictionary/prod/main/en/dictionary_da668e55be5a38fa0e87dda9298a9f82.js
Requested by
Host: 1xbet.com
URL: https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.26.139.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
b2bec6820abbd67611f91d9b08b4fc44611c30c378d09fe922fc9678c9c2bf85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1xbet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 12:03:54 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 24 Nov 2023 09:42:05 GMT
server
nginx
age
578
etag
W/"da668e55be5a38fa0e87dda9298a9f82"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
server-timing
wf-uht;dur=0.028
accept-ranges
bytes
content-length
25782
expires
Sat, 25 Nov 2023 12:04:16 GMT
main.1cbb4b4898be46a86464798dcd98328d.css
v2l.traincdn.com/styles/css/block-country/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v2l.traincdn.com/styles/css/block-country/main.1cbb4b4898be46a86464798dcd98328d.css
Requested by
Host: 1xbet.com
URL: https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.26.139.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
8a5439bb1c42dad55ff3a1b9fb07b915e1b04b7824c9321cac3bcc6acc821e31
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1xbet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 12:03:54 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 14 Sep 2023 08:59:21 GMT
server
nginx
age
1047597
etag
W/"6502cb69-44be"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
wf-uht;dur=0.012
accept-ranges
bytes
content-length
4210
expires
Wed, 13 Dec 2023 09:03:58 GMT
application.95b0492b60371aeac5d5.css
v2l.traincdn.com/bundle/app/Application/Desktop/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v2l.traincdn.com/bundle/app/Application/Desktop/application.95b0492b60371aeac5d5.css
Requested by
Host: 1xbet.com
URL: https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.26.139.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
a8a9240d1c21cb0b2c929730cf2091d58aca95b616b60519480432fc8ebdee47
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1xbet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 12:03:54 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 17 Nov 2023 13:02:47 GMT
server
nginx
age
462980
etag
W/"65576477-792c"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
wf-uht;dur=0.005
accept-ranges
bytes
content-length
7970
expires
Wed, 20 Dec 2023 03:27:37 GMT
cdnChecker.9a0aee07aecd2a517c79.bundle.js
1xbet.com/bundle/app/Default/Desktop/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1xbet.com/bundle/app/Default/Desktop/cdnChecker.9a0aee07aecd2a517c79.bundle.js
Requested by
Host: 1xbet.com
URL: https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:92c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2920c4d7e0e4c9a6a3f9d1703ac7408c3ecc94f262da74ad184ea3afdade5778
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 12:03:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Nov 2023 13:02:31 GMT
server
cloudflare
age
78538
etag
W/"65609ee7-c75"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
server-timing
wf-uht;dur=0.002
cf-ray
82b9c0475b0730c4-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 25 Nov 2023 14:14:56 GMT
application.df0fd179702c87b97a3e.bundle.js
v2l.traincdn.com/bundle/app/Application/Desktop/ 		575 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2l.traincdn.com/bundle/app/Application/Desktop/application.df0fd179702c87b97a3e.bundle.js
Requested by
Host: 1xbet.com
URL: https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.26.139.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
86ab0447b547d78c109e7111781e821a962f6ef69a3592dc3a7ce5766f7e9b3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1xbet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 12:03:54 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 24 Nov 2023 12:35:44 GMT
server
nginx
age
83709
etag
W/"656098a0-8fca7"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
wf-uht;dur=0.004
accept-ranges
bytes
content-length
174382
expires
Sun, 24 Dec 2023 12:48:59 GMT
cdn_checker.png
v2l.traincdn.com/default/img/ 		95 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v2l.traincdn.com/default/img/cdn_checker.png
Requested by
Host: 1xbet.com
URL: https://1xbet.com/en?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.26.139.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1xbet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 12:03:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Thu, 24 Aug 2023 06:07:45 GMT
server
nginx
age
3378
etag
"64e6f3b1-5f"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
wf-uht;dur=0.001
accept-ranges
bytes
content-length
95
expires
Sat, 25 Nov 2023 12:07:37 GMT
BlockStub.BlockCountry.43696e8f99fe785c6884.chunk.js
v2l.traincdn.com/bundle/app/Application/Desktop/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2l.traincdn.com/bundle/app/Application/Desktop/BlockStub.BlockCountry.43696e8f99fe785c6884.chunk.js
Requested by
Host: v2l.traincdn.com
URL: https://v2l.traincdn.com/bundle/app/Application/Desktop/application.df0fd179702c87b97a3e.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.26.139.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
bcc954fe7a67cdb8dc9540a742380fcf6fea8db4dc1b69e2ce773527ec5fadab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1xbet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 12:03:54 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 17 Nov 2023 10:29:53 GMT
server
nginx
age
695914
etag
W/"655740a1-2187"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
wf-uht;dur=0.001
accept-ranges
bytes
content-length
3058
expires
Sun, 17 Dec 2023 10:45:20 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture boolean| SUPPORT_MULTI_ACCOUNTS boolean| SUPPORT_MULTI_ACCOUNTS_POPUP_VISIBLE string| SN1 string| SN2 string| SN3 string| ENV_SVC number| GGRU string| _GRANT_1700931609 string| MAIN_CDN string| CLOUD_CDN string| CURRENT_IP object| AUTH_DICTIONARY object| PENALTY_MINI_GAME object| BLOCK_STUB_DICTIONARY string| BLOCK_STUB_SITE_UPDATE string| COMPANY_LOGO_HEADER_URL string| COMPANY_NAME object| PARAMS number| GROUP_ID string| COUNTRY string| COUNTRY_NAME string| PARTNER_LICENSE object| SOCIAL_LINKS string| SUPPORT_EMAIL boolean| WITH_SUPPORT_EMAIL string| DOMAIN_NAME boolean| NEED_VPN_WARNING boolean| IS_SHOW_DROPDOWN_BLOCK boolean| SHOW_22_BET_AFRICA_BLOCK boolean| IS_ALTERNATIVE_BLOCK_COUNTRY boolean| IS_ALTERNATIVE_BLOCK_COUNTRY_STUB_TEXT string| LOGO_IMAGE string| SUPPORT_PHONE boolean| IS_IFRAME_PARTNER object| CONFIG function| vendor_f98438d5639b93639ac7 object| dictionary object| cdnChecker object| application object| webpackJsonp_name_ object| regeneratorRuntime function| setImmediate function| clearImmediate object| __core-js_shared__ object| core function| sendAnalyticsData

13 Cookies

Domain/Path Name / Value
1xbet.com/ Name: SESSION
Value: 0d8723116a36ecff9b0e91ae50a4aecb
1xbet.com/ Name: _glhf
Value: 1700931609
1xbet.com/ Name: dnb
Value: 1
1xbet.com/ Name: auid
Value: mjmZBWVh4qkE+3sVB3p+Ag==
1xbet.com/ Name: referral_values
Value: %7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_51749m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnewpb%5B%5Dgeneral%5B%5D1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%2C%22ref_partner_id%22%3Anull%2C%22bw_%22%3Anull%7D%7D
1xbet.com/ Name: is_rtl
Value: 1
1xbet.com/ Name: visit
Value: 1-4dce702c30576f8c5dcbe8e70bc0090e
1xbet.com/ Name: reflinkid
Value: d_51749m_16303c_%5B%5DMS%5B%5Dnull%5B%5Dnewpb%5B%5Dgeneral%5B%5D1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder
1xbet.com/ Name: fast_coupon
Value: true
1xbet.com/ Name: v3fr
Value: 1
1xbet.com/ Name: lng
Value: en
1xbet.com/ Name: flaglng
Value: en
1xbet.com/ Name: tzo
Value: 1

1 Console Messages

Source Level URL
Text
security warning URL: https://s.viiudkje.com/h/1079/m2quuqnqsz7fvmp553aitlgjwktuk5523lj6bkhizz5hrl2llzbfiwaloyuxipm2rti6gra3esxez32m75bkxzdkqjz7zu2szbf65rxm2dn7nbgtzvfyavz7ujzftxsm2lpkty3qqvr3r2em3bi7asgovclnnmvwt2ejes6ykrfoq4krmydoqrt77nzxblzqcqkf435ajbx3m3srwnfwt53oyk3bdqcbvxyxddk373sy5edxwayxa63zrbz3pmnn3ji2wsxqowcussowjsjlpve5jp5eatlsizcvec2difhwird3lj7fqzd6pjlecxt7pbrhw5cc4mzezecatcby333j5b3ho3xdoh6w7jdikljulgltmxbe2uwyi5zpgm4n2tw4ktddazvm5c7ipnapfxkflzwxayyrnml7gqbax5h6u4w46vfoqrmn2j4z2y55wf2yeuktfeadawzufv4agqiofr7taklwcztfo6doe4zcmrsgazirisy6gzaxyx3x5rjevqldroknas6ojjlm4ujb7kexzesb5utcwcvhobx6pilstzcnttvbsx4jpf7oirgb2scxmzjs6ybhgytecwcqabaugvlfcr4a622vgn7xctcplyxhszrkozbwuvjlhzkpdgxjugj5zq6re54pbyex7zvretmyszyl7pkpa2mnli7rgmk5rexr3v6rl47dwkgybl4pwwiuotqpipiw23j2ei6ceodylr6fokjley4dmhyrhviqoli3eajsymjhbassopj6a4bdqjr6e43bwjsuci4sm6rccngviasgcyogqqlhbnzquylgpqbbgwthoe3s2626mibs4prhmz2eeqkrbndvygz7dv2v5l3lpbextmnt5lqu43d5jjzexomol5si3utzlagsa4oiju6ozysxp6gnpbflfqks35ijkzeef666ev4godcdcnsr25sdnt3zgaoiks5xs===?u=https://refpaucqkl.top/L?tag=d_51749m_16303c_[]MS[]null[]newpb[]general[]1390683034850809-1560-cnv7df1b6cf7fa4e5a56cee73dcf9ff1611_d29072_l117898_clickunder(Line 10)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.