urlscan.io logo urlscan.io
SecurityTrails logo

bill.1lot.tv Open in urlscan Pro
87.98.129.113  Public Scan

Go To Rescan Add Verdict Report
URL: https://bill.1lot.tv/
Submission: On March 14 via automatic, source certstream-suspicious — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 87.98.129.113, located in France and belongs to OVH, FR. The main domain is bill.1lot.tv.
TLS certificate: Issued by R3 on March 14th 2022. Valid for: 3 months.
This is the only time bill.1lot.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 87.98.129.113 16276 (OVH)
2 142.250.74.196 15169 (GOOGLE)
4 172.217.18.99 15169 (GOOGLE)
1 142.250.184.227 15169 (GOOGLE)
9 5
Apex Domain
Subdomains		 Transfer
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
325 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
1 1lot.tv
bill.1lot.tv
b.1lot.tv Failed
2 KB
9 3
Domain Requested by
4 www.gstatic.com www.google.com
www.gstatic.com
2 www.google.com bill.1lot.tv
www.gstatic.com
1 fonts.gstatic.com www.google.com
1 bill.1lot.tv
0 b.1lot.tv Failed bill.1lot.tv
9 5

This site contains no links.

Subject Issuer Validity Valid
bill.1lot.tv
R3		 2022-03-14 -
2022-06-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bill.1lot.tv/
Frame ID: 0119EAB02CE7C39FCE4958AE3C8B3EBA
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcI60ZAAAAABw3DUP4vZBzWZpmUtlZg89llg_V&co=aHR0cHM6Ly9iaWxsLjFsb3QudHY6NDQz&hl=fr&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=klgn3d1qjuia
Frame ID: 2691874D09097D12168E47399FDB5580
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Добро пожаловать

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

329 kB
Transfer

804 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bill.1lot.tv/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bill.1lot.tv/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
87.98.129.113 , France, ASN16276 (OVH, FR),
Reverse DNS
ip113.ip-87-98-129.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bf4fc9f7e9d85c2d1e56083e0ea15aec296d5ebc7cb7dd9f4ae942bb84703ec9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Mon, 14 Mar 2022 11:44:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 14 Mar 2022 11:44:52 GMT
Cache-Control
no-cache
Pragma
no-cache
Content-Encoding
gzip
api.js
www.google.com/recaptcha/ 		884 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdcI60ZAAAAABw3DUP4vZBzWZpmUtlZg89llg_V
Requested by
Host: bill.1lot.tv
URL: https://bill.1lot.tv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
1c7baba05f6f18ea12d5571931cc3aac0a358e2b7fdad6aeed1aedaa8a928c9e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://bill.1lot.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 11:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
1; mode=block
expires
Mon, 14 Mar 2022 11:44:54 GMT
test.css
b.1lot.tv/ 		0
0
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ 		361 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdcI60ZAAAAABw3DUP4vZBzWZpmUtlZg89llg_V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
d98b28061de85cd898e925365aab0bc8437a3e573b28c60754a55140a73e0b75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill.1lot.tv/
Origin
https://bill.1lot.tv
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 18:01:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144892
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 18:01:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 2691 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcI60ZAAAAABw3DUP4vZBzWZpmUtlZg89llg_V&co=aHR0cHM6Ly9iaWxsLjFsb3QudHY6NDQz&hl=fr&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=klgn3d1qjuia
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__fr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
GSE /
Resource Hash
3792595f10a714c64820671ceaf66c58cf51dc3eeac034870db01202187c11f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cxNMLCGry35m5Bx3iMk5jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://bill.1lot.tv/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-security-policy
script-src 'report-sample' 'nonce-cxNMLCGry35m5Bx3iMk5jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
content-encoding
gzip
date
Mon, 14 Mar 2022 11:44:54 GMT
expires
Mon, 14 Mar 2022 11:44:54 GMT
cache-control
private, max-age=0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1040
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 2691 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcI60ZAAAAABw3DUP4vZBzWZpmUtlZg89llg_V&co=aHR0cHM6Ly9iaWxsLjFsb3QudHY6NDQz&hl=fr&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=klgn3d1qjuia
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 06:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Mar 2023 06:29:22 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame 2691 		361 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcI60ZAAAAABw3DUP4vZBzWZpmUtlZg89llg_V&co=aHR0cHM6Ly9iaWxsLjFsb3QudHY6NDQz&hl=fr&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=klgn3d1qjuia
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
d98b28061de85cd898e925365aab0bc8437a3e573b28c60754a55140a73e0b75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 18:01:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144892
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 05:02:21 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 18:01:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2691 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 18:59:48 GMT
x-content-type-options
nosniff
age
492306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 15 Mar 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2691 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcI60ZAAAAABw3DUP4vZBzWZpmUtlZg89llg_V&co=aHR0cHM6Ly9iaWxsLjFsb3QudHY6NDQz&hl=fr&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=klgn3d1qjuia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 17:06:41 GMT
x-content-type-options
nosniff
age
499093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Mar 2023 17:06:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
b.1lot.tv
URL
http://b.1lot.tv/test.css

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_783676

1 Cookies

Domain/Path Name / Value
bill.1lot.tv/ Name: PHPSESSID
Value: 7khl1fhlke8gqbm278kt2fu6c0

1 Console Messages

Source Level URL
Text
security error URL: https://bill.1lot.tv/(Line 7)
Message:
Mixed Content: The page at 'https://bill.1lot.tv/' was loaded over HTTPS, but requested an insecure stylesheet 'http://b.1lot.tv/test.css'. This request has been blocked; the content must be served over HTTPS.