urlscan.io logo urlscan.io
SecurityTrails logo

1005857365.com Open in urlscan Pro
103.241.115.46  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1005857365.com/
Effective URL: https://1005857365.com:9900/
Submission: On May 19 via api from IL — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 39 HTTP transactions. The main IP is 103.241.115.46, located in India and belongs to EAGLENET-AP 60 Market Square,P.O. Box 364, PH. The main domain is 1005857365.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 12th 2024. Valid for: a year.
This is the only time 1005857365.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bet365 (Entertainment)

Domain & IP information

IP Address AS Autonomous System
1 4 103.241.115.46 55303 (EAGLENET-...)
3 172.217.16.200 15169 (GOOGLE)
26 104.18.11.162 13335 (CLOUDFLAR...)
39 4
Apex Domain
Subdomains		 Transfer
26 cfvn66.com
g1.cfvn66.com
cdn.cfvn66.com
485 KB
4 1005857365.com
1005857365.com
8 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
121 KB
39 3
Domain Requested by
18 g1.cfvn66.com 1005857365.com
g1.cfvn66.com
8 cdn.cfvn66.com 1005857365.com
4 1005857365.com 1 redirects 1005857365.com
g1.cfvn66.com
3 www.googletagmanager.com 1005857365.com
39 4

This site contains no links.

Subject Issuer Validity Valid
*.1005857365.com
Sectigo RSA Domain Validation Secure Server CA		 2024-05-12 -
2025-05-14		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.cfvn66.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-27 -
2024-10-27		 a year crt.sh

This page contains 3 frames:

Primary Page: https://1005857365.com:9900/
Frame ID: ADFC3445B6F5965B64BA324816889BC4
Requests: 3 HTTP requests in this frame

Frame: https://1005857365.com:9900/entrance/page/soya?ni=1
Frame ID: 66BD92CB68870E213F1212514039CF55
Requests: 32 HTTP requests in this frame

Frame: https://1005857365.com:9900/app/member/upupFlash.php?uid=
Frame ID: 587E2101B38EA1318440A6AD057A8851
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://1005857365.com/ HTTP 307
    https://1005857365.com/ HTTP 301
    https://1005857365.com:9900/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

82 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

614 kB
Transfer

1354 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1005857365.com/ HTTP 307
    https://1005857365.com/ HTTP 301
    https://1005857365.com:9900/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1005857365.com/
Redirect Chain
  • http://1005857365.com/
  • https://1005857365.com/
  • https://1005857365.com:9900/
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1005857365.com:9900/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.241.115.46 , India, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
nginx CK6u06Vu4 /
Resource Hash
b5bdaf72fe8e8f6514d6339483cb2df40d7e340cd6f36039b484f58c2fe14ef1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 May 2024 12:11:50 GMT
server
nginx CK6u06Vu4
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/html
date
Sun, 19 May 2024 12:11:49 GMT
location
https://1005857365.com:9900/
server
nginx CK6u06Vu4
js
www.googletagmanager.com/gtag/ 		123 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
62112d03f61791f4b610ae6cd95a9a169b0195de29891a637c7d6457e78ec89d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
48120
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 19 May 2024 12:11:51 GMT
gtm.js
www.googletagmanager.com/ 		217 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5PQDSQV
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
63f75652060b8604c5437489edf0766927c46b30ba82c4f168e39b959eb6052f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74961
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 19 May 2024 12:11:51 GMT
soya
1005857365.com/entrance/page/ Frame 66BD 		191 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://1005857365.com:9900/entrance/page/soya?ni=1
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.241.115.46 , India, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
nginx CK6u06Vu4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://1005857365.com:9900/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 May 2024 12:11:51 GMT
server
nginx CK6u06Vu4
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
upupFlash.php
1005857365.com/app/member/ Frame 587E 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1005857365.com:9900/app/member/upupFlash.php?uid=
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.241.115.46 , India, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
nginx CK6u06Vu4 /
Resource Hash
9d692bdb81d245bf966cef0d8c35d1a16d1f08af42184fb55873e419e4bdf348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://1005857365.com:9900/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 May 2024 12:11:51 GMT
server
nginx CK6u06Vu4
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
jquery-1.7.2.min.js
1005857365.com/cl/js/ Frame 587E 		0
0
plugins.min.js
1005857365.com/cl/js/plugin/ Frame 587E 		0
0
bootstrap-notify.js
1005857365.com/cl/js/tools/ Frame 587E 		0
0
common.min.css
g1.cfvn66.com/cl/tpl/template/style/ Frame 66BD 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/tpl/template/style/common.min.css?v=ver114.237
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c37ce466abeb200225cab59f6820623e3cd3136bdd086c45d9dd0add0a23cd48
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 May 2024 04:06:58 GMT
server
cloudflare
etag
W/"66385762-83d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8863fdf56adce3cb-TLV
expires
Mon, 19 May 2025 12:11:52 GMT
bet365.css
g1.cfvn66.com/cl/tpl/bet365/ver1/css/ Frame 66BD 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/tpl/bet365/ver1/css/bet365.css?v=ver114.237
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b45ed2207b25828a16296037aed39bd1848702b8d3befa409d5591aac1f0a2c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 May 2024 04:02:10 GMT
server
cloudflare
etag
W/"66385642-3ca5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8863fdf56adae3cb-TLV
expires
Mon, 19 May 2025 12:11:52 GMT
jquery-1.7.2.min.js
g1.cfvn66.com/cl/js/ Frame 66BD 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/js/jquery-1.7.2.min.js?v=ver114.237
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 May 2024 04:01:56 GMT
server
cloudflare
etag
W/"66385634-1727a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8863fdf56adfe3cb-TLV
expires
Mon, 19 May 2025 12:11:52 GMT
common.min.js
g1.cfvn66.com/cl/js/ Frame 66BD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/js/common.min.js?v=ver114.237
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f71148aa2505321fb1dab563f1ce478eabb6ffae2a38204790626a5ce4b6f3c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 May 2024 04:01:56 GMT
server
cloudflare
etag
W/"66385634-443e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8863fdf56adde3cb-TLV
expires
Mon, 19 May 2025 12:11:52 GMT
upup.js
g1.cfvn66.com/cl/js/tools/ Frame 66BD 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/js/tools/upup.js?v=ver114.237
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
837d35e4a675030fa06d97c26c641541e23e115424500817a34bf53ad4613655
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 May 2024 04:01:57 GMT
server
cloudflare
etag
W/"66385635-2718"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8863fdf56ae4e3cb-TLV
expires
Mon, 19 May 2025 12:11:52 GMT
plugins.min.js
g1.cfvn66.com/cl/js/plugin/ Frame 66BD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/js/plugin/plugins.min.js?v=ver114.237
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8069c36602f383c1b202f85c6a080f5a4776687304d6ac5d1297574c38e78aea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 May 2024 04:01:56 GMT
server
cloudflare
etag
W/"66385634-397f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8863fdf56ae7e3cb-TLV
expires
Mon, 19 May 2025 12:11:52 GMT
bg1_x.jpg
g1.cfvn66.com/cl/tpl/bet365/ver1/image/ Frame 66BD 		595 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/bet365/ver1/image/bg1_x.jpg
Requested by
Host: g1.cfvn66.com
URL: https://g1.cfvn66.com/cl/tpl/bet365/ver1/css/bet365.css?v=ver114.237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57f47e91b89653031dbda07f367a576abba30b892044a20ff28ad2a407f4ccbf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://g1.cfvn66.com/cl/tpl/bet365/ver1/css/bet365.css?v=ver114.237
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
595
last-modified
Mon, 06 May 2024 04:02:10 GMT
server
cloudflare
etag
"66385642-253"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8863fdf908f6e3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
bg01.jpg
g1.cfvn66.com/cl/tpl/bet365/ver1/image/ Frame 66BD 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/bet365/ver1/image/bg01.jpg
Requested by
Host: g1.cfvn66.com
URL: https://g1.cfvn66.com/cl/tpl/bet365/ver1/css/bet365.css?v=ver114.237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f60baec1d2b436c33e1b1dd0a75532f61dcbbe419ad05e75e58052147f6aee42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://g1.cfvn66.com/cl/tpl/bet365/ver1/css/bet365.css?v=ver114.237
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
17374
last-modified
Mon, 06 May 2024 04:02:10 GMT
server
cloudflare
etag
"66385642-43de"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8863fdf908fbe3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
logo.png
1005857365.com/cl/tpl/bet365/ver1/image/ Frame 66BD 		0
0
white.png
g1.cfvn66.com/cl/tpl/template/images/element/password_icon/ Frame 66BD 		494 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/template/images/element/password_icon/white.png?v=ver114.237
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78ac98112d8d59aac10289321739e3dabc130d43ccc0249f35578d8ac995e61d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
494
last-modified
Mon, 06 May 2024 04:06:40 GMT
server
cloudflare
etag
"66385750-1ee"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8863fdf90902e3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
index_left_y.jpg
g1.cfvn66.com/cl/tpl/bet365/ver1/image/ Frame 66BD 		297 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/bet365/ver1/image/index_left_y.jpg
Requested by
Host: g1.cfvn66.com
URL: https://g1.cfvn66.com/cl/tpl/bet365/ver1/css/bet365.css?v=ver114.237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cecc1c19448c974ddb04e3b61de675e75d574d186255dc10a0314e27b39c0d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://g1.cfvn66.com/cl/tpl/bet365/ver1/css/bet365.css?v=ver114.237
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
297
last-modified
Mon, 06 May 2024 04:02:10 GMT
server
cloudflare
etag
"66385642-129"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8863fdfa0aafe3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
index_left.jpg
g1.cfvn66.com/cl/tpl/bet365/ver1/image/ Frame 66BD 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/bet365/ver1/image/index_left.jpg
Requested by
Host: g1.cfvn66.com
URL: https://g1.cfvn66.com/cl/tpl/bet365/ver1/css/bet365.css?v=ver114.237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
422524de6b76c51729adaccd480536622b5157d2be4ab991f122770aed55c730
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://g1.cfvn66.com/cl/tpl/bet365/ver1/css/bet365.css?v=ver114.237
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
13885
last-modified
Mon, 06 May 2024 04:02:10 GMT
server
cloudflare
etag
"66385642-363d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8863fdfa0ab1e3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
title_first.jpg
g1.cfvn66.com/cl/tpl/bet365/ver1/image/ Frame 66BD 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/bet365/ver1/image/title_first.jpg
Requested by
Host: g1.cfvn66.com
URL: https://g1.cfvn66.com/cl/tpl/bet365/ver1/css/bet365.css?v=ver114.237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
803fee1739757ab94a71d57a25acc02f6e2a51927b92f879cce7872f10082f7c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://g1.cfvn66.com/cl/tpl/bet365/ver1/css/bet365.css?v=ver114.237
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
76536
last-modified
Mon, 06 May 2024 04:02:11 GMT
server
cloudflare
etag
"66385643-12af8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8863fdfa0ab2e3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
content_bg.jpg
g1.cfvn66.com/cl/tpl/bet365/ver1/image/ Frame 66BD 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/bet365/ver1/image/content_bg.jpg
Requested by
Host: g1.cfvn66.com
URL: https://g1.cfvn66.com/cl/tpl/bet365/ver1/css/bet365.css?v=ver114.237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
587ff54d8bab66dcd7a8bae3ca010808a7bd7c0c9db7f984d87d70661043e126
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://g1.cfvn66.com/cl/tpl/bet365/ver1/css/bet365.css?v=ver114.237
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
17195
last-modified
Mon, 06 May 2024 04:02:10 GMT
server
cloudflare
etag
"66385642-432b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8863fdfa0ab5e3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
142915211752.jpg
cdn.cfvn66.com/tpl/885/294859/images/ Frame 66BD 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/885/294859/images/142915211752.jpg?1556167
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
713f512b1852db9e481569b5c6fb52a63378c7e357bf2b30b61fbd723d83d529
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
45793
last-modified
Thu, 16 Apr 2015 02:41:57 GMT
server
cloudflare
etag
"552f2175-b2e1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-ray
8863fdfa6b6ee3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
142915211533.jpg
cdn.cfvn66.com/tpl/885/294859/images/ Frame 66BD 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/885/294859/images/142915211533.jpg?1556167
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf3a1e9da08ecff6f1c61017bd0405e660b5b92156280ac747aece02351117b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
44469
last-modified
Thu, 16 Apr 2015 02:41:55 GMT
server
cloudflare
etag
"552f2173-adb5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-ray
8863fdfa6b70e3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
142915214215.jpg
cdn.cfvn66.com/tpl/885/294859/images/ Frame 66BD 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/885/294859/images/142915214215.jpg?1556167
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea1f08875e781bf78bcbcdae9dae1ec3aa9c0c60a74683b20ba39ba3e500298b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
43616
last-modified
Thu, 16 Apr 2015 02:42:22 GMT
server
cloudflare
etag
"552f218e-aa60"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-ray
8863fdfa6b63e3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
142915213986.jpg
cdn.cfvn66.com/tpl/885/294859/images/ Frame 66BD 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/885/294859/images/142915213986.jpg?1556167
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e80fe38690aec008d8c2617f67eebaaae9d32745f859ae16f5015cd039d0868
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
41602
last-modified
Thu, 16 Apr 2015 02:42:19 GMT
server
cloudflare
etag
"552f218b-a282"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-ray
8863fdfa6b69e3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
142915216762.jpg
cdn.cfvn66.com/tpl/885/294859/images/ Frame 66BD 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/885/294859/images/142915216762.jpg?1556167
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d193fc7d93bf3bd059d03bf9fd2b73c106dc779bd87ff807110b59ef4a4e0527
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
44331
last-modified
Thu, 16 Apr 2015 02:42:47 GMT
server
cloudflare
etag
"552f21a7-ad2b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-ray
8863fdfa6b6ae3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
142915216518.jpg
cdn.cfvn66.com/tpl/885/294859/images/ Frame 66BD 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/885/294859/images/142915216518.jpg?1556167
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
112696fb96feb038b17c11e295cc1fdbbd13950334c66f8b24e9d1ec048870fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
42863
last-modified
Thu, 16 Apr 2015 02:42:45 GMT
server
cloudflare
etag
"552f21a5-a76f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-ray
8863fdfa6b6ce3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
white.png
g1.cfvn66.com/cl/tpl/commonFile/images/bbinlogo/ Frame 66BD 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/commonFile/images/bbinlogo/white.png?v=ver114.237
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
694c1c81dacbe13ee65a45dc56f96eda380436673e050381bc7421b7b71d1a1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
4040
last-modified
Mon, 06 May 2024 04:02:32 GMT
server
cloudflare
etag
"66385658-fc8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8863fdfa2af7e3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
ublogo.png
g1.cfvn66.com/cl/tpl/commonFile/images/ubbrowser/ Frame 66BD 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/commonFile/images/ubbrowser/ublogo.png?v=ver114.237
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2944f595e499b2437d24edb94ae9c85158fefcd594287382c022f18523ec72f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
9240
last-modified
Mon, 06 May 2024 04:02:58 GMT
server
cloudflare
etag
"66385672-2418"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8863fdfa6b5ce3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
160688287145.png
cdn.cfvn66.com/tpl/885/1555983/images/ Frame 66BD 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/885/1555983/images/160688287145.png?1556167
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ad66675e950eba06b67f2e385b004ea8b49db9446e584e9445cc59fb7125b1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
16489
last-modified
Wed, 02 Dec 2020 04:21:11 GMT
server
cloudflare
etag
"5fc71637-4069"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-ray
8863fdfd0f99e3cb-TLV
expires
Mon, 19 May 2025 12:11:54 GMT
160688287654.png
cdn.cfvn66.com/tpl/885/1555983/images/ Frame 66BD 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/885/1555983/images/160688287654.png?1556167
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ad66675e950eba06b67f2e385b004ea8b49db9446e584e9445cc59fb7125b1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
content-length
16489
last-modified
Wed, 02 Dec 2020 04:21:16 GMT
server
cloudflare
etag
"5fc7163c-4069"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-ray
8863fdfd5814e3cb-TLV
expires
Mon, 19 May 2025 12:11:54 GMT
jquery.easing.1.3.min.js
g1.cfvn66.com/cl/js/pluging/ Frame 66BD 		3 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/js/pluging/jquery.easing.1.3.min.js?v=ver114.237
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a55344c1b18579e6a41c3a8be3f18c4b1140bcc2ef26fa34045068ac36cc7fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 May 2024 04:01:56 GMT
server
cloudflare
etag
W/"66385634-ce5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8863fdfa2af4e3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
common.min.js
g1.cfvn66.com/cl/js/tools/ Frame 66BD 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/js/tools/common.min.js?v=ver114.237
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae8be428e20fbe7ac7795c69cacc254260dd5b75b47dd55156fb45b31f26b1b1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 May 2024 04:01:56 GMT
server
cloudflare
etag
W/"66385634-19af"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8863fdfa6b60e3cb-TLV
expires
Mon, 19 May 2025 12:11:53 GMT
gtm.js
www.googletagmanager.com/ Frame 66BD 		217 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5PQDSQV
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
63f75652060b8604c5437489edf0766927c46b30ba82c4f168e39b959eb6052f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:51 GMT
content-encoding
br
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74961
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 19 May 2024 12:11:51 GMT
home.json
1005857365.com/infe/rest/fig/advertise/ Frame 66BD 		0
0
upperLeft.json
1005857365.com/infe/rest/fig/advertise/ Frame 66BD 		0
0
notice.json
1005857365.com/entrance/page/noticepop/ Frame 66BD 		0
0
login-agreement.min.js
g1.cfvn66.com/cl/js/tools/ Frame 66BD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/js/tools/login-agreement.min.js?v=ver114.237
Requested by
Host: 1005857365.com
URL: https://1005857365.com:9900/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.162 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e43cc4af5e8f73fbfd11a427339a9218dcc8063545029f561929e926004449
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://1005857365.com:9900/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 12:11:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 May 2024 04:01:57 GMT
server
cloudflare
etag
W/"66385635-b72"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8863fdfefac8e3cb-TLV
expires
Mon, 19 May 2025 12:11:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
1005857365.com
URL
https://1005857365.com:9900/cl/js/jquery-1.7.2.min.js
Domain
1005857365.com
URL
https://1005857365.com:9900/cl/js/plugin/plugins.min.js
Domain
1005857365.com
URL
https://1005857365.com:9900/cl/js/tools/bootstrap-notify.js?v=1716120711
Domain
1005857365.com
URL
https://1005857365.com:9900/cl/tpl/bet365/ver1/image/logo.png
Domain
1005857365.com
URL
https://1005857365.com:9900/infe/rest/fig/advertise/home.json
Domain
1005857365.com
URL
https://1005857365.com:9900/infe/rest/fig/advertise/upperLeft.json
Domain
1005857365.com
URL
https://1005857365.com:9900/entrance/page/noticepop/notice.json?is_mobile=N&page=first

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bet365 (Entertainment)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| serverPushData object| google_tag_manager object| google_tag_data function| logEvent function| setUserProperty

6 Cookies

Domain/Path Name / Value
1005857365.com/ Name: lang
Value: zh-cn
1005857365.com/ Name: langx
Value: zh-cn
.1005857365.com/ Name: IBCACHE
Value: e264bHii6jZ8jzU8eHh6lEemtKhfKM9pnVOHHyweObTL2fuDuDxNxfFiq6h97K2pYWhreGpxRnVqM2xLZFdVQzNiR3QzZDhWSDdjbXBHNDJ5dE56dkFCVU1PUQ
.1005857365.com/ Name: SESSION_ID
Value: guest
.1005857365.com/ Name: ICCACHE
Value: MDg80E4Iel6YL90o7oiRgG4JMa7ZwTrA8ijw6DL2KN0xMUpTUnpoUDlheUt5T09L
1005857365.com/ Name: page_site
Value: first

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1005857365.com
cdn.cfvn66.com
g1.cfvn66.com
www.googletagmanager.com
1005857365.com
103.241.115.46
104.18.11.162
172.217.16.200
0cf3a1e9da08ecff6f1c61017bd0405e660b5b92156280ac747aece02351117b
112696fb96feb038b17c11e295cc1fdbbd13950334c66f8b24e9d1ec048870fa
422524de6b76c51729adaccd480536622b5157d2be4ab991f122770aed55c730
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
4e80fe38690aec008d8c2617f67eebaaae9d32745f859ae16f5015cd039d0868
57f47e91b89653031dbda07f367a576abba30b892044a20ff28ad2a407f4ccbf
587ff54d8bab66dcd7a8bae3ca010808a7bd7c0c9db7f984d87d70661043e126
5cecc1c19448c974ddb04e3b61de675e75d574d186255dc10a0314e27b39c0d5
62112d03f61791f4b610ae6cd95a9a169b0195de29891a637c7d6457e78ec89d
63f75652060b8604c5437489edf0766927c46b30ba82c4f168e39b959eb6052f
694c1c81dacbe13ee65a45dc56f96eda380436673e050381bc7421b7b71d1a1f
713f512b1852db9e481569b5c6fb52a63378c7e357bf2b30b61fbd723d83d529
78ac98112d8d59aac10289321739e3dabc130d43ccc0249f35578d8ac995e61d
803fee1739757ab94a71d57a25acc02f6e2a51927b92f879cce7872f10082f7c
8069c36602f383c1b202f85c6a080f5a4776687304d6ac5d1297574c38e78aea
837d35e4a675030fa06d97c26c641541e23e115424500817a34bf53ad4613655
8a55344c1b18579e6a41c3a8be3f18c4b1140bcc2ef26fa34045068ac36cc7fc
8b45ed2207b25828a16296037aed39bd1848702b8d3befa409d5591aac1f0a2c
9d692bdb81d245bf966cef0d8c35d1a16d1f08af42184fb55873e419e4bdf348
ae8be428e20fbe7ac7795c69cacc254260dd5b75b47dd55156fb45b31f26b1b1
b5bdaf72fe8e8f6514d6339483cb2df40d7e340cd6f36039b484f58c2fe14ef1
c37ce466abeb200225cab59f6820623e3cd3136bdd086c45d9dd0add0a23cd48
d193fc7d93bf3bd059d03bf9fd2b73c106dc779bd87ff807110b59ef4a4e0527
d2944f595e499b2437d24edb94ae9c85158fefcd594287382c022f18523ec72f
d2e43cc4af5e8f73fbfd11a427339a9218dcc8063545029f561929e926004449
ea1f08875e781bf78bcbcdae9dae1ec3aa9c0c60a74683b20ba39ba3e500298b
f3ad66675e950eba06b67f2e385b004ea8b49db9446e584e9445cc59fb7125b1
f60baec1d2b436c33e1b1dd0a75532f61dcbbe419ad05e75e58052147f6aee42
f71148aa2505321fb1dab563f1ce478eabb6ffae2a38204790626a5ce4b6f3c8