urlscan.io logo urlscan.io
SecurityTrails logo

www.bwin.com Open in urlscan Pro
104.16.131.238  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.e.entaingroup.com/?qs=df703fe49d8157e4920afab30ac6da02f24cde5e40ffffe06a3e1046a8feceff6fe96b58ed74e24c1059e7a10551...
Effective URL: https://www.bwin.com/en/account/contact
Submission: On February 29 via api from BE — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 104.16.131.238, located in and belongs to CLOUDFLARENET, US. The main domain is www.bwin.com. The Cisco Umbrella rank of the primary domain is 950297.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 22nd 2024. Valid for: a year.
This is the only time www.bwin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 161.71.97.64 14340 (SALESFORCE)
4 104.16.131.238 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
7 3
Apex Domain
Subdomains		 Transfer
4 bwin.com
www.bwin.com — Cisco Umbrella Rank: 950297
115 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4394
13 KB
1 entaingroup.com
click.e.entaingroup.com
214 B
7 3
Domain Requested by
4 www.bwin.com www.bwin.com
2 challenges.cloudflare.com www.bwin.com
challenges.cloudflare.com
1 click.e.entaingroup.com 1 redirects
7 3

This site contains no links.

Subject Issuer Validity Valid
*.bwin.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-22 -
2025-02-21		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.bwin.com/en/account/contact
Frame ID: 41AEC393568EB4119D807DAB746D461A
Requests: 7 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/zfih5/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 43AA61A6AE4117DA93EB08BA1B195472
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

bwin.com

Page URL History Show full URLs

  1. https://click.e.entaingroup.com/?qs=df703fe49d8157e4920afab30ac6da02f24cde5e40ffffe06a3e1046a8feceff6fe96b58... HTTP 302
    https://www.bwin.com/en/account/contact Page URL

Page Statistics

7
Requests

86 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

128 kB
Transfer

327 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.e.entaingroup.com/?qs=df703fe49d8157e4920afab30ac6da02f24cde5e40ffffe06a3e1046a8feceff6fe96b58ed74e24c1059e7a1055136e53d96c6b261204fa246fbbbe098a9a111 HTTP 302
    https://www.bwin.com/en/account/contact Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request contact
www.bwin.com/en/account/
Redirect Chain
  • https://click.e.entaingroup.com/?qs=df703fe49d8157e4920afab30ac6da02f24cde5e40ffffe06a3e1046a8feceff6fe96b58ed74e24c1059e7a1055136e53d96c6b261204fa246fbbbe098a9a111
  • https://www.bwin.com/en/account/contact
60 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bwin.com/en/account/contact
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.131.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7da8bd115c7a4c98967ce5c0ceb4edf8241bcd3d74ff770366c9dd2837e8c6ad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
MEHahCvCkbSPkJynyN5HLO2ZijuxoaWiAWCndRO5Gvb5JTW0lHRBrHL3aAey5Yldu1ln/3CuHBotcw/Az4toI9+XteP/yIgFCHM71voZ8F8=$w1clP9IvkTX1+yijcF7NxA==
cf-mitigated
challenge
cf-ray
85d0ba009adf418e-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 29 Feb 2024 11:56:53 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Cache-Control
private
Connection
close
Content-Length
156
Content-Type
text/html; charset=utf-8
Date
Thu, 29 Feb 2024 11:56:52 GMT
Location
https://www.bwin.com/en/account/contact
truncated
/ 		36 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c8491014b2a03ac46810547e46d7854973d6f5b3fd75706f3c69ebcff168a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
v1
www.bwin.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		178 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bwin.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=85d0ba009adf418e
Requested by
Host: www.bwin.com
URL: https://www.bwin.com/en/account/contact
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.131.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c51c54d609762f60d089c4075260c03d058f3593c4459abfa0990cdab12bdb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bwin.com/en/account/contact?__cf_chl_rt_tk=utX1OWB73W1Fjsb.s0DmYbdmaR87VRxPheSAFKfRg6k-1709207813-0.0-1213
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 11:56:53 GMT
content-encoding
br
strict-transport-security
max-age=2592000
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85d0ba011baf418e-LHR
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/g/a0d8959cb7d0/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/a0d8959cb7d0/api.js?onload=lDtWXt4&render=explicit
Requested by
Host: www.bwin.com
URL: https://www.bwin.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=85d0ba009adf418e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2d1c49f53ad2bedbb54b6ad29f17ea493d7da967f7487c7dd1493ffa7cd5bcc

Request headers

Referer
Origin
https://www.bwin.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 11:56:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
85d0ba01da0424d5-LHR
alt-svc
h3=":443"; ma=86400
8d6325c0-f929-4b33-bf4f-b81d87febaf4
https://www.bwin.com/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bwin.com/8d6325c0-f929-4b33-bf4f-b81d87febaf4
Requested by
Host: www.bwin.com
URL: https://www.bwin.com/en/account/contact
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bwin.com/en/account/contact
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
29db7aefc0d750a
www.bwin.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1315673163:1709204946:lbA5Z8VZdDawkCiRCvERzgEOoDoDIwCg95nJlLpgtP0/85d0ba009adf418e/ 		12 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bwin.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1315673163:1709204946:lbA5Z8VZdDawkCiRCvERzgEOoDoDIwCg95nJlLpgtP0/85d0ba009adf418e/29db7aefc0d750a
Requested by
Host: www.bwin.com
URL: https://www.bwin.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=85d0ba009adf418e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.131.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3985105fe422dd02d93eb04e138c58cd4f7c0e2680f717faa319f0406da834
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.bwin.com/en/account/contact
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
CF-Challenge
29db7aefc0d750a
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 29 Feb 2024 11:56:53 GMT
strict-transport-security
max-age=2592000
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
85d0ba022966dc67-LHR
alt-svc
h3=":443"; ma=86400
cf-chl-gen
uKpNdPMjLZ1iGYZVtLNVamSnlDDy8YB+0OK5o6gd3JN2S1W3EpmOxGaGo8DPNtj/$iJOXtYSkFtjmqb9oDOCodQ==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/zfih5/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 43AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/zfih5/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/a0d8959cb7d0/api.js?onload=lDtWXt4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85d0ba02cf4f4134-LHR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 29 Feb 2024 11:56:53 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
29db7aefc0d750a
www.bwin.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1315673163:1709204946:lbA5Z8VZdDawkCiRCvERzgEOoDoDIwCg95nJlLpgtP0/85d0ba009adf418e/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bwin.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1315673163:1709204946:lbA5Z8VZdDawkCiRCvERzgEOoDoDIwCg95nJlLpgtP0/85d0ba009adf418e/29db7aefc0d750a
Requested by
Host: www.bwin.com
URL: https://www.bwin.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=85d0ba009adf418e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.131.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2683e1e03adbb5097916b8f5b2f3f087e38cfd64d7f21c23756b1e64851ea9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.bwin.com/en/account/contact
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
CF-Challenge
29db7aefc0d750a
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
pKZwR1Z+mfaamiV+AouLi9Bysh+rWG8imsz+KKAMY2DiPMTwhBTY8Mano4yevuYobK2SaK3gXUVqlICVz8GHtUkV0WC77PHXb8AcsB+Txeg=$jTof2pQQCehvUZmT4zQJlA==
cf-chl-out-s
XXTUifQQ8AKGM66p6stsmIlGuCTCYU6OTQCle/6FH2AmdC0WQ3ZJAuAIjkA0AuQ6t6v7E559mTKZrBisDiL8kOyK5+k3g6/IXEr6P6q2dk8=$ibvyRcGyHKSBEnulHo5XJg==
date
Thu, 29 Feb 2024 11:56:55 GMT
strict-transport-security
max-age=2592000
content-encoding
br
server
cloudflare
content-type
text/html; charset=UTF-8
cf-ray
85d0ba0d2dc1dc67-LHR
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt function| SDoW2 function| lDtWXt4 boolean| sZxAD2 function| wTKnG7 function| LRPqr9 function| kRZYts0 function| DRaxqZ0 object| sweh3 object| sgshDj9 function| YZsQNw5 function| tSFc0 object| KlIXtf7 object| turnstile boolean| Nwjpai0 string| YfJG0

3 Cookies

Domain/Path Name / Value
.bwin.com/ Name: __cf_bm
Value: cTPVy6GF2ZZNiqAXYuSn6iIr_JUCkqpwy8G_dM1r.RE-1709207813-1.0-Ac24jCZQdGdpJue4PHH2uHv+MvpTp9Hngn95Tp6zz39bNAqvHXP1s+tS8kwX51y6oANrBsRv+a18BebA+YL3fXE/92Mlc9HGvWAzhwOyslWo
www.bwin.com/ Name: cf_chl_3
Value: 29db7aefc0d750a
www.bwin.com/ Name: cf_chl_rc_ni
Value: 1

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://www.bwin.com/en/account/contact
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN