urlscan.io logo urlscan.io
SecurityTrails logo

www.qbet.com Open in urlscan Pro
18.173.205.83  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bio.r7x.com.br/firWR
Effective URL: https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Submission: On April 28 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 6 countries across 11 domains to perform 20 HTTP transactions. The main IP is 18.173.205.83, located in United States and belongs to AMAZON-02, US. The main domain is www.qbet.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 19th 2023. Valid for: a year.
This is the only time www.qbet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 177.154.191.136 53038 (IDC19)
3 193.233.203.207 200019 (ALEXHOST)
2 2 34.76.189.27 396982 (GOOGLE-CL...)
1 1 104.155.67.59 15169 (GOOGLE)
2 2 35.177.216.197 16509 (AMAZON-02)
1 1 159.65.59.14 14061 (DIGITALOC...)
1 1 104.18.190.136 13335 (CLOUDFLAR...)
10 18.173.205.83 16509 (AMAZON-02)
1 2a00:1450:400... ()
2 104.18.70.113 ()
1 18.245.62.47 ()
2 34.102.211.197 ()
1 104.18.72.113 ()
20 7
1    177.154.191.136 (Brazil)

ASN53038 (IDC19 - WDI SOLUCOES EM TEC INFORMACAO LTDA, BR)
PTR: br.luke9050.com.br
bio.r7x.com.br
3    193.233.203.207 (Chisinau, Moldova)

ASN200019 (ALEXHOST, MD)
PTR: sdf.green.com
193.233.203.207
2    34.76.189.27 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 27.189.76.34.bc.googleusercontent.com
poterelo.com
1    104.155.67.59 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 59.67.155.104.bc.googleusercontent.com
change-route2.com
2    35.177.216.197 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-216-197.eu-west-2.compute.amazonaws.com
run472.com
1    159.65.59.14 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
youribex.com
1    104.18.190.136 (None, )

ASN13335 (CLOUDFLARENET, US)
record.qbetpartners.com
10    18.173.205.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-83.fra56.r.cloudfront.net
www.qbet.com
1    2a00:1450:4001:80f::200a (None, )

ASN- ()
fonts.googleapis.com
2    104.18.70.113 (None, )

ASN- ()
static.zdassets.com
1    18.245.62.47 (None, )

ASN- ()
d21jjud8qm9a0b.cloudfront.net
2    34.102.211.197 (None, )

ASN- ()
v9zh3uzt.apicdn.sanity.io
1    104.18.72.113 (None, )

ASN- ()
ekr.zdassets.com
Domain Requested by
10 www.qbet.com 193.233.203.207
www.qbet.com
2 v9zh3uzt.apicdn.sanity.io www.qbet.com
2 static.zdassets.com www.qbet.com
static.zdassets.com
2 run472.com 2 redirects
2 poterelo.com 2 redirects
1 ekr.zdassets.com static.zdassets.com
1 d21jjud8qm9a0b.cloudfront.net www.qbet.com
1 fonts.googleapis.com www.qbet.com
1 record.qbetpartners.com 1 redirects
1 youribex.com 1 redirects
1 change-route2.com 1 redirects
1 bio.r7x.com.br 1 redirects
20 12

This site contains no links.

Subject Issuer Validity Valid
qbet123.com
Amazon RSA 2048 M01		 2023-07-19 -
2024-08-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
zdassets.com
E1		 2024-03-03 -
2024-06-01		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.apicdn.sanity.io
Sectigo RSA Domain Validation Secure Server CA		 2023-10-10 -
2024-09-30		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Frame ID: 7059D391242D9A8CED97F0CFAC8A4533
Requests: 18 HTTP requests in this frame

Frame: https://www.qbet.com/assets/qbet-spinner-fb9e169a.svg
Frame ID: CA127793B31F45AD6D1ADCA6B10177B0
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js
Frame ID: 37E3EF886E63BC2B3790BFE3F804A897
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

QBet.com

Page URL History Show full URLs

  1. https://bio.r7x.com.br/firWR HTTP 301
    http://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15 HTTP 307
    https://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15 HTTP 307
    http://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15 Page URL
  2. http://193.233.203.207/t/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15 Page URL
  3. https://poterelo.com/?a=4765&oc=15356&c=42534&m=3&s1=15&s2=43-11645&s3=0-0-0 HTTP 302
    https://poterelo.com/?a=4765&oc=15356&c=42534&m=3&s1=15&s2=43-11645&s3=0-0-0&ch-redir=1&ckmxid=co... HTTP 302
    https://change-route2.com/?a=4765&oc=15356&c=42534&m=3&s1=15&s2=43-11645&s3=0-0-0&ch-redir=1&ckmxid=co... HTTP 302
    https://run472.com/?a=4965&c=3219&s1=4765&s2=363149178 HTTP 302
    https://run472.com/?a=4965&c=3219&s1=4765&s2=363149178&ch-redir=1&ckmxid=comtntnk00018i2ju660 HTTP 302
    https://youribex.com/?a=4965&c=3219&s1=4765&s2=363149178&ch-redir=1&ckmxid=comtntnk00018i2ju660&c... HTTP 302
    https://record.qbetpartners.com/_VwvbcOWFNNkLak7-PYDSdWNd7ZgqdRLk/1/?payload=2529-11378241 HTTP 301
    https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

85 %
HTTPS

8 %
IPv6

11
Domains

12
Subdomains

7
IPs

6
Countries

743 kB
Transfer

2513 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bio.r7x.com.br/firWR HTTP 301
    http://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15 HTTP 307
    https://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15 HTTP 307
    http://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15 Page URL
  2. http://193.233.203.207/t/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15 Page URL
  3. https://poterelo.com/?a=4765&oc=15356&c=42534&m=3&s1=15&s2=43-11645&s3=0-0-0 HTTP 302
    https://poterelo.com/?a=4765&oc=15356&c=42534&m=3&s1=15&s2=43-11645&s3=0-0-0&ch-redir=1&ckmxid=comtntnp0000qc5crm70 HTTP 302
    https://change-route2.com/?a=4765&oc=15356&c=42534&m=3&s1=15&s2=43-11645&s3=0-0-0&ch-redir=1&ckmxid=comtntnp0000qc5crm70&ckmguid=44db69ee-dd04-4341-8656-5dcec7c8b7b3 HTTP 302
    https://run472.com/?a=4965&c=3219&s1=4765&s2=363149178 HTTP 302
    https://run472.com/?a=4965&c=3219&s1=4765&s2=363149178&ch-redir=1&ckmxid=comtntnk00018i2ju660 HTTP 302
    https://youribex.com/?a=4965&c=3219&s1=4765&s2=363149178&ch-redir=1&ckmxid=comtntnk00018i2ju660&ckmguid=300e16b1-3251-4d33-8310-d3c2fcc2eb60 HTTP 302
    https://record.qbetpartners.com/_VwvbcOWFNNkLak7-PYDSdWNd7ZgqdRLk/1/?payload=2529-11378241 HTTP 301
    https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bio.r7x.com.br/firWR HTTP 301
  • http://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15 HTTP 307
  • https://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15 HTTP 307
  • http://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15
193.233.203.207/
Redirect Chain
  • https://bio.r7x.com.br/firWR
  • http://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15
  • https://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15
  • http://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15
458 B
712 B 		Document
General
Check archive.org
Download Go to
Full URL
http://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15
Protocol
HTTP/1.1
Server
193.233.203.207 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
sdf.green.com
Software
/
Resource Hash
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Content-Length
458
Content-Type
text/html; charset=utf-8
Date
Sun, 28 Apr 2024 05:17:39 GMT
X-Address
gin_throttle_mw_7200000000_31.204.152.150
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
499
X-Ratelimit-Reset
1714285059

Redirect headers

Location
http://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
193.233.203.207/ 		0
260 B 		Other
General
Check archive.org
Download Go to
Full URL
http://193.233.203.207/favicon.ico
Protocol
HTTP/1.1
Server
193.233.203.207 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
sdf.green.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
http://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Apr 2024 05:17:39 GMT
X-Address
gin_throttle_mw_7200000000_31.204.152.150
X-Ratelimit-Reset
1714285059
X-Ratelimit-Limit
500
Content-Length
0
X-Ratelimit-Remaining
498
Content-Type
text/plain; charset=utf-8
4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15
193.233.203.207/t/ 		278 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
http://193.233.203.207/t/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15
Requested by
Host: 193.233.203.207
URL: http://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15
Protocol
HTTP/1.1
Server
193.233.203.207 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
sdf.green.com
Software
/
Resource Hash
5eea32643e5620164525edb39b6c1daf57864392ad0b841a2f1ef3afc6d7890c

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
http://193.233.203.207/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
278
Content-Type
text/html; charset=utf-8
Date
Sun, 28 Apr 2024 05:17:41 GMT
X-Address
gin_throttle_mw_7200000000_31.204.152.150
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
497
X-Ratelimit-Reset
1714285059
Primary Request /
www.qbet.com/en-LL/
Redirect Chain
  • https://poterelo.com/?a=4765&oc=15356&c=42534&m=3&s1=15&s2=43-11645&s3=0-0-0
  • https://poterelo.com/?a=4765&oc=15356&c=42534&m=3&s1=15&s2=43-11645&s3=0-0-0&ch-redir=1&ckmxid=comtntnp0000qc5crm70
  • https://change-route2.com/?a=4765&oc=15356&c=42534&m=3&s1=15&s2=43-11645&s3=0-0-0&ch-redir=1&ckmxid=comtntnp0000qc5crm70&ckmguid=44db69ee-dd04-4341-8656-5dcec7c8b7b3
  • https://run472.com/?a=4965&c=3219&s1=4765&s2=363149178
  • https://run472.com/?a=4965&c=3219&s1=4765&s2=363149178&ch-redir=1&ckmxid=comtntnk00018i2ju660
  • https://youribex.com/?a=4965&c=3219&s1=4765&s2=363149178&ch-redir=1&ckmxid=comtntnk00018i2ju660&ckmguid=300e16b1-3251-4d33-8310-d3c2fcc2eb60
  • https://record.qbetpartners.com/_VwvbcOWFNNkLak7-PYDSdWNd7ZgqdRLk/1/?payload=2529-11378241
  • https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Requested by
Host: 193.233.203.207
URL: http://193.233.203.207/t/4MpMEl11645MDxzy43lJwK0PFB0ZwRN0xeqp15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5841b14c017610547ebd59027334a8f0e94d42441c4ff31613463ef1d8226f91

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
http://193.233.203.207/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html
date
Sun, 28 Apr 2024 05:17:44 GMT
etag
W/"c8103273ea9064e516e66599c480abd6"
last-modified
Sun, 28 Apr 2024 03:16:06 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
x-amz-cf-id
FNB6-X9Mznp1lbAKQKdDRA-UgGdUv95tK_BZ3j-7mjLd_XCKjkxApw==
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront

Redirect headers

access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate
cf-cache-status
BYPASS
cf-ray
87b4966a795066e0-AMS
content-type
text/html; charset=utf-8
date
Sun, 28 Apr 2024 05:17:43 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
ZBan
OpenSans-Regular.ttf
www.qbet.com/fonts/ 		95 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.qbet.com/fonts/OpenSans-Regular.ttf
Requested by
Host: www.qbet.com
URL: https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Origin
https://www.qbet.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 05:17:44 GMT
content-encoding
br
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2024 03:16:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
W/"3ed9575dcc488c3e3a5bd66620bdf5a4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
font/ttf
x-amz-cf-id
eHuFBLhUGNjmSHdkPh3nV1w-7lLiVg1jShFhYryVqu6V28ub_3GWgA==
OpenSans-SemiBold.ttf
www.qbet.com/fonts/ 		98 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.qbet.com/fonts/OpenSans-SemiBold.ttf
Requested by
Host: www.qbet.com
URL: https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e8d9e1a89083cd1b0849993fe2f3acc9aa33b7f439f7e8616872f6897f30684

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Origin
https://www.qbet.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 05:17:44 GMT
content-encoding
br
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2024 03:16:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
W/"ba5cde21eeea0d57ab7efefc99596cce"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
font/ttf
x-amz-cf-id
WJUk78lvwzpOZa4XLL96X1vEeMzDnEc0rArMuObmod7Vbf-XPakDmA==
css2
fonts.googleapis.com/ 		5 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,800;1,900&display=swap
Requested by
Host: www.qbet.com
URL: https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
936c943298b3ca9789d565edaac84ef165bc4904173377ecb5f675110195c1cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.qbet.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 28 Apr 2024 05:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 28 Apr 2024 05:17:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Apr 2024 05:17:43 GMT
index-76e15f53.js
www.qbet.com/assets/ 		2 MB
502 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.qbet.com/assets/index-76e15f53.js
Requested by
Host: www.qbet.com
URL: https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18a87c020cfa16950ae6ef8f2e2059194b9dce777960c2f1aec474504b7ae18f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Origin
https://www.qbet.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 05:17:44 GMT
content-encoding
br
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2024 03:16:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
W/"9f70e598e866d0d01030d6bd42bd1022"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
JWoTzmQ_bCAw5mi3yjVhjU2x2ezvhTEuygKB1ubK2DQJKPZLns4Y9A==
index-9530d615.css
www.qbet.com/assets/ 		67 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.qbet.com/assets/index-9530d615.css
Requested by
Host: www.qbet.com
URL: https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9530d6158f8c8e91f7d62d45bdc9a08f0c16d066e3dda2034f2efe103c5f9c6d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 05:17:44 GMT
content-encoding
br
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2024 03:16:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
W/"d55198452b3201efdd782d6c9269a66d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
ih7-F_gL-Mgs91qi4kUZj-YZcas_IqswNxh-tUJIWNZR_r42oadWQw==
OpenSans-Bold.ttf
www.qbet.com/fonts/ 		0
58 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.qbet.com/fonts/OpenSans-Bold.ttf
Requested by
Host: www.qbet.com
URL: https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Origin
https://www.qbet.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 05:17:44 GMT
content-encoding
br
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2024 03:16:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
W/"1025a6e0fb0fa86f17f57cc82a6b9756"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
font/ttf
x-amz-cf-id
92jNblC1Dyt9a51HqwR5KcksQH-PrOhfmKgD8sTEgJU6WI6DUZtY2w==
backlistedIP-9ed3b537.js
www.qbet.com/assets/ 		158 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.qbet.com/assets/backlistedIP-9ed3b537.js
Requested by
Host: www.qbet.com
URL: https://www.qbet.com/assets/index-76e15f53.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83c0d9f657333651deeacfbcf1a749b3ee4d6fd5041a72de511a3ae5b7eb58c3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.qbet.com/assets/index-76e15f53.js
Origin
https://www.qbet.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 05:17:45 GMT
content-encoding
br
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2024 03:16:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
W/"8b0c80725daa24516dbd0130f58d6eb1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
wrlgk-0WHcvt_RR4y5of-PF6oBwxt7A6B12LJQKCatCsVhSl0ntYew==
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=79fd3bba-deff-48dc-ab98-d9c7be3c5b76
Requested by
Host: www.qbet.com
URL: https://www.qbet.com/assets/index-76e15f53.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.qbet.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 05:17:44 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
CYEYQJYMT4QZ3T8W
age
44
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
w9Ykh+WtFixOrLFiNzGhpYHZOwk6DKoyxfhtDfVQkoErmToTSi1OHWtlNSPdHtDc+O/3ZoaZyAk=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qqdg4vSDE8wY28QIV9ThrdR0U9zql2WpesGVbTE9YafMYZIHObiu34i6Nqbo2qDOuapXSlKNq7lWaIKUYyUHWSjiC2fEKrSA9bpHA3iF0hMz4sKkq1SX3NDdW4QbC4e9wyeJ0e0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
87b496702bee664c-AMS
access-control-allow-headers
*
context
d21jjud8qm9a0b.cloudfront.net/prod/api/v1/player/access/ 		379 B
806 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d21jjud8qm9a0b.cloudfront.net/prod/api/v1/player/access/context
Requested by
Host: www.qbet.com
URL: https://www.qbet.com/assets/index-76e15f53.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.47 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1222a81b8776ad6fca5c835132d80abb7a47e10fc8d6b5996a845131ac70f9e6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.qbet.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 05:17:44 GMT
via
1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront), 1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3, FRA60-P5
x-amzn-trace-id
Root=1-662ddbf8-7d1c25e16527ae41582aefcb
x-amzn-requestid
3c15f64e-2db4-4836-ba84-e421e8167adb
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
W69O3FnVDoEEbdw=
content-length
379
x-amz-cf-id
OBymSpl-Ki2xALN5Y38OlVOih7wnd7oJNR0DUjpH90Ubg0HkLkOeIA==
/
v9zh3uzt.apicdn.sanity.io/v1/data/query/production/ 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v9zh3uzt.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27staticPage%27%20%26%26%20pageCategory%20match%20%22information%22%20%26%26%20!(%22LL%22%20in%20excludedMarkets%5B%5D-%3Eid)%5D%20%7C%20order(_createdAt%20asc)%7B...%2C%22onlyShowMarkets%22%3A%20onlyShowMarkets%5B%5D%20-%3E%20id%7D%20%0A%20%20
Requested by
Host: www.qbet.com
URL: https://www.qbet.com/assets/index-76e15f53.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.211.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
47cd378f0a93bf71baf9ce12fccf806c48a6cc3226f154a3f9d140e110b78298
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.qbet.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sanity-shard
gcp-eu-w1-01-prod-1034
date
Sun, 28 Apr 2024 04:59:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
apicdn-cache-control
public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=3600
via
1.1 google
server-timing
api;dur=15
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3190
sanity-query-hash
iZOcFoy5P5g uxvbys1qyTQ
access-control-max-age
600
x-sanity-age
1065
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.qbet.com
access-control-expose-headers
Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
cache-control
public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=3600
vary
accept-encoding, origin
accept-ranges
bytes
favicon.ico
www.qbet.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.qbet.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15877eff12666b9b279cbd1920826eaaff9fce13797ffded3b311394d212e009

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 05:17:45 GMT
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2024 03:16:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
"986b3ef75a32a377026cbe4b4360f950"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
content-length
1150
x-amz-cf-id
phQAHNqQPXNxt0zhW0S1izIsgzOMvsCTBY50p_PW00IUXgBE2w_Qcw==
qbet-spinner-fb9e169a.svg
www.qbet.com/assets/ Frame CA12 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.qbet.com/assets/qbet-spinner-fb9e169a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb9e169a039c23591ac79a9db0c8d81280b8491629b4e1790207a22ee974d2a6

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
image/svg+xml
date
Sun, 28 Apr 2024 05:17:45 GMT
etag
W/"0d0dfbf03bcf5b9db3c12496b0606adc"
last-modified
Sun, 28 Apr 2024 03:16:06 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
x-amz-cf-id
1L_o4Oizqk8sNgccRASoQNn-sNeUQu5RVJN75rpuACpGyps02A0dBw==
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
default.json
www.qbet.com/locales/en/ 		52 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.qbet.com/locales/en/default.json
Requested by
Host: www.qbet.com
URL: https://www.qbet.com/assets/index-76e15f53.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.qbet.com/en-LL/?aff=nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 05:17:45 GMT
content-encoding
br
via
1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2024 03:16:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
etag
W/"d846a5b9a07d7910129d32bf15a91aa7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
x-amz-cf-id
rGQhbhIeFh0ztqV4z7PG5QygumkT7T1xwQzk9DI8ieOtY8VIU-xi3Q==
79fd3bba-deff-48dc-ab98-d9c7be3c5b76
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/79fd3bba-deff-48dc-ab98-d9c7be3c5b76
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=79fd3bba-deff-48dc-ab98-d9c7be3c5b76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
89625d5da8cd43aad00644236d4becfcf2380b3705bcf0c90a08ffd0ce0a8140
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.qbet.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 05:17:44 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
age
39
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
879ecb8bca0485cf-SEA, 879ecb8bca0485cf-SEA
x-runtime
0.005373
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"89625d5da8cd43aad00644236d4becfc"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dVHJGRCAQzXIJwdZL%2BB91PTVxuSL9u%2FsDiJqOLUk9Kacffp50WfaxqYFGX8VAlnWJX4ScbDHc5nte26YcH1Tk5pqwSS4QqMZS4w5pWTxQYjqOjKKQt3YaYyUALk7w5JsxrU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
87b49670aad09fa8-AMS
/
v9zh3uzt.apicdn.sanity.io/v1/data/query/production/ 		245 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v9zh3uzt.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27staticPage%27%20%26%26%20pageCategory%20match%20%22contact-us%22%20%26%26%20!(%22LL%22%20in%20excludedMarkets%5B%5D-%3Eid)%5D%20%7C%20order(_createdAt%20asc)%7B...%2C%22onlyShowMarkets%22%3A%20onlyShowMarkets%5B%5D%20-%3E%20id%7D%20%0A%20%20
Requested by
Host: www.qbet.com
URL: https://www.qbet.com/assets/index-76e15f53.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.211.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae9b4b87f26895fa348258b6856c39e887c5b11703f50e117b03e46df2ad99bc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://www.qbet.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sanity-shard
gcp-eu-w1-01-prod-1034
date
Sun, 28 Apr 2024 05:06:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
apicdn-cache-control
public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=3600
via
1.1 google
server-timing
api;dur=7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
159
sanity-query-hash
oXj5ckioKus uxvbys1qyTQ
access-control-max-age
600
x-sanity-age
652
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.qbet.com
access-control-expose-headers
Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
cache-control
public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=3600
vary
accept-encoding, origin
accept-ranges
bytes
web-widget-main-7bc1c0f.js
static.zdassets.com/web_widget/messenger/latest/ Frame 37E3 		191 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-7bc1c0f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=79fd3bba-deff-48dc-ab98-d9c7be3c5b76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 05:17:44 GMT
x-amz-version-id
FF8unFdBB4gI.67XhH2GhVTn74pudK_c
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
DKWG1E69PV39MED6
age
1445555
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
b4iFBmysrfVotSuHVYf858Tif60NDMsmlxIcV+9+imkbX/a3if2QgSpESGWXoHhfcj6Cw5wtguE=
last-modified
Mon, 08 Apr 2024 13:55:43 GMT
server
cloudflare
etag
W/"61166b9a0a776703db59d8fbffd8e621"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RLiQ8fxGY17wRUW72Wqg7KwzXueWe0ZHMm%2FY8o2zIVqrqSqcJcL%2FbDB6TtOUycm5QMPpX7vCYyvnEBoRVGX5ZBr5UBn7y6Eyp%2FgaL3W%2FK49UHFhFFM3U6l42o6443bkJ9hYztU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
87b49670ec85664c-AMS
access-control-allow-headers
*
expires
Tue, 08 Apr 2025 13:55:42 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Domain/Path Name / Value
bio.r7x.com.br/ Name: PHPSESSID
Value: g177jl6k74nf9f1mh0fq8rchr8
bio.r7x.com.br/ Name: short_18
Value: 1
.change-route2.com/ Name: sq
Value: S8Jg4Lx5LiUUbGHDtKGOMAUQBASqwgu5P64rgH1ewQCnv534QAZOmA==
.change-route2.com/ Name: tym
Value: FO2GYbJuXdtTs8ljSdE7rQUQBASqwgu5P64rgH1ewQCnv534QAZOmA==
.change-route2.com/ Name: c15304
Value: S8Jg4Lx5LiWOiBoj4jLM2iuaCWp8WBN1JUWFAzDFtM0BjYhHZTfPFA==
.youribex.com/ Name: sfd
Value: 3MI2OHVGwLyCRmnUYNZTvp5kK23gLknqt1TjbENMKwK5+nf3Z4ahWw==
.youribex.com/ Name: tfl
Value: R/Ydw8AaGGk89dgKEufbmyrfMfko8T6AuSuIi1I63XYn+v8h1V86Mw==
.youribex.com/ Name: c2529
Value: 3MI2OHVGwLwhpG9x1+tpZ0EyU2cIrrPknK6nm9n7ElXYKcqG08GN9Q==
record.qbetpartners.com/ Name: VID1
Value: JyxDPFQtU0BULFBgYApgCg%3D%3D
.qbetpartners.com/ Name: ZBan
Value: nZ8AbtxG-NtZpgEFNFmjjmNd7ZgqdRLk

1 Console Messages

Source Level URL
Text
network error URL: http://193.233.203.207/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bio.r7x.com.br
change-route2.com
d21jjud8qm9a0b.cloudfront.net
ekr.zdassets.com
fonts.googleapis.com
poterelo.com
record.qbetpartners.com
run472.com
static.zdassets.com
v9zh3uzt.apicdn.sanity.io
www.qbet.com
youribex.com
104.155.67.59
104.18.190.136
104.18.70.113
104.18.72.113
159.65.59.14
177.154.191.136
18.173.205.83
18.245.62.47
193.233.203.207
2a00:1450:4001:80f::200a
34.102.211.197
34.76.189.27
35.177.216.197
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
1222a81b8776ad6fca5c835132d80abb7a47e10fc8d6b5996a845131ac70f9e6
15877eff12666b9b279cbd1920826eaaff9fce13797ffded3b311394d212e009
18a87c020cfa16950ae6ef8f2e2059194b9dce777960c2f1aec474504b7ae18f
47cd378f0a93bf71baf9ce12fccf806c48a6cc3226f154a3f9d140e110b78298
5841b14c017610547ebd59027334a8f0e94d42441c4ff31613463ef1d8226f91
5e8d9e1a89083cd1b0849993fe2f3acc9aa33b7f439f7e8616872f6897f30684
5eea32643e5620164525edb39b6c1daf57864392ad0b841a2f1ef3afc6d7890c
83c0d9f657333651deeacfbcf1a749b3ee4d6fd5041a72de511a3ae5b7eb58c3
89625d5da8cd43aad00644236d4becfcf2380b3705bcf0c90a08ffd0ce0a8140
936c943298b3ca9789d565edaac84ef165bc4904173377ecb5f675110195c1cb
9530d6158f8c8e91f7d62d45bdc9a08f0c16d066e3dda2034f2efe103c5f9c6d
ae9b4b87f26895fa348258b6856c39e887c5b11703f50e117b03e46df2ad99bc
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb9e169a039c23591ac79a9db0c8d81280b8491629b4e1790207a22ee974d2a6