condles-temark.com/baaf6ccf-2616-429f-948a-3b8ed0de5f11
18.195.149.11302 Found 0 B URL User Request GET HTTP/2 condles-temark.com/baaf6ccf-2616-429f-948a-3b8ed0de5f11
IP 18.195.149.11:443
Certificate IssuerLet's Encrypt
Subjectcondles-temark.com
Fingerprint5F:6C:7A:65:4B:26:C4:28:CB:B2:B5:65:D6:31:2F:3B:D3:72:03:F0
ValidityTue, 23 May 2023 05:57:27 GMT - Mon, 21 Aug 2023 05:57:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /baaf6ccf-2616-429f-948a-3b8ed0de5f11 HTTP/1.1
Host: condles-temark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Sat, 03 Jun 2023 15:58:11 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://gml-grp.com/C.ashx?btag=a_11902b_2032c_&affid=3906&siteid=11902&adid=2032&c=wme8216jebphm76pi1ueqc2e
pragma: no-cache
set-cookie: baaf6ccf-2616-429f-948a-3b8ed0de5f11-v4=ISMAX9uyiwPVJbKk4cVtYA9fithZXUOTjWo2sT59F1Q; Max-Age=86400; Expires=Sun, 04-Jun-2023 15:58:11 GMT; Domain=condles-temark.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=7oXQP90W8DMkR%2BO1v9OQKPqQeIQ9wKCVJWRSqkeoXzq9D7pKzhsPg%2BN6dw60mmmG%2BzPuzrwJ9HIKPRwtrcxFJweQG9ultr29uVYjfHKXCnj5aL5fl9X%2F24c0LZ5FspOXOwYujqh7zFkk9jX2Oe0KqA%3D%3D; Max-Age=31536000; Expires=Sun, 02-Jun-2024 15:58:11 GMT; Domain=condles-temark.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
promos-br.betano.com/betano-br-bonus-ate-500/index.html?btag=a_11902b_2032c_wme8216jebphm76pi1ueqc2e[CustomMergeFields]&siteid=11902
104.17.84.89403 Forbidden 1.7 kB URL User Request GET HTTP/2 promos-br.betano.com/betano-br-bonus-ate-500/index.html?btag=a_11902b_2032c_wme8216jebphm76pi1ueqc2e[CustomMergeFields]&siteid=11902
IP 104.17.84.89:443
Certificate IssuerCloudflare, Inc.
Subjectpromos-br.betano.com
FingerprintED:E4:8D:91:1D:6C:63:BD:56:3E:34:14:A1:52:E3:1A:FB:55:F8:89
ValidityWed, 12 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (394)
Hash 5e4fd45abe29255ec8f201c166d2baca
08ca71896a396b964f364aafc5ca51587225975b
8bc89b1392fd1e0d549eac2b6960bd1f15d57c00668df12734cd365a99570b84
GET /betano-br-bonus-ate-500/index.html?btag=a_11902b_2032c_wme8216jebphm76pi1ueqc2e[CustomMergeFields]&siteid=11902 HTTP/1.1
Host: promos-br.betano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 03 Jun 2023 15:58:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=15
Expires: Sat, 03 Jun 2023 15:58:27 GMT
X-Frame-Options: SAMEORIGIN
Set-Cookie: __cf_bm=x8XlPtU6lCMiugUHkISyjAyGzOd56PGeGq15wJ8a2Gk-1685807892-0-AcW7EWyf/zKtxS3wzMzlIfwk+nMXryy4Me624U11thgyfpYIs+un+lBjAO7tkOUHumhYoUiL5Ww6L94oRdn6WMs=; path=/; expires=Sat, 03-Jun-23 16:28:12 GMT; domain=.betano.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1922ddbaa9b4f3-OSL
Content-Encoding: gzip
promos-br.betano.com/cdn-cgi/styles/cf.errors.css
104.17.84.89200 OK 4.5 kB URL GET HTTP/1.1 promos-br.betano.com/cdn-cgi/styles/cf.errors.css
IP 104.17.84.89:80
Requested by http://promos-br.betano.com/betano-br-bonus-ate-500/index.html?btag=a_11902b_2032c_wme8216jebphm76pi1ueqc2e[CustomMergeFields]&siteid=11902
File type ASCII text, with very long lines (24131)
Hash a1cedc21f16b5a97114857154fab35e9
95e9890a15a4f7f94f7f19d2c297e4b07503c526
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Analyzer Verdict Alert urlquery suspicious Suspicious - Sinkholed / Blocked
GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: promos-br.betano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://promos-br.betano.com/betano-br-bonus-ate-500/index.html?btag=a_11902b_2032c_wme8216jebphm76pi1ueqc2e[CustomMergeFields]&siteid=11902
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 15:58:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 15:20:42 GMT
ETag: W/"6476144a-5e44"
Server: cloudflare
CF-RAY: 7d1922de6bdbb4f3-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sat, 03 Jun 2023 17:58:12 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
gml-grp.com/C.ashx?btag=a_11902b_2032c_&affid=3906&siteid=11902&adid=2032&c=wme8216jebphm76pi1ueqc2e
188.114.97.1302 Found 2.0 kB URL User Request GET HTTP/2 gml-grp.com/C.ashx?btag=a_11902b_2032c_&affid=3906&siteid=11902&adid=2032&c=wme8216jebphm76pi1ueqc2e
IP 188.114.97.1:443
Certificate IssuerLet's Encrypt
Subjectgml-grp.com
Fingerprint84:1B:06:D3:2C:44:FB:D0:DF:92:E4:42:EE:D8:A0:DE:85:6A:68:7C
ValiditySun, 30 Apr 2023 01:39:20 GMT - Sat, 29 Jul 2023 01:39:19 GMT
Hash d7edbbf37b6dcd2d487ff10db6a153f1
a03d7240626efa3f56c41311552c445ba0f0b48e
086f2b619852ad0c456753dee85c714b3a366cbe8beb7623d9b2363fc67648e4
GET /C.ashx?btag=a_11902b_2032c_&affid=3906&siteid=11902&adid=2032&c=wme8216jebphm76pi1ueqc2e HTTP/1.1
Host: gml-grp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 03 Jun 2023 15:58:11 GMT
content-type: text/html; charset=utf-8
cache-control: private
location: //gml-grp.com/C.ashx?btag=a_11902b_2032c_&affid=3906&siteid=11902&adid=2032&c=wme8216jebphm76pi1ueqc2e&AutoR=1
x-aspnet-version: 4.0.30319
set-cookie: CEK=a; expires=Fri, 01-Sep-2023 15:58:11 GMT; path=/
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjFz1aW%2Bc4LrGWNWn24Qzrh3Bbfx3Q%2FFUfIzKzMoS%2F7GCV7wnbFT%2FUsQCv3CR1OFBS9ubwHw0jJydXk2ccygMboJdstwr0ipHbUiZlmda5TJA2%2BbPYjuC09BOrrArw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1922db2cd6b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
promos-br.betano.com/cdn-cgi/images/cf-no-screenshot-error.png
104.17.85.89200 OK 3.2 kB URL GET HTTP/1.1 promos-br.betano.com/cdn-cgi/images/cf-no-screenshot-error.png
IP 104.17.85.89:80
Requested by http://promos-br.betano.com/betano-br-bonus-ate-500/index.html?btag=a_11902b_2032c_wme8216jebphm76pi1ueqc2e[CustomMergeFields]&siteid=11902
File type PNG image data, 178 x 175, 8-bit colormap, non-interlaced\012- data
Hash 0d768cbc261841d3affc933b9ac3130e
aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
Analyzer Verdict Alert urlquery suspicious Suspicious - Sinkholed / Blocked
GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1
Host: promos-br.betano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://promos-br.betano.com/cdn-cgi/styles/cf.errors.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 15:58:12 GMT
Content-Type: image/png
Content-Length: 3213
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 15:20:42 GMT
ETag: "6476144a-c8d"
Server: cloudflare
CF-RAY: 7d1922deaa790b51-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sat, 03 Jun 2023 17:58:12 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
promos-br.betano.com/cdn-cgi/images/browser-bar.png?1376755637
104.17.85.89200 OK 715 B URL GET HTTP/1.1 promos-br.betano.com/cdn-cgi/images/browser-bar.png?1376755637
IP 104.17.85.89:80
Requested by http://promos-br.betano.com/betano-br-bonus-ate-500/index.html?btag=a_11902b_2032c_wme8216jebphm76pi1ueqc2e[CustomMergeFields]&siteid=11902
File type PNG image data, 960 x 53, 8-bit colormap, non-interlaced\012- data
Hash 226dcb8f6144bdaafdfbd8f2f354be64
3785cc5b3bf52f8e398177b0ff1020b24aa86b8c
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Analyzer Verdict Alert urlquery suspicious Suspicious - Sinkholed / Blocked
GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1
Host: promos-br.betano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://promos-br.betano.com/cdn-cgi/styles/cf.errors.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 15:58:12 GMT
Content-Type: image/png
Content-Length: 715
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 15:20:42 GMT
ETag: "6476144a-2cb"
Server: cloudflare
CF-RAY: 7d1922deaeceb4ff-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sat, 03 Jun 2023 17:58:12 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
gml-grp.com/C.ashx?btag=a_11902b_2032c_&affid=3906&siteid=11902&adid=2032&c=wme8216jebphm76pi1ueqc2e&AutoR=1
188.114.97.1302 Found 4.5 kB URL User Request GET HTTP/2 gml-grp.com/C.ashx?btag=a_11902b_2032c_&affid=3906&siteid=11902&adid=2032&c=wme8216jebphm76pi1ueqc2e&AutoR=1
IP 188.114.97.1:443
Certificate IssuerLet's Encrypt
Subjectgml-grp.com
Fingerprint84:1B:06:D3:2C:44:FB:D0:DF:92:E4:42:EE:D8:A0:DE:85:6A:68:7C
ValiditySun, 30 Apr 2023 01:39:20 GMT - Sat, 29 Jul 2023 01:39:19 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /C.ashx?btag=a_11902b_2032c_&affid=3906&siteid=11902&adid=2032&c=wme8216jebphm76pi1ueqc2e&AutoR=1 HTTP/1.1
Host: gml-grp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CEK=a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 03 Jun 2023 15:58:11 GMT
content-type: text/html; charset=utf-8
location: https://promos-br.betano.com/betano-br-bonus-ate-500/index.html?btag=a_11902b_2032c_wme8216jebphm76pi1ueqc2e[CustomMergeFields]&siteid=11902
cache-control: private
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
set-cookie: XYZ=3&1&19&&&&0&1&&21885b29-113d-4914-8a6f-7962f2d5d37b&&a_11902b_2032&; expires=Fri, 01-Sep-2023 15:58:11 GMT; path=/
A_2032=a=2032&r=0&fv=0&lv=0&vc=0&fc=20230603&lc=20230603035811&cc=1; expires=Fri, 01-Sep-2023 15:58:11 GMT; path=/
PM_20=c=wme8216jebphm76pi1ueqc2e&s=11902&ad=2032&md=0&pm=20&d=20230603155811&ip=1532635802&r=0&ref=&RedirectParams=btag%3da_11902b_2032c_wme8216jebphm76pi1ueqc2e%5bCustomMergeFields%5d%26siteid%3d11902; expires=Fri, 01-Sep-2023 15:58:11 GMT; path=/
CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ruyu6%2FyeYxMhe7RSiEEbiyTomrcJsUu75y9kbjG%2BvMZtRbfJSA%2FBmR%2F4sqZe3tpV7B34TFU7J%2FPmXt%2F2sDQJ1dqHvzd5HcZ8zujG2qw7BavgHV2pdt7R1tLf106PkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d1922dbbd86b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
promos-br.betano.com/favicon.ico
104.17.84.89403 Forbidden 4.5 kB URL GET HTTP/1.1 promos-br.betano.com/favicon.ico
IP 104.17.84.89:80
Requested by http://promos-br.betano.com/betano-br-bonus-ate-500/index.html?btag=a_11902b_2032c_wme8216jebphm76pi1ueqc2e[CustomMergeFields]&siteid=11902
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4747), with no line terminators
Hash aa31b43e35ca1210499b8f9f1e2c61bb
4f59aefb10f8d5e9b3edca25366c575f7bf7b681
1ddf8112a8a75395ea88e15dbe82cc3086567fa372aeffecba3c57e70e7fb671
GET /favicon.ico HTTP/1.1
Host: promos-br.betano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://promos-br.betano.com/betano-br-bonus-ate-500/index.html?btag=a_11902b_2032c_wme8216jebphm76pi1ueqc2e[CustomMergeFields]&siteid=11902
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sat, 03 Jun 2023 15:58:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=15
Expires: Sat, 03 Jun 2023 15:58:27 GMT
X-Frame-Options: SAMEORIGIN
Set-Cookie: __cf_bm=6liuD2qZWrAjVIYXe3JAsFJiZKcyYJGkR_kVoUznhUI-1685807892-0-AWrq7lfVVuyuCFWUie3OEgxTJWRSaqwwiCftQW9ClUM9EVjw1LHxLVe8H0DYIcRevgZzbRKW6YAqvNtglfwOyfs=; path=/; expires=Sat, 03-Jun-23 16:28:12 GMT; domain=.betano.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d1922de9c1bb4f3-OSL
Content-Encoding: gzip