Report - magerrentshamuel.icu/f690dac8-3a9b-441e-aaa5-021694625367?campaignid=697059&zoneid=960331&feedid=197&device=mobile&browser=Other&browserVersion=125&os=android&osVersion=android_14&isp=DigiRomania&format=onclick&cost=0.0008&clickid=GMUBOMvJAWjjxSpwmI2CAegBy846gALCqaCbhtza0gE

Report Overview

Submitted URL
magerrentshamuel.icu/f690dac8-3a9b-441e-aaa5-021694625367?campaignid=697059&zoneid=960331&feedid=197&device=mobile&browser=Other&browserVersion=125&os=android&osVersion=android_14&isp=DigiRomania&format=onclick&cost=0.0008&clickid=GMUBOMvJAWjjxSpwmI2CAegBy846gALCqaCbhtza0gE
IP
18.196.86.59
ASN
#16509 AMAZON-02
Submitted
2024-05-10 05:59:26
Access
public
Website Title
Betano Splash Screen
Final URL
ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
magerrentshamuel.icu	unknown	2021-08-04	2021-08-05	2023-05-01	728 B	872 B	18.196.86.59
ro.betano.com	189966	2013-06-10	2016-06-17	2024-04-17	4.7 kB	50 kB	104.19.233.130
landingpages.kaizengaming.com	unknown	2018-10-04	2022-12-12	2024-03-27	9.6 kB	409 kB	172.64.147.77
gml-grp.com	57135	2020-02-28	2020-04-03	2024-05-08	1.4 kB	6.1 kB	188.114.97.1
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-09	425 B	89 kB	151.101.194.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 05:59:01	medium	Client IP	18.196.86.59	ET INFO Suspicious Domain (*.icu) in TLS SNI
2024-05-10 05:59:01	medium	Client IP	18.196.86.59	ET INFO Suspicious Domain (*.icu) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236	1.1 kB	2024-05-10	2024-05-10
Pretty URL ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 IP 104.19.233.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 07:59:26 Last Seen2024-05-10 07:59:26 Times Seen1 Hash 01c96c1c3bcb8068e733548d38627775 c2dc90ba07b2973f7e1a8e4e2a80f8efb06593d3 8a0e2bb5249b4675ea67fba73019a5b8729a0f006435c68eb49e61177db23a3f Loading...

	unknown	247 B	2024-05-10	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 07:59:26 Last Seen2024-05-10 07:59:26 Times Seen1 Hash 5a5f99e2df218a33dbae242acee81205 307d11710abe3c798289648469b4563ec79e6be2 0b8bdb78a9dcb2f294526001b2fa56f7b5b995183ac2be98089050e709a333d6 Loading...

	unknown	247 B	2024-05-10	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 07:59:26 Last Seen2024-05-10 07:59:26 Times Seen1 Hash 7589cae69ad7291495c3f52c4dc9e1e4 568da22f59e815351e42183d472bebb0b0e22e60 2ad247ad6c163d5ddb631300d0ad619699b6264d1db5ce15ddebe50c30dfab27 Loading...

	landingpages.kaizengaming.com/betano-splash-screen-bz/index.html	0 B	2023-03-07	2024-05-20
Pretty URL landingpages.kaizengaming.com/betano-splash-screen-bz/index.html IP 172.64.147.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 15:15:47 Times Seen37879209 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	landingpages.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-05-10	2024-05-10
Pretty URL landingpages.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.64.147.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 07:59:26 Last Seen2024-05-10 07:59:26 Times Seen1 Hash fc53b773154271167c9038287b1bbba0 7296459b259030f015a2039622031920a42e6886 54b67ace4d698f45755e7a2b24fcbf387433b4fd506ec5bce344b1a570924915 Loading...

	ro.betano.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.9 kB	2024-05-10	2024-05-10
Pretty URL ro.betano.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.19.233.130 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 07:59:26 Last Seen2024-05-10 07:59:27 Times Seen2 Hash be93be601b9cc7e37e3b2d757c904b62 33f0947cd319ddc8622521bb53580e0a44295cfe 42a06525aae8d556da9337f8deb9f05855c11647a88d24e00c60544e6e73b604 Loading...

	code.jquery.com/jquery-3.4.1.min.js	88 kB	2023-03-07	2024-05-20
Pretty URL code.jquery.com/jquery-3.4.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-20 15:05:51 Times Seen99210 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	landingpages.kaizengaming.com/betano-splash-screen-bz/common.js	679 B	2024-03-01	2024-05-20
Pretty URL landingpages.kaizengaming.com/betano-splash-screen-bz/common.js IP 172.64.147.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-01 11:20:11 Last Seen2024-05-20 01:32:13 Times Seen12 Hash 8922ed87734185657d9aca2ea33443d5 75f8dc60e63e699924009e9704c9ac087e47b26b 4b1195532f7dceb95cbd3e652275dd474d4d1bf5ccc69f3b056a937f78ac2a2b Loading...

	landingpages.kaizengaming.com/betano-splash-screen-bz/index.html	256 B	2024-03-01	2024-05-20
Pretty URL landingpages.kaizengaming.com/betano-splash-screen-bz/index.html IP 172.64.147.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-01 11:20:11 Last Seen2024-05-20 01:32:13 Times Seen10 Hash 0cf2d1c19ba838f9df8502aec5b5fdf5 b631a7ed0355169d1f03b2a1ebbd76b89ca4ebdc cb6c9531d4849ce612e472b985989094f7a247ae5d797aaa7539531874609a08 Loading...

	landingpages.kaizengaming.com/betano-splash-screen-bz/index.html	1.1 kB	2024-05-10	2024-05-10
Pretty URL landingpages.kaizengaming.com/betano-splash-screen-bz/index.html IP 172.64.147.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 07:59:26 Last Seen2024-05-10 07:59:26 Times Seen1 Hash f7b7e72e35a2b0d7c157a75f5eb397a1 4a692bbf652162ca0acaca14fa4bd7697009184b cb93ad048d47094543446d126457d824c61d9925098956f93318276c23e85beb Loading...

	landingpages.kaizengaming.com/custom.js	8.4 kB	2024-04-21	2024-05-20
Pretty URL landingpages.kaizengaming.com/custom.js IP 172.64.147.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-21 18:02:58 Last Seen2024-05-20 01:32:14 Times Seen12 Hash 33ee116356edf98775a384721cfdeabe 41321e4872acfcf8f8a5c2e88ba4b356a8a163b8 2b4079a3ccb693497f68232843febe70eaebb04a14bb504990bfc2ae26e19dd3 Loading...

HTTP Transactions (24)

	URL	IP	Response	Size
	magerrentshamuel.icu/f690dac8-3a9b-441e-aaa5-021694625367?campaignid=697059&zoneid=960331&feedid=197&device=mobile&browser=Other&browserVersion=125&os=android&osVersion=android_14&isp=DigiRomania&format=onclick&cost=0.0008&clickid=GMUBOMvJAWjjxSpwmI2CAegBy846gALCqaCbhtza0gE	18.196.86.59	302 Found	0 B
URL User Request GET HTTP/2 magerrentshamuel.icu/f690dac8-3a9b-441e-aaa5-021694625367?campaignid=697059&zoneid=960331&feedid=197&device=mobile&browser=Other&browserVersion=125&os=android&osVersion=android_14&isp=DigiRomania&format=onclick&cost=0.0008&clickid=GMUBOMvJAWjjxSpwmI2CAegBy846gALCqaCbhtza0gE IP 18.196.86.59:443 ASN #16509 AMAZON-02 Certificate IssuerSectigo Limited Subjectmagerrentshamuel.icu Fingerprint6C:B6:6A:19:3C:B0:A4:BE:61:E4:73:13:12:E9:4B:B0:DE:0F:16:49 ValidityTue, 16 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /f690dac8-3a9b-441e-aaa5-021694625367?campaignid=697059&zoneid=960331&feedid=197&device=mobile&browser=Other&browserVersion=125&os=android&osVersion=android_14&isp=DigiRomania&format=onclick&cost=0.0008&clickid=GMUBOMvJAWjjxSpwmI2CAegBy846gALCqaCbhtza0gE HTTP/1.1 Host: magerrentshamuel.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: nginx date: Fri, 10 May 2024 05:59:01 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://gml-grp.com/C.ashx?btag=a_45236b_2037c_&affid=3419&siteid=45236&adid=2037&c=wa4qu7gp632ucd613msaq15g pragma: no-cache set-cookie: f690dac8-3a9b-441e-aaa5-021694625367-v4=EmMFLdyCcjnfgOYaaDYF6hR-qSQWc1UJY4ZRlOLGP7Y; Max-Age=86400; Expires=Sat, 11-May-2024 05:59:01 GMT; Domain=magerrentshamuel.icu; Path=/; Secure; HttpOnly;SameSite=None cc-v4=Gl8%2Fleg%2BJ7WUaNlQfx4DXiOXhjYrqHHCk%2FkeHCUS2Rbda4gaRguFne6hk1jnKQjGWo4GhpsLcD3%2FUNmJ3NaYeluu%2BPRsEBrzVSf9MVkexeJ5JJ54syaMC6f8yvGce%2BoIkY9QpmI6%2FNK2nyhvdUoZEA%3D%3D; Max-Age=31536000; Expires=Sat, 10-May-2025 05:59:01 GMT; Domain=magerrentshamuel.icu; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	ro.betano.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	104.19.233.130	302 Found	0 B
URL GET HTTP/2 ro.betano.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.19.233.130:443 ASN #13335 CLOUDFLARENET Requested by https://ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 Certificate IssuerCloudflare, Inc. Subjectbetano.com FingerprintD0:1E:FE:D2:D8:14:BE:3C:B6:EA:87:2D:79:DA:D7:0D:9A:D3:B3:BB ValiditySun, 31 Dec 2023 00:00:00 GMT - Mon, 30 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1 Host: ro.betano.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: __cf_bm=UDu8A8BouYZ0SYLdVhC1EjUUUg3HQBiFQjWKIByxynM-1715320741-1.0.1.1-jvDXFw.6YHJAUiK.Nb.ze8LUR6qL2zPMvaGFQQGb8LeO9.vLaAmWe3_3_m.cztU_hZ3fPSqyYmMV2uFkZ0fPSg Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found date: Fri, 10 May 2024 05:59:02 GMT content-length: 0 location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js cache-control: max-age=300, public access-control-allow-origin: * vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 8817b36fd86f56b5-OSL X-Firefox-Spdy: h2`

	landingpages.kaizengaming.com/betano-splash-screen-bz/Betano-fifa-logo.png	172.64.147.77	200 OK	48 kB
URL GET HTTP/2 landingpages.kaizengaming.com/betano-splash-screen-bz/Betano-fifa-logo.png IP 172.64.147.77:443 ASN #13335 CLOUDFLARENET Requested by https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Certificate IssuerLet's Encrypt Subjectlandingpages.kaizengaming.com Fingerprint5E:93:EE:84:D7:36:0F:B8:51:7A:4F:F3:A2:3A:9B:1A:7D:D4:EF:E3 ValidityFri, 29 Mar 2024 22:47:57 GMT - Thu, 27 Jun 2024 22:47:56 GMT File type PNG image data, 764 x 232, 8-bit/color RGBA, non-interlaced Size 48 kB (47576 bytes) Hash d594a325ce04b9f643d628069c73a60c a91f1d72781b0d4b704654ac74435319923f584c 78993d9d00d2aca8a1459e4a7d02076e2671ed76cee6f0bc35ffdd54f12ffa4e HTTP Headers GET /betano-splash-screen-bz/Betano-fifa-logo.png HTTP/1.1 Host: landingpages.kaizengaming.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Cookie: __cf_bm=f5dO_5U1tbTvq4Z_TfY3uXp_Az_Es5VMgY_oSxxK4CE-1715320742-1.0.1.1-zeXBE.1HqiKPt9U8kMAfmbBJzwFfGrbV24B9RI6KhNoIGDOEh_HQ8BBlNi2BzKLlOFlqf_R.O2Rsz0D2GHsvKQ; _cfuvid=qoSzOxRRwj2EQaeDAL300Wx324s9GUUfRRJnCYuNHic-1715320742406-0.0.1.1-604800000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Fri, 10 May 2024 05:59:02 GMT content-type: image/png content-length: 47576 cache-control: public, max-age=900, immutable content-md5: 1ZSjJc4EufZD1igGnHOmDA== last-modified: Wed, 20 Mar 2024 14:21:01 GMT etag: "0x8DC48E8F859BBC7" x-ms-request-id: e936c2df-b01e-0014-4cd3-7a5a6d000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * vary: Accept-Encoding cf-cache-status: HIT age: 989 accept-ranges: bytes server: cloudflare cf-ray: 8817b370fde756c0-OSL X-Firefox-Spdy: h2

	landingpages.kaizengaming.com/betano-splash-screen-bz/splash_screen.png	172.64.147.77	200 OK	174 kB
URL GET HTTP/2 landingpages.kaizengaming.com/betano-splash-screen-bz/splash_screen.png IP 172.64.147.77:443 ASN #13335 CLOUDFLARENET Requested by https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Certificate IssuerLet's Encrypt Subjectlandingpages.kaizengaming.com Fingerprint5E:93:EE:84:D7:36:0F:B8:51:7A:4F:F3:A2:3A:9B:1A:7D:D4:EF:E3 ValidityFri, 29 Mar 2024 22:47:57 GMT - Thu, 27 Jun 2024 22:47:56 GMT File type PNG image data, 1320 x 922, 8-bit/color RGBA, non-interlaced Size 174 kB (173521 bytes) Hash 363918768d8b43999fc992a22e93faf4 d81da3e4ec66a3a1ef20ccaefcc395032c2c5f1f c09a7c14316c2756bac9fa80df23d091a28d83b5a5db698fc94ed1c02115d912 HTTP Headers GET /betano-splash-screen-bz/splash_screen.png HTTP/1.1 Host: landingpages.kaizengaming.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Cookie: __cf_bm=f5dO_5U1tbTvq4Z_TfY3uXp_Az_Es5VMgY_oSxxK4CE-1715320742-1.0.1.1-zeXBE.1HqiKPt9U8kMAfmbBJzwFfGrbV24B9RI6KhNoIGDOEh_HQ8BBlNi2BzKLlOFlqf_R.O2Rsz0D2GHsvKQ; _cfuvid=qoSzOxRRwj2EQaeDAL300Wx324s9GUUfRRJnCYuNHic-1715320742406-0.0.1.1-604800000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Fri, 10 May 2024 05:59:02 GMT content-type: image/png content-length: 173521 cache-control: public, max-age=900, immutable content-md5: NjkYdo2LQ5mfyZKiLpP69A== last-modified: Wed, 20 Mar 2024 14:21:01 GMT etag: "0x8DC48E8F847E41C" x-ms-request-id: f462d268-101e-0050-2fd3-7ad052000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * age: 989 vary: Accept-Encoding cf-cache-status: HIT accept-ranges: bytes server: cloudflare cf-ray: 8817b3710df056c0-OSL X-Firefox-Spdy: h2

	ro.betano.com/cdn-cgi/challenge-platform/h/g/jsd/r/8817b36dfeed56b5	104.19.233.130	200 OK	0 B
URL POST HTTP/2 ro.betano.com/cdn-cgi/challenge-platform/h/g/jsd/r/8817b36dfeed56b5 IP 104.19.233.130:443 ASN #13335 CLOUDFLARENET Requested by https://ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 Certificate IssuerCloudflare, Inc. Subjectbetano.com FingerprintD0:1E:FE:D2:D8:14:BE:3C:B6:EA:87:2D:79:DA:D7:0D:9A:D3:B3:BB ValiditySun, 31 Dec 2023 00:00:00 GMT - Mon, 30 Dec 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/challenge-platform/h/g/jsd/r/8817b36dfeed56b5 HTTP/1.1 Host: ro.betano.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 12294 Origin: https://ro.betano.com DNT: 1 Connection: keep-alive Referer: https://ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 Cookie: __cf_bm=UDu8A8BouYZ0SYLdVhC1EjUUUg3HQBiFQjWKIByxynM-1715320741-1.0.1.1-jvDXFw.6YHJAUiK.Nb.ze8LUR6qL2zPMvaGFQQGb8LeO9.vLaAmWe3_3_m.cztU_hZ3fPSqyYmMV2uFkZ0fPSg Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Fri, 10 May 2024 05:59:02 GMT content-type: text/plain; charset=UTF-8 content-length: 0 set-cookie: cf_clearance=z6t1.Dlr1ZvFO65DcRWoXOIDCZeWdygsEvzi70x11dQ-1715320742-1.0.1.1-6It9ta9oTwLGS2BbelkfdNIcj6Vq5Ed1Vjf6L9aIBPh534S2f4qYtRvPj49DngeZXhFzxmI3.FKQKgXOa5iBCg; Path=/; Expires=Sat, 10-May-25 05:59:02 GMT; Domain=.betano.com; HttpOnly; Secure; SameSite=None; Partitioned strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 8817b37159ed56b5-OSL X-Firefox-Spdy: h2

	ro.betano.com/favicon.ico	104.19.233.130	403 Forbidden	31 kB
URL GET HTTP/2 ro.betano.com/favicon.ico IP 104.19.233.130:443 ASN #13335 CLOUDFLARENET Requested by https://ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 Certificate IssuerCloudflare, Inc. Subjectbetano.com FingerprintD0:1E:FE:D2:D8:14:BE:3C:B6:EA:87:2D:79:DA:D7:0D:9A:D3:B3:BB ValiditySun, 31 Dec 2023 00:00:00 GMT - Mon, 30 Dec 2024 23:59:59 GMT File type HTML document, ASCII text Size 31 kB (30886 bytes) Hash c329b15c2dc00ff29c072ca7063b9f04 34a865394c222fa69b6628eade6c08d541100f0f 981d58d4243e844f994dd3cf1fec174578eaa82e400ff44141267acd69fd6d8e HTTP Headers GET /favicon.ico HTTP/1.1 Host: ro.betano.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 DNT: 1 Connection: keep-alive Cookie: __cf_bm=UDu8A8BouYZ0SYLdVhC1EjUUUg3HQBiFQjWKIByxynM-1715320741-1.0.1.1-jvDXFw.6YHJAUiK.Nb.ze8LUR6qL2zPMvaGFQQGb8LeO9.vLaAmWe3_3_m.cztU_hZ3fPSqyYmMV2uFkZ0fPSg Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 403 Forbidden date: Fri, 10 May 2024 05:59:02 GMT content-type: text/html; charset=UTF-8 x-frame-options: SAMEORIGIN referrer-policy: same-origin cache-control: max-age=15 expires: Fri, 10 May 2024 05:59:17 GMT vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 8817b36fc86b56b5-OSL content-encoding: br X-Firefox-Spdy: h2`

	landingpages.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	172.64.147.77	302 Found	0 B
URL GET HTTP/2 landingpages.kaizengaming.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.64.147.77:443 ASN #13335 CLOUDFLARENET Requested by https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Certificate IssuerLet's Encrypt Subjectlandingpages.kaizengaming.com Fingerprint5E:93:EE:84:D7:36:0F:B8:51:7A:4F:F3:A2:3A:9B:1A:7D:D4:EF:E3 ValidityFri, 29 Mar 2024 22:47:57 GMT - Thu, 27 Jun 2024 22:47:56 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1 Host: landingpages.kaizengaming.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: __cf_bm=f5dO_5U1tbTvq4Z_TfY3uXp_Az_Es5VMgY_oSxxK4CE-1715320742-1.0.1.1-zeXBE.1HqiKPt9U8kMAfmbBJzwFfGrbV24B9RI6KhNoIGDOEh_HQ8BBlNi2BzKLlOFlqf_R.O2Rsz0D2GHsvKQ; _cfuvid=qoSzOxRRwj2EQaeDAL300Wx324s9GUUfRRJnCYuNHic-1715320742406-0.0.1.1-604800000 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found date: Fri, 10 May 2024 05:59:02 GMT content-length: 0 access-control-allow-origin: * location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js cache-control: max-age=300, public vary: Accept-Encoding server: cloudflare cf-ray: 8817b3725f3f56c0-OSL X-Firefox-Spdy: h2`

	landingpages.kaizengaming.com/cdn-cgi/challenge-platform/h/g/jsd/r/8817b36fcd0d56c0	172.64.147.77	200 OK	0 B
URL POST HTTP/2 landingpages.kaizengaming.com/cdn-cgi/challenge-platform/h/g/jsd/r/8817b36fcd0d56c0 IP 172.64.147.77:443 ASN #13335 CLOUDFLARENET Requested by https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Certificate IssuerLet's Encrypt Subjectlandingpages.kaizengaming.com Fingerprint5E:93:EE:84:D7:36:0F:B8:51:7A:4F:F3:A2:3A:9B:1A:7D:D4:EF:E3 ValidityFri, 29 Mar 2024 22:47:57 GMT - Thu, 27 Jun 2024 22:47:56 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/challenge-platform/h/g/jsd/r/8817b36fcd0d56c0 HTTP/1.1 Host: landingpages.kaizengaming.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 12218 Origin: https://landingpages.kaizengaming.com DNT: 1 Connection: keep-alive Referer: https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Cookie: __cf_bm=f5dO_5U1tbTvq4Z_TfY3uXp_Az_Es5VMgY_oSxxK4CE-1715320742-1.0.1.1-zeXBE.1HqiKPt9U8kMAfmbBJzwFfGrbV24B9RI6KhNoIGDOEh_HQ8BBlNi2BzKLlOFlqf_R.O2Rsz0D2GHsvKQ; _cfuvid=qoSzOxRRwj2EQaeDAL300Wx324s9GUUfRRJnCYuNHic-1715320742406-0.0.1.1-604800000 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Fri, 10 May 2024 05:59:03 GMT content-type: text/plain; charset=UTF-8 content-length: 0 set-cookie: cf_clearance=YeUcd5v9eYG9BMm6H15ah_fVH7W8OIO4ZtlNP1fLVpU-1715320743-1.0.1.1-gE_4L8QvPkAaedlARMyekn5yl65WZmqottxjqSLp8RxcFACUszr3xdI46E__U4gd4QrCPIL1TJ5gRtUwTTSkWQ; Path=/; Expires=Sat, 10-May-25 05:59:03 GMT; Domain=.kaizengaming.com; HttpOnly; Secure; SameSite=None; Partitioned server: cloudflare cf-ray: 8817b373b82f56c0-OSL X-Firefox-Spdy: h2`

	landingpages.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js	172.64.147.77	200 OK	9.0 kB
URL GET HTTP/2 landingpages.kaizengaming.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js IP 172.64.147.77:443 ASN #13335 CLOUDFLARENET Requested by https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Certificate IssuerLet's Encrypt Subjectlandingpages.kaizengaming.com Fingerprint5E:93:EE:84:D7:36:0F:B8:51:7A:4F:F3:A2:3A:9B:1A:7D:D4:EF:E3 ValidityFri, 29 Mar 2024 22:47:57 GMT - Thu, 27 Jun 2024 22:47:56 GMT File type gzip compressed data, from Unix Size 9.0 kB (9000 bytes) Hash 44aed6679522e526540fb40023f4cbbb bd22ca4b36402014de395c73faef015735488136 f93ca7128e54bc0f08fb56b6b9b75bac35df9526ab9d3226589bed04994d641a HTTP Headers GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js HTTP/1.1 Host: landingpages.kaizengaming.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: __cf_bm=f5dO_5U1tbTvq4Z_TfY3uXp_Az_Es5VMgY_oSxxK4CE-1715320742-1.0.1.1-zeXBE.1HqiKPt9U8kMAfmbBJzwFfGrbV24B9RI6KhNoIGDOEh_HQ8BBlNi2BzKLlOFlqf_R.O2Rsz0D2GHsvKQ; _cfuvid=qoSzOxRRwj2EQaeDAL300Wx324s9GUUfRRJnCYuNHic-1715320742406-0.0.1.1-604800000 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Fri, 10 May 2024 05:59:02 GMT content-type: application/javascript; charset=UTF-8 x-content-type-options: nosniff cache-control: max-age=14400, public vary: Accept-Encoding server: cloudflare cf-ray: 8817b3728f5056c0-OSL content-encoding: gzip X-Firefox-Spdy: h2`

	ro.betano.com/cdn-cgi/apps/head/GYWTPyMKjTpVvx13sZbmZkPCv0k.js	104.19.233.130	403 Forbidden	4.2 kB
URL GET HTTP/2 ro.betano.com/cdn-cgi/apps/head/GYWTPyMKjTpVvx13sZbmZkPCv0k.js IP 104.19.233.130:443 ASN #13335 CLOUDFLARENET Requested by https://ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 Certificate IssuerCloudflare, Inc. Subjectbetano.com FingerprintD0:1E:FE:D2:D8:14:BE:3C:B6:EA:87:2D:79:DA:D7:0D:9A:D3:B3:BB ValiditySun, 31 Dec 2023 00:00:00 GMT - Mon, 30 Dec 2024 23:59:59 GMT File type HTML document, ASCII text Size 4.2 kB (4240 bytes) Hash c329b15c2dc00ff29c072ca7063b9f04 34a865394c222fa69b6628eade6c08d541100f0f 981d58d4243e844f994dd3cf1fec174578eaa82e400ff44141267acd69fd6d8e HTTP Headers GET /cdn-cgi/apps/head/GYWTPyMKjTpVvx13sZbmZkPCv0k.js HTTP/1.1 Host: ro.betano.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 DNT: 1 Connection: keep-alive Cookie: __cf_bm=UDu8A8BouYZ0SYLdVhC1EjUUUg3HQBiFQjWKIByxynM-1715320741-1.0.1.1-jvDXFw.6YHJAUiK.Nb.ze8LUR6qL2zPMvaGFQQGb8LeO9.vLaAmWe3_3_m.cztU_hZ3fPSqyYmMV2uFkZ0fPSg Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 403 Forbidden date: Fri, 10 May 2024 05:59:02 GMT content-type: text/html; charset=UTF-8 x-frame-options: SAMEORIGIN referrer-policy: same-origin cache-control: max-age=15 expires: Fri, 10 May 2024 05:59:17 GMT vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 8817b36f481056b5-OSL content-encoding: br X-Firefox-Spdy: h2`

	landingpages.kaizengaming.com/betano-splash-screen-bz/common.js	172.64.147.77	200 OK	13 kB
URL GET HTTP/2 landingpages.kaizengaming.com/betano-splash-screen-bz/common.js IP 172.64.147.77:443 ASN #13335 CLOUDFLARENET Requested by https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Certificate IssuerLet's Encrypt Subjectlandingpages.kaizengaming.com Fingerprint5E:93:EE:84:D7:36:0F:B8:51:7A:4F:F3:A2:3A:9B:1A:7D:D4:EF:E3 ValidityFri, 29 Mar 2024 22:47:57 GMT - Thu, 27 Jun 2024 22:47:56 GMT File type gzip compressed data, from Unix Size 13 kB (13269 bytes) Hash 5a0ce06023cb80a048a63197e7237f88 e1382df6d65ca8262d6dc94825db57b4b1522876 bdfb5a6a72dc6bbe0c181599236242e5ab7db8535af8a7abc925def91c5037b3 HTTP Headers GET /betano-splash-screen-bz/common.js HTTP/1.1 Host: landingpages.kaizengaming.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Cookie: __cf_bm=f5dO_5U1tbTvq4Z_TfY3uXp_Az_Es5VMgY_oSxxK4CE-1715320742-1.0.1.1-zeXBE.1HqiKPt9U8kMAfmbBJzwFfGrbV24B9RI6KhNoIGDOEh_HQ8BBlNi2BzKLlOFlqf_R.O2Rsz0D2GHsvKQ; _cfuvid=qoSzOxRRwj2EQaeDAL300Wx324s9GUUfRRJnCYuNHic-1715320742406-0.0.1.1-604800000 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Fri, 10 May 2024 05:59:02 GMT content-type: application/javascript; charset=utf-8 cache-control: public, max-age=900, immutable content-md5: L+yKRX+DNQfJu3Rejg+ceQ== last-modified: Wed, 20 Mar 2024 14:20:54 GMT etag: W/"0x8DC48E8F468A3B5" x-ms-request-id: e92e5fbd-b01e-0014-40d2-7a5a6d000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * age: 989 vary: Accept-Encoding content-encoding: gzip cf-cache-status: HIT server: cloudflare cf-ray: 8817b370edd956c0-OSL X-Firefox-Spdy: h2

	landingpages.kaizengaming.com/betano-splash-screen-bz/style.css	172.64.147.77	200 OK	76 B
URL GET HTTP/2 landingpages.kaizengaming.com/betano-splash-screen-bz/style.css IP 172.64.147.77:443 ASN #13335 CLOUDFLARENET Requested by https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Certificate IssuerLet's Encrypt Subjectlandingpages.kaizengaming.com Fingerprint5E:93:EE:84:D7:36:0F:B8:51:7A:4F:F3:A2:3A:9B:1A:7D:D4:EF:E3 ValidityFri, 29 Mar 2024 22:47:57 GMT - Thu, 27 Jun 2024 22:47:56 GMT File type ASCII text, with no line terminators Size 76 B (76 bytes) Hash 1786707c8e8e941d27002432d60354bd 86c0607885c64fe6f8ec0b95ee304b7c0ed054af e23dbc96ee3f26176ca5e02345aad830df99cae8621278d5ea01a30e9c6dfc7e HTTP Headers GET /betano-splash-screen-bz/style.css HTTP/1.1 Host: landingpages.kaizengaming.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Cookie: __cf_bm=f5dO_5U1tbTvq4Z_TfY3uXp_Az_Es5VMgY_oSxxK4CE-1715320742-1.0.1.1-zeXBE.1HqiKPt9U8kMAfmbBJzwFfGrbV24B9RI6KhNoIGDOEh_HQ8BBlNi2BzKLlOFlqf_R.O2Rsz0D2GHsvKQ; _cfuvid=qoSzOxRRwj2EQaeDAL300Wx324s9GUUfRRJnCYuNHic-1715320742406-0.0.1.1-604800000 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 10 May 2024 05:59:02 GMT content-type: text/css; charset=utf-8 cache-control: public, max-age=900, immutable content-md5: ZxXRan+lPFSn/gcapNFmtQ== last-modified: Wed, 20 Mar 2024 14:21:01 GMT etag: W/"0x8DC48E8F8401D06" x-ms-request-id: 6daa03c4-701e-0056-7fd2-7ae3ed000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * age: 989 vary: Accept-Encoding content-encoding: gzip cf-cache-status: HIT server: cloudflare cf-ray: 8817b370ddcc56c0-OSL X-Firefox-Spdy: h2

	gml-grp.com/C.ashx?btag=a_45236b_2037c_&affid=3419&siteid=45236&adid=2037&c=wa4qu7gp632ucd613msaq15g	188.114.97.1	302 Found	1.6 kB
URL User Request GET HTTP/2 gml-grp.com/C.ashx?btag=a_45236b_2037c_&affid=3419&siteid=45236&adid=2037&c=wa4qu7gp632ucd613msaq15g IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerLet's Encrypt Subjectgml-grp.com FingerprintEA:11:0F:05:E6:EB:73:11:61:DA:4A:24:DA:AB:52:B8:C1:93:A2:E4 ValidityThu, 18 Apr 2024 15:57:01 GMT - Wed, 17 Jul 2024 15:57:00 GMT File type Size 1.6 kB (1550 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /C.ashx?btag=a_45236b_2037c_&affid=3419&siteid=45236&adid=2037&c=wa4qu7gp632ucd613msaq15g HTTP/1.1 Host: gml-grp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Fri, 10 May 2024 05:59:01 GMT content-type: text/html; charset=utf-8 cache-control: private location: //gml-grp.com/C.ashx?btag=a_45236b_2037c_&affid=3419&siteid=45236&adid=2037&c=wa4qu7gp632ucd613msaq15g&AutoR=1 x-aspnetmvc-version: 5.3 p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin: * x-aspnet-version: 4.0.30319 x-powered-by: ASP.NET x-xss-protection: 1; mode=block cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=repF6paD6I1Iu924P06g76BLYLWlWGkG%2BOqq5yvRiElkFwhc8kl2bbhE%2BFZgpPDtP24OnCZwqvJ%2BPzz6ghUMRE40bGY%2F1aVqCoKE7IBBdBtemPvxrXYY7NfvNloKnA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} set-cookie: CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure __cf_bm=BUIX.sDfhF_Za9oYzbvQKghnPM3wzq0nWBQOnEqkftg-1715320741-1.0.1.1-T839833JS1sQqjtal3k0wDTNcGko4J_7b4WSJ0RxxEWSzFmLwsq420Sex0H4g9VyWDQvIwnvVfLyT32qMo7pHA; path=/; expires=Fri, 10-May-24 06:29:01 GMT; domain=.gml-grp.com; HttpOnly; Secure; SameSite=None _cfuvid=9GkKXwicDSnAk8E_EyAL57O7Zf5ZfeSN2g.zEwd.j6A-1715320741551-0.0.1.1-604800000; path=/; domain=.gml-grp.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 8817b36a4d2056c9-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236	104.19.233.130	403 Forbidden	1.6 kB
URL User Request GET HTTP/2 ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 IP 104.19.233.130:443 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectbetano.com FingerprintD0:1E:FE:D2:D8:14:BE:3C:B6:EA:87:2D:79:DA:D7:0D:9A:D3:B3:BB ValiditySun, 31 Dec 2023 00:00:00 GMT - Mon, 30 Dec 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (1581), with no line terminators Size 1.6 kB (1550 bytes) Hash 98321a8564893dbc50987856e3215716 8a92177045a821468a0aac520c4186722ac57e9a 6b718414dc2da967ac078d1cd0cd62ad08318dd085d5228228adb4f69b8f2bd1 HTTP Headers GET /deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 HTTP/1.1 Host: ro.betano.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Cookie: __cf_bm=UDu8A8BouYZ0SYLdVhC1EjUUUg3HQBiFQjWKIByxynM-1715320741-1.0.1.1-jvDXFw.6YHJAUiK.Nb.ze8LUR6qL2zPMvaGFQQGb8LeO9.vLaAmWe3_3_m.cztU_hZ3fPSqyYmMV2uFkZ0fPSg Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 403 Forbidden date: Fri, 10 May 2024 05:59:02 GMT content-type: text/html; charset=UTF-8 x-frame-options: SAMEORIGIN referrer-policy: same-origin cache-control: max-age=15 expires: Fri, 10 May 2024 05:59:17 GMT vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 8817b36dfeed56b5-OSL content-encoding: br X-Firefox-Spdy: h2`

	ro.betano.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js	104.19.233.130	200 OK	7.9 kB
URL GET HTTP/2 ro.betano.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js IP 104.19.233.130:443 ASN #13335 CLOUDFLARENET Requested by https://ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 Certificate IssuerCloudflare, Inc. Subjectbetano.com FingerprintD0:1E:FE:D2:D8:14:BE:3C:B6:EA:87:2D:79:DA:D7:0D:9A:D3:B3:BB ValiditySun, 31 Dec 2023 00:00:00 GMT - Mon, 30 Dec 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (7926), with no line terminators Size 7.9 kB (7926 bytes) Hash be93be601b9cc7e37e3b2d757c904b62 33f0947cd319ddc8622521bb53580e0a44295cfe 42a06525aae8d556da9337f8deb9f05855c11647a88d24e00c60544e6e73b604 HTTP Headers GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js HTTP/1.1 Host: ro.betano.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: __cf_bm=UDu8A8BouYZ0SYLdVhC1EjUUUg3HQBiFQjWKIByxynM-1715320741-1.0.1.1-jvDXFw.6YHJAUiK.Nb.ze8LUR6qL2zPMvaGFQQGb8LeO9.vLaAmWe3_3_m.cztU_hZ3fPSqyYmMV2uFkZ0fPSg Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Fri, 10 May 2024 05:59:02 GMT content-type: application/javascript; charset=UTF-8 x-content-type-options: nosniff cache-control: max-age=14400, public vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains; preload server: cloudflare cf-ray: 8817b370089c56b5-OSL content-encoding: br X-Firefox-Spdy: h2`

	landingpages.kaizengaming.com/betano-splash-screen-bz/common.css	172.64.147.77	200 OK	1.0 kB
URL GET HTTP/2 landingpages.kaizengaming.com/betano-splash-screen-bz/common.css IP 172.64.147.77:443 ASN #13335 CLOUDFLARENET Requested by https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Certificate IssuerLet's Encrypt Subjectlandingpages.kaizengaming.com Fingerprint5E:93:EE:84:D7:36:0F:B8:51:7A:4F:F3:A2:3A:9B:1A:7D:D4:EF:E3 ValidityFri, 29 Mar 2024 22:47:57 GMT - Thu, 27 Jun 2024 22:47:56 GMT File type ASCII text, with very long lines (1236), with no line terminators Size 1.0 kB (1040 bytes) Hash c2c5994813aae16c5407bd2423a014e0 37bfccd3ebff1b77736129fd891167af6e458429 368a33558d2b4b6b32cdfa63217ea78c92fb29642682d3b85b08e5e7ebbbfa8e HTTP Headers GET /betano-splash-screen-bz/common.css HTTP/1.1 Host: landingpages.kaizengaming.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://landingpages.kaizengaming.com/betano-splash-screen-bz/style.css Cookie: __cf_bm=f5dO_5U1tbTvq4Z_TfY3uXp_Az_Es5VMgY_oSxxK4CE-1715320742-1.0.1.1-zeXBE.1HqiKPt9U8kMAfmbBJzwFfGrbV24B9RI6KhNoIGDOEh_HQ8BBlNi2BzKLlOFlqf_R.O2Rsz0D2GHsvKQ; _cfuvid=qoSzOxRRwj2EQaeDAL300Wx324s9GUUfRRJnCYuNHic-1715320742406-0.0.1.1-604800000 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 10 May 2024 05:59:02 GMT content-type: text/css; charset=utf-8 cache-control: public, max-age=900, immutable content-md5: 2zeD9t+ARG2HxMnwtI/5iA== last-modified: Wed, 20 Mar 2024 14:20:54 GMT etag: W/"0x8DC48E8F45F5643" x-ms-request-id: 173f622c-f01e-0058-74d2-7aca5d000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * age: 989 vary: Accept-Encoding content-encoding: gzip cf-cache-status: HIT server: cloudflare cf-ray: 8817b3711e1d56c0-OSL X-Firefox-Spdy: h2

	code.jquery.com/jquery-3.4.1.min.js	151.101.194.137	200 OK	88 kB
URL GET HTTP/2 code.jquery.com/jquery-3.4.1.min.js IP 151.101.194.137:443 ASN #54113 FASTLY Requested by https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Certificate IssuerSectigo Limited Subject.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65451) Size 88 kB (88145 bytes) Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a HTTP Headers `GET /jquery-3.4.1.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://landingpages.kaizengaming.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-15851" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Fri, 10 May 2024 05:59:02 GMT age: 7239241 x-served-by: cache-lga21965-LGA, cache-hel1410030-HEL x-cache: HIT, HIT x-cache-hits: 23, 607852 x-timer: S1715320743.628681,VS0,VE0 vary: Accept-Encoding content-length: 30638 X-Firefox-Spdy: h2

	gml-grp.com/C.ashx?btag=a_45236b_2037c_&affid=3419&siteid=45236&adid=2037&c=wa4qu7gp632ucd613msaq15g&AutoR=1	188.114.97.1	302 Found	1.6 kB
URL User Request GET HTTP/2 gml-grp.com/C.ashx?btag=a_45236b_2037c_&affid=3419&siteid=45236&adid=2037&c=wa4qu7gp632ucd613msaq15g&AutoR=1 IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerLet's Encrypt Subjectgml-grp.com FingerprintEA:11:0F:05:E6:EB:73:11:61:DA:4A:24:DA:AB:52:B8:C1:93:A2:E4 ValidityThu, 18 Apr 2024 15:57:01 GMT - Wed, 17 Jul 2024 15:57:00 GMT File type Size 1.6 kB (1550 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /C.ashx?btag=a_45236b_2037c_&affid=3419&siteid=45236&adid=2037&c=wa4qu7gp632ucd613msaq15g&AutoR=1 HTTP/1.1 Host: gml-grp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: CEK=a; __cf_bm=BUIX.sDfhF_Za9oYzbvQKghnPM3wzq0nWBQOnEqkftg-1715320741-1.0.1.1-T839833JS1sQqjtal3k0wDTNcGko4J_7b4WSJ0RxxEWSzFmLwsq420Sex0H4g9VyWDQvIwnvVfLyT32qMo7pHA; _cfuvid=9GkKXwicDSnAk8E_EyAL57O7Zf5ZfeSN2g.zEwd.j6A-1715320741551-0.0.1.1-604800000 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Fri, 10 May 2024 05:59:01 GMT content-type: text/html; charset=utf-8 location: https://ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 cache-control: private x-aspnetmvc-version: 5.3 p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin: * x-aspnet-version: 4.0.30319 set-cookie: XYZ=3&1&19&&&&0&1&&e4ce088f-8678-464a-bb79-a967a2b30125&&a_45236b_2037&; expires=Thu, 08-Aug-2024 05:59:01 GMT; path=/; SameSite=None; Secure A_2037=a=2037&r=0&fv=0&lv=0&vc=0&fc=20240510&lc=20240510055901&cc=1; expires=Thu, 08-Aug-2024 05:59:01 GMT; path=/; SameSite=None; Secure PM_5=id=4cfc6969-aaaf-4e70-88ea-2a8443f987d2&c=wa4qu7gp632ucd613msaq15g&s=45236&ad=2037&md=0&pm=5&d=20240510055901&ip=1532635802&r=0&ref=&RedirectParams=btag%3Da_45236b_2037c_wa4qu7gp632ucd613msaq15g%5BCustomMergeFields%5D%26siteid%3D45236&cip=OTEuOTAuNDIuMTU0; expires=Thu, 08-Aug-2024 05:59:01 GMT; path=/; SameSite=None; Secure CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure x-powered-by: ASP.NET x-xss-protection: 1; mode=block cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GRA1DCw6mry9hvRElY3ZEDbF3G7%2BcBke1ALCXoSlp42eqWLPPD8AG72aDVTNLDdAGqLE47rfCMWm2m3oKX5z963HpTzUv6Z%2BM3bcBGWEAXwmQ1qUtVnGHZ8TdfcHdA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8817b36b3e3c56c9-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	landingpages.kaizengaming.com/custom.js	172.64.147.77	200 OK	8.4 kB
URL GET HTTP/2 landingpages.kaizengaming.com/custom.js IP 172.64.147.77:443 ASN #13335 CLOUDFLARENET Requested by https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Certificate IssuerLet's Encrypt Subjectlandingpages.kaizengaming.com Fingerprint5E:93:EE:84:D7:36:0F:B8:51:7A:4F:F3:A2:3A:9B:1A:7D:D4:EF:E3 ValidityFri, 29 Mar 2024 22:47:57 GMT - Thu, 27 Jun 2024 22:47:56 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (8729), with no line terminators Size 8.4 kB (8384 bytes) Hash 2fc11838c650e2b49f39bfd7571fba2a 04bdb724bab0af8aca5d083e205d75c5d42c12b0 be3fb046306445eaf969ac7add19900fa70c1a427644813abb9efdc887eddb8e HTTP Headers GET /custom.js HTTP/1.1 Host: landingpages.kaizengaming.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Cookie: __cf_bm=f5dO_5U1tbTvq4Z_TfY3uXp_Az_Es5VMgY_oSxxK4CE-1715320742-1.0.1.1-zeXBE.1HqiKPt9U8kMAfmbBJzwFfGrbV24B9RI6KhNoIGDOEh_HQ8BBlNi2BzKLlOFlqf_R.O2Rsz0D2GHsvKQ; _cfuvid=qoSzOxRRwj2EQaeDAL300Wx324s9GUUfRRJnCYuNHic-1715320742406-0.0.1.1-604800000 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 10 May 2024 05:59:02 GMT content-type: application/javascript content-md5: M+4RY1bt+Yd1o4RyHP3qvg== last-modified: Tue, 16 Apr 2024 15:01:24 GMT etag: W/"0x8DC5E261577270C" x-ms-request-id: ab74d9d2-a01e-0045-7f0f-90c7e1000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * vary: Accept-Encoding content-encoding: gzip cf-cache-status: HIT age: 1528 server: cloudflare cf-ray: 8817b370fdde56c0-OSL X-Firefox-Spdy: h2

	landingpages.kaizengaming.com/betano-splash-screen-bz/splash.css	172.64.147.77	200 OK	1.8 kB
URL GET HTTP/2 landingpages.kaizengaming.com/betano-splash-screen-bz/splash.css IP 172.64.147.77:443 ASN #13335 CLOUDFLARENET Requested by https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Certificate IssuerLet's Encrypt Subjectlandingpages.kaizengaming.com Fingerprint5E:93:EE:84:D7:36:0F:B8:51:7A:4F:F3:A2:3A:9B:1A:7D:D4:EF:E3 ValidityFri, 29 Mar 2024 22:47:57 GMT - Thu, 27 Jun 2024 22:47:56 GMT File type ASCII text, with very long lines (1976), with no line terminators Size 1.8 kB (1824 bytes) Hash bd7d3cf3057f5f60cc5b8828fcac1c5e a46594a9fad9b81a49373f113b635aed303bbd23 d914224d8cdac0b5cb28523ab39983d6b682562f3e232a6417103fdd5dbb7028 HTTP Headers GET /betano-splash-screen-bz/splash.css HTTP/1.1 Host: landingpages.kaizengaming.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://landingpages.kaizengaming.com/betano-splash-screen-bz/style.css Cookie: __cf_bm=f5dO_5U1tbTvq4Z_TfY3uXp_Az_Es5VMgY_oSxxK4CE-1715320742-1.0.1.1-zeXBE.1HqiKPt9U8kMAfmbBJzwFfGrbV24B9RI6KhNoIGDOEh_HQ8BBlNi2BzKLlOFlqf_R.O2Rsz0D2GHsvKQ; _cfuvid=qoSzOxRRwj2EQaeDAL300Wx324s9GUUfRRJnCYuNHic-1715320742406-0.0.1.1-604800000 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 10 May 2024 05:59:02 GMT content-type: text/css; charset=utf-8 cache-control: public, max-age=900, immutable content-md5: 2ClwY1GyFLR6s4zX8lwQEA== last-modified: Wed, 20 Mar 2024 14:20:54 GMT etag: W/"0x8DC48E8F4551E96" x-ms-request-id: f464fde3-e01e-0036-20d2-7a9f72000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * age: 989 vary: Accept-Encoding content-encoding: gzip cf-cache-status: HIT server: cloudflare cf-ray: 8817b3711e2356c0-OSL X-Firefox-Spdy: h2

	ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236	104.19.233.130	403 Forbidden	1.6 kB
URL User Request GET HTTP/2 ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 IP 104.19.233.130:443 ASN #13335 CLOUDFLARENET Certificate IssuerCloudflare, Inc. Subjectbetano.com FingerprintD0:1E:FE:D2:D8:14:BE:3C:B6:EA:87:2D:79:DA:D7:0D:9A:D3:B3:BB ValiditySun, 31 Dec 2023 00:00:00 GMT - Mon, 30 Dec 2024 23:59:59 GMT File type HTML document, ASCII text, with very long lines (1581), with no line terminators Size 1.6 kB (1550 bytes) Hash 70190965c41b2fdda66d554a965a27b4 df1e3bc98e29546797f3c42cd7743c280921c1b4 78887d12fb692741d052f23b04d308ca37392bd9914aabaf493f8236d32b5a7b HTTP Headers GET /deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 HTTP/1.1 Host: ro.betano.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 403 Forbidden date: Fri, 10 May 2024 05:59:01 GMT content-type: text/html; charset=UTF-8 x-frame-options: SAMEORIGIN referrer-policy: same-origin cache-control: max-age=15 expires: Fri, 10 May 2024 05:59:16 GMT set-cookie: __cf_bm=UDu8A8BouYZ0SYLdVhC1EjUUUg3HQBiFQjWKIByxynM-1715320741-1.0.1.1-jvDXFw.6YHJAUiK.Nb.ze8LUR6qL2zPMvaGFQQGb8LeO9.vLaAmWe3_3_m.cztU_hZ3fPSqyYmMV2uFkZ0fPSg; path=/; expires=Fri, 10-May-24 06:29:01 GMT; domain=.betano.com; HttpOnly; Secure; SameSite=None vary: Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 8817b36bfd3456b5-OSL content-encoding: br X-Firefox-Spdy: h2

	landingpages.kaizengaming.com/betano-splash-screen-bz/fonts.css	172.64.147.77	200 OK	4.3 kB
URL GET HTTP/2 landingpages.kaizengaming.com/betano-splash-screen-bz/fonts.css IP 172.64.147.77:443 ASN #13335 CLOUDFLARENET Requested by https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Certificate IssuerLet's Encrypt Subjectlandingpages.kaizengaming.com Fingerprint5E:93:EE:84:D7:36:0F:B8:51:7A:4F:F3:A2:3A:9B:1A:7D:D4:EF:E3 ValidityFri, 29 Mar 2024 22:47:57 GMT - Thu, 27 Jun 2024 22:47:56 GMT File type ASCII text, with very long lines (4542), with no line terminators Size 4.3 kB (4333 bytes) Hash dd9dcc7bddbf2c4bbb1284c3a8a2d9d0 a1cbe62bc99c88aabe9a977ef62f1b5663dc132c 23e879cfc654278ee3e4a7375806a27e8d3384d3f36c9c71b60f39d7da107930 HTTP Headers GET /betano-splash-screen-bz/fonts.css HTTP/1.1 Host: landingpages.kaizengaming.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://landingpages.kaizengaming.com/betano-splash-screen-bz/style.css Cookie: __cf_bm=f5dO_5U1tbTvq4Z_TfY3uXp_Az_Es5VMgY_oSxxK4CE-1715320742-1.0.1.1-zeXBE.1HqiKPt9U8kMAfmbBJzwFfGrbV24B9RI6KhNoIGDOEh_HQ8BBlNi2BzKLlOFlqf_R.O2Rsz0D2GHsvKQ; _cfuvid=qoSzOxRRwj2EQaeDAL300Wx324s9GUUfRRJnCYuNHic-1715320742406-0.0.1.1-604800000 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 10 May 2024 05:59:02 GMT content-type: text/css; charset=utf-8 cache-control: public, max-age=900, immutable content-md5: K3UlIa+rSY1rfTjzgOWKQQ== last-modified: Wed, 20 Mar 2024 14:20:55 GMT etag: W/"0x8DC48E8F471F129" x-ms-request-id: 405ca6cd-301e-0047-48d3-7a7959000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * age: 989 vary: Accept-Encoding content-encoding: gzip cf-cache-status: HIT server: cloudflare cf-ray: 8817b3711e0d56c0-OSL X-Firefox-Spdy: h2

	landingpages.kaizengaming.com/betano-splash-screen-bz/GloberBold.otf	172.64.147.77	200 OK	138 kB
URL GET HTTP/2 landingpages.kaizengaming.com/betano-splash-screen-bz/GloberBold.otf IP 172.64.147.77:443 ASN #13335 CLOUDFLARENET Requested by https://landingpages.kaizengaming.com/betano-splash-screen-bz/index.html Certificate IssuerLet's Encrypt Subjectlandingpages.kaizengaming.com Fingerprint5E:93:EE:84:D7:36:0F:B8:51:7A:4F:F3:A2:3A:9B:1A:7D:D4:EF:E3 ValidityFri, 29 Mar 2024 22:47:57 GMT - Thu, 27 Jun 2024 22:47:56 GMT File type OpenType font data Size 138 kB (137660 bytes) Hash 121e82bcc734bcc455ba860242946217 b804918558e273e20debe981dfc23cc346c5f1be d8adb730e724ce1eaa70cb204a1c1019d9574ba094924632b2ce980ab8bda390 HTTP Headers GET /betano-splash-screen-bz/GloberBold.otf HTTP/1.1 Host: landingpages.kaizengaming.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://landingpages.kaizengaming.com/betano-splash-screen-bz/fonts.css Cookie: __cf_bm=f5dO_5U1tbTvq4Z_TfY3uXp_Az_Es5VMgY_oSxxK4CE-1715320742-1.0.1.1-zeXBE.1HqiKPt9U8kMAfmbBJzwFfGrbV24B9RI6KhNoIGDOEh_HQ8BBlNi2BzKLlOFlqf_R.O2Rsz0D2GHsvKQ; _cfuvid=qoSzOxRRwj2EQaeDAL300Wx324s9GUUfRRJnCYuNHic-1715320742406-0.0.1.1-604800000 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 10 May 2024 05:59:02 GMT content-type: font/otf cache-control: public, max-age=900, immutable content-md5: Eh6CvMc0vMRVuoYCQpRiFw== last-modified: Wed, 20 Mar 2024 14:20:56 GMT etag: W/"0x8DC48E8F50C93CC" x-ms-request-id: b59487b5-301e-0078-62d3-7ab1fa000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * age: 353 vary: Accept-Encoding content-encoding: gzip cf-cache-status: HIT server: cloudflare cf-ray: 8817b3723f1356c0-OSL X-Firefox-Spdy: h2

	landingpages.kaizengaming.com/betano-splash-screen-bz/index.html	172.64.147.77	200 OK	4.7 kB
URL GET HTTP/2 landingpages.kaizengaming.com/betano-splash-screen-bz/index.html IP 172.64.147.77:443 ASN #13335 CLOUDFLARENET Requested by https://ro.betano.com/deals/o-lume-plina-de-actiune?btag=a_45236b_2037c_wa4qu7gp632ucd613msaq15g[CustomMergeFields]&siteid=45236 Certificate IssuerLet's Encrypt Subjectlandingpages.kaizengaming.com Fingerprint5E:93:EE:84:D7:36:0F:B8:51:7A:4F:F3:A2:3A:9B:1A:7D:D4:EF:E3 ValidityFri, 29 Mar 2024 22:47:57 GMT - Thu, 27 Jun 2024 22:47:56 GMT File type HTML document, ASCII text, with very long lines (4870), with no line terminators Size 4.7 kB (4659 bytes) Hash d1944dd28f9d4f423f7490aa0acf739d 9fcc991ee9fc106b44988e2a30faa93b2b27a731 cc2a6bd833003e5983a6363f291cf208c322926b0845463b38e1de52a3af8c35 HTTP Headers GET /betano-splash-screen-bz/index.html HTTP/1.1 Host: landingpages.kaizengaming.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 10 May 2024 05:59:02 GMT content-type: text/html; charset=utf-8 cache-control: public, max-age=900, immutable content-md5: LWsiisTUl+WFpcbDygyulQ== last-modified: Wed, 20 Mar 2024 14:20:54 GMT x-ms-request-id: 69fb8ebb-b01e-0066-36d2-7a5d22000000 x-ms-version: 2014-02-14 x-ms-lease-status: unlocked x-ms-lease-state: available x-ms-blob-type: BlockBlob access-control-allow-origin: * cf-cache-status: DYNAMIC age: 216638 vary: Accept-Encoding set-cookie: __cf_bm=f5dO_5U1tbTvq4Z_TfY3uXp_Az_Es5VMgY_oSxxK4CE-1715320742-1.0.1.1-zeXBE.1HqiKPt9U8kMAfmbBJzwFfGrbV24B9RI6KhNoIGDOEh_HQ8BBlNi2BzKLlOFlqf_R.O2Rsz0D2GHsvKQ; path=/; expires=Fri, 10-May-24 06:29:02 GMT; domain=.kaizengaming.com; HttpOnly; Secure; SameSite=None _cfuvid=qoSzOxRRwj2EQaeDAL300Wx324s9GUUfRRJnCYuNHic-1715320742406-0.0.1.1-604800000; path=/; domain=.kaizengaming.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 8817b36fcd0d56c0-OSL content-encoding: gzip X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by