betwinner1.com Open in urlscan Pro
213.183.44.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bwredir.com/1EgT
Effective URL:
https://betwinner1.com/en/block
Submission: On November 06 via api (November 6th 2022, 3:27:39 pm UTC) from RU — Scanned from NL

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 11 HTTP transactions. The main IP is 213.183.44.9, located in Lithuania and belongs to MELBICOM-EU-AS Melbikomas UAB, LT. The main domain is betwinner1.com.
TLS certificate: Issued by R3 on October 31st 2022. Valid for: 3 months.

This is the only time betwinner1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	23.83.127.76 23.83.127.76	7979 (SERVERS-COM) (SERVERS-COM)
1	2600:9000:214... 2600:9000:214f:ce00:18:94a4:a40:21	16509 (AMAZON-02) (AMAZON-02)
3 4	213.183.44.9 213.183.44.9	56630 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
11	4

2 23.83.127.76 (Netherlands) 1 redirects

ASN7979 (SERVERS-COM, US)

bwredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:ce00:18:94a4:a40:21 (United States)

ASN16509 (AMAZON-02, US)

d3nzzxw2m57ay1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.183.44.9 (Lithuania) 3 redirects

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)

betwinner1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	betwinner1.com 3 redirects betwinner1.com	904 B
2	bwredir.com 1 redirects bwredir.com — Cisco Umbrella Rank: 902276	1 KB
1	cloudfront.net d3nzzxw2m57ay1.cloudfront.net	11 KB
0	googleapis.com Failed fonts.googleapis.com Failed
0	cdnsfree.com Failed v3.cdnsfree.com Failed
11	5

	Domain	Requested by
4	betwinner1.com	3 redirects bwredir.com
2	bwredir.com	1 redirects
1	d3nzzxw2m57ay1.cloudfront.net	bwredir.com
0	fonts.googleapis.com Failed	betwinner1.com
0	v3.cdnsfree.com Failed	betwinner1.com
11	5

This site contains no links.

Subject Issuer	Validity	Valid
bwredir.com R3	`2022-10-25` - `2023-01-23`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.betwinner1.com R3	`2022-10-31` - `2023-01-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://betwinner1.com/en/block
Frame ID: EA02EE57E12E190322C0A34172A434FD
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bwredir.com/1EgT Page URL
https://bwredir.com/s/1EgT?fp=a2d0ce014e78ed2cbdd2e7e815a3f70a&ref=&tz=0 HTTP 302
https://betwinner1.com/?btag=d_39156m_393135c_bw_J1cPhq88dxDjboz8hSHzhY HTTP 302
https://betwinner1.com/nl?btag=d_39156m_393135c_bw_J1cPhq88dxDjboz8hSHzhY HTTP 302
https://betwinner1.com/en?btag=d_39156m_393135c_bw_J1cPhq88dxDjboz8hSHzhY HTTP 302
https://betwinner1.com/en/block Page URL

Page Statistics

11
Requests

27 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

12 kB
Transfer

155 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bwredir.com/1EgT Page URL
https://bwredir.com/s/1EgT?fp=a2d0ce014e78ed2cbdd2e7e815a3f70a&ref=&tz=0 HTTP 302
https://betwinner1.com/?btag=d_39156m_393135c_bw_J1cPhq88dxDjboz8hSHzhY HTTP 302
https://betwinner1.com/nl?btag=d_39156m_393135c_bw_J1cPhq88dxDjboz8hSHzhY HTTP 302
https://betwinner1.com/en?btag=d_39156m_393135c_bw_J1cPhq88dxDjboz8hSHzhY HTTP 302
https://betwinner1.com/en/block Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 1EgT Show response
bwredir.com/ 977 B
863 B 302ms
255ms Document
text/html 23.83.127.76
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://bwredir.com/1EgT

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.83.127.76 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

ca2ebd997103e642833bbfe0e05b3e602cd2d42b4e76cb4e772f8704831f94d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 06 Nov 2022 15:27:33 GMT
etag: W/"3d1-CGHL5A5KjfNokJWrEiJfDQ8/yeE"
expires: 0
pragma: no-cache
server: nginx
strict-transport-security: max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains
surrogate-control: no-store
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off

GET
H2 200 script.js Show response
d3nzzxw2m57ay1.cloudfront.net/assets/ 40 KB
11 KB 94ms
22ms Script
application/javascript 2600:9000:214f:ce00:18:94a4:a40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3nzzxw2m57ay1.cloudfront.net/assets/script.js

Requested by

Host: bwredir.com
URL: https://bwredir.com/1EgT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:ce00:18:94a4:a40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8cf570eb0ed77ddb0c4b3e66459b4f51483ffe26ce3cf454be977ee22d413e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bwredir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
date: Sun, 06 Nov 2022 14:49:12 GMT
x-amz-cf-pop: FRA53-C1
age: 2301
etag: W/"a1f3-QSm+TGCpm9A4dJalhacDrarq5s0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public
x-amz-cf-id: EvciBZexBPeeWNLvOGtjA-Bu6Cxm6J2__Ama8AaLtjzCZ__c3A45mQ==

GET
H2

200

Primary Request block
betwinner1.com/en/
Redirect Chain

https://bwredir.com/s/1EgT?fp=a2d0ce014e78ed2cbdd2e7e815a3f70a&ref=&tz=0
https://betwinner1.com/?btag=d_39156m_393135c_bw_J1cPhq88dxDjboz8hSHzhY
https://betwinner1.com/nl?btag=d_39156m_393135c_bw_J1cPhq88dxDjboz8hSHzhY
https://betwinner1.com/en?btag=d_39156m_393135c_bw_J1cPhq88dxDjboz8hSHzhY
https://betwinner1.com/en/block

113 KB
0

1819ms
1818ms

Document
text/html

213.183.44.9
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to

Full URL

https://betwinner1.com/en/block

Requested by

Host: bwredir.com
URL: https://bwredir.com/1EgT

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.183.44.9 , Lithuania, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bwredir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 06 Nov 2022 15:27:39 GMT
server: nginx
server-timing: total;dur=1690;desc="Nuxt Server Time" dt_495;dur=1695
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

date: Sun, 06 Nov 2022 15:27:37 GMT
location: /en/block
server: nginx
server-timing: total;dur=1672;desc="Nuxt Server Time" dt_495;dur=1688
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN

GET version.json
v3.cdnsfree.com/ 0
0

GET css2
fonts.googleapis.com/ 0
0

GET 35d779e4.js
v3.cdnsfree.com/_nuxt/desktop/betwinner/ 0
0

GET 121b73fc.js
v3.cdnsfree.com/_nuxt/desktop/betwinner/ 0
0

GET 4ed640c7.css
v3.cdnsfree.com/_nuxt/desktop/betwinner/css/ 0
0

GET ad62e390.js
v3.cdnsfree.com/_nuxt/desktop/betwinner/ 0
0

GET 176f5510.css
v3.cdnsfree.com/_nuxt/desktop/betwinner/css/ 0
0

GET 741617c7.js
v3.cdnsfree.com/_nuxt/desktop/betwinner/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/version.json

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Domain: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/betwinner/35d779e4.js

Domain: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/betwinner/121b73fc.js

Domain: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/betwinner/css/4ed640c7.css

Domain: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/betwinner/ad62e390.js

Domain: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/betwinner/css/176f5510.css

Domain: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/betwinner/741617c7.js

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bwredir.com/	1970-01-20 07:17:14	Name: uniq-redirect:betwinner Value: 1
betwinner1.com/	1970-01-20 07:20:07	Name: platform_type Value: desktop
betwinner1.com/	1970-01-20 16:01:24	Name: auid Value: 1bcsCWNn0meZvYctCl0TAg==
betwinner1.com/	1969-12-31 23:59:59	Name: SESSION Value: 5ec49cffd178601f153b649831880ed1
betwinner1.com/	1969-12-31 23:59:59	Name: lng Value: en

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

betwinner1.com
bwredir.com
d3nzzxw2m57ay1.cloudfront.net
fonts.googleapis.com
v3.cdnsfree.com
fonts.googleapis.com
v3.cdnsfree.com
213.183.44.9
23.83.127.76
2600:9000:214f:ce00:18:94a4:a40:21
8cf570eb0ed77ddb0c4b3e66459b4f51483ffe26ce3cf454be977ee22d413e73
ca2ebd997103e642833bbfe0e05b3e602cd2d42b4e76cb4e772f8704831f94d0

betwinner1.com Open in urlscan Pro 213.183.44.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

11 Requests

27 %HTTPS

33 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

12 kBTransfer

155 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

betwinner1.com Open in urlscan Pro
213.183.44.9 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

27 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

12 kB
Transfer

155 kB
Size

5
Cookies

11 HTTP transactions
0 data transactions