Report - promos.betano.pe/recompensas-f2p/index.html?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345

Report Overview

Visited public
2024-07-07 12:15:07
Tags
sinkhole suspicious cloudflare
URL
promos.betano.pe/recompensas-f2p/index.html?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
Finishing URL
www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
IP / ASN
104.18.43.104
#13335 CLOUDFLARENET
Title
Attention Required! | Cloudflare
Suspicious - Sinkholed / Blocked

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-06 18:12:32	1.6 kB	4.4 kB	23.36.76.226
www.betano.pe	unknown	unknown	2023-12-05 09:59:11	2024-04-29 12:18:24	9.2 kB	60 kB	104.18.1.104
pe.betano.com	unknown	2013-06-10	2022-06-03 10:55:34	2024-04-15 15:17:10	805 B	7.0 kB	104.18.6.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	236 B	2024-08-19	2024-08-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:43 Last Seen2024-08-19 17:43 Times Seen1 Hash 6d1fea536cd5d64f25717695e80065e8 8bc4dcae0ba06f2daa74e216a3ba6f09177150ea 5536f5a3f78069eaf31dfffe6eb265cedfc6b261e2ffd5d3d518fa63c9975ce1 Loading...

	www.betano.pe/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.9 kB	2024-08-19	2024-08-19
Pretty URL www.betano.pe/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.18.1.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 17:43 Last Seen2024-08-19 17:43 Times Seen1 Hash 726bcb853de4b642fa8e846cc2386812 bdb8c3748d58701c29fdadce6ae5ed1bf1862089 a544b00ff2bc1541fb3a0737ba372cbb45221d519fd9e4ac9afa300df6c55776 Loading...

	www.betano.pe/cdn-cgi/apps/head/tFsWcehe0yEIw91SJEpn8ShYYS4.js	ScriptElement	4.2 kB	2023-12-28	2024-09-20
Pretty URL www.betano.pe/cdn-cgi/apps/head/tFsWcehe0yEIw91SJEpn8ShYYS4.js IP 104.18.1.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-28 16:59 Last Seen2024-09-20 20:13 Times Seen752 Hash 1c3efdc35985d104cbb499a3cadfa311 8cb286316390f246832eea3224df648b30f4214a c8aa8c7aadab6bd85d0eae1183280209722d86b754866c1bb861cbafcedeb14a Loading...

	www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345	ScriptElement	0 B	0001-01-01	2025-06-12
Pretty URL www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345 IP 104.18.1.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-12 10:31 Times Seen4928285 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345	ScriptElement	393 B	2023-04-05	2025-03-02
Pretty URL www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345 IP 104.18.1.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 04:39 Last Seen2025-03-02 06:13 Times Seen143291 Hash 34ad0a116707d3b794129a6720af92d7 424de9dbb8bc774e2a2d4ade100d90f5ac0ecbf4 d011a9449a990f2086894be870adc6fbb53595dc593b410a83e45e40bfbc7262 Loading...

	www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345	ScriptElement	0 B	0001-01-01	2025-06-12
Pretty URL www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345 IP 104.18.1.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-12 10:31 Times Seen4928285 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345	ScriptElement	923 B	2024-08-19	2024-08-19
Pretty URL www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345 IP 104.18.1.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 17:43 Last Seen2024-08-19 17:43 Times Seen1 Hash d01cbec8f3982277e2a50738f29103e7 676c979020ae6edc21015297f58ba9fe7a264d5c e7f678e342fc67ea5bf481004d2aa8689c97c1271e9907293bdace05fa56ae47 Loading...

HTTP Transactions (16)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f63e8d9e64abf0e5b2784ca051160e84
d15d17504ed5c584ba42145060cf745fdb41c1d0
652ee033c72bc8eadcf29c25a5387bc303bf86e6c57f262c576117f659f15eab

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "652EE033C72BC8EADCF29C25A5387BC303BF86E6C57F262C576117F659F15EAB"
Last-Modified: Fri, 05 Jul 2024 13:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7375
Expires: Sun, 07 Jul 2024 14:17:36 GMT
Date: Sun, 07 Jul 2024 12:14:41 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
abec3934929082bd707108b7042796da
4f200b04ad1c6fcac9833107c492a59ebf36dc6e
8e27309b919c0dcb3b0736dd99dad8c7d3bc16b4816dd982e6af6b79d7ead9ed

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8E27309B919C0DCB3B0736DD99DAD8C7D3BC16B4816DD982E6AF6B79D7EAD9ED"
Last-Modified: Sun, 07 Jul 2024 03:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7257
Expires: Sun, 07 Jul 2024 14:15:38 GMT
Date: Sun, 07 Jul 2024 12:14:41 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
508d0867e7982df7cfa6ad58e05ce470
6f4e15b94e527d02e8dd38f8b69b493cfae84c56
376a5286b71a4a7e90b3eece9b39480f50435d5ef3c7793828481f590d04bc77

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "376A5286B71A4A7E90B3EECE9B39480F50435D5EF3C7793828481F590D04BC77"
Last-Modified: Thu, 04 Jul 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2813
Expires: Sun, 07 Jul 2024 13:01:34 GMT
Date: Sun, 07 Jul 2024 12:14:41 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e430ff7defba95ef2e40c2a2623032a3
4df33994f03cf02626fdfe9c6a51a71f5fea6058
ea2bc04f18953a2d203b059f541bf8bfcd32c63d67b8e1113d927453d8cc9a58

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EA2BC04F18953A2D203B059F541BF8BFCD32C63D67B8E1113D927453D8CC9A58"
Last-Modified: Sun, 07 Jul 2024 04:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3120
Expires: Sun, 07 Jul 2024 13:06:42 GMT
Date: Sun, 07 Jul 2024 12:14:42 GMT
Connection: keep-alive

www.betano.pe/cdn-cgi/apps/head/tFsWcehe0yEIw91SJEpn8ShYYS4.js

104.18.1.104

200 OK

1.3 kB

URL GET HTTP/2
www.betano.pe/cdn-cgi/apps/head/tFsWcehe0yEIw91SJEpn8ShYYS4.js
IP
104.18.1.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
Certificate
IssuerGoogle Trust Services LLC
Subjectbetano.pe
Fingerprint12:52:37:3B:54:36:5F:8A:B9:4B:77:5F:36:4B:C4:65:B1:AD:DC:7A
ValidityMon, 27 May 2024 18:14:15 GMT - Sun, 25 Aug 2024 18:14:14 GMT

File type
JavaScript source, ASCII text
Size
1.3 kB (1342 bytes)
Hash
1c3efdc35985d104cbb499a3cadfa311
8cb286316390f246832eea3224df648b30f4214a
c8aa8c7aadab6bd85d0eae1183280209722d86b754866c1bb861cbafcedeb14a

HTTP Headers

GET /cdn-cgi/apps/head/tFsWcehe0yEIw91SJEpn8ShYYS4.js HTTP/1.1
Host: www.betano.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
DNT: 1
Connection: keep-alive
Cookie: btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]; __cf_bm=XTQaXBoj0pXBPsD.gVAq1m3R3RH4U1Tbt4BFv2IaAyo-1720354482-1.0.1.1-Fvf.lcHmZazdXApax3ntzpokfq0AVY_aHJ8dak0vZ9NLDEJzWnvs0hyLamnBkrCx_kPSkE1cLHP6Eo6dLgWh3w
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 07 Jul 2024 12:14:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 1342
x-amz-id-2: xl0adAz9VBANnTFSQ2XOUMEx307Kka/RovWlQmUJT+mxh5qZpa7vfe0zFiRCTZJV+CP79DG7Qeo=
x-amz-request-id: 4QBPPFERF8Q47JDR
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Tue, 16 Apr 2024 08:52:49 GMT
x-amz-version-id: Y0TDjq_1S6Q8.O9_sxxpYqfLBq5rxrPn
etag: "f93aeb89d438b08159b7a386e7182aed"
cf-cache-status: HIT
age: 404
expires: Mon, 07 Jul 2025 12:14:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzrgpYt8NdmopKw1VUYE9%2BS%2BxoO9Yg%2FB536h3cq9rb8Xv9JexeQR04ysfbvLZORQxPS3exCBzs8QqMV6GsVncRWRU0EV6fyqfd2oCOD72JVD31542yeTwOnoee48S9g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
set-cookie: _cfuvid=RHtuWJNBf2YnZL9Fbj3ASL8hAj_wzf6tvcpf7aVjRHs-1720354482701-0.0.1.1-604800000; path=/; domain=.betano.pe; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 89f7c17cb8fcb51d-OSL
X-Firefox-Spdy: h2

www.betano.pe/cdn-cgi/images/browser-bar.png?1376755637

104.18.1.104

200 OK

715 B

URL GET HTTP/2
www.betano.pe/cdn-cgi/images/browser-bar.png?1376755637
IP
104.18.1.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
Certificate
IssuerGoogle Trust Services LLC
Subjectbetano.pe
Fingerprint12:52:37:3B:54:36:5F:8A:B9:4B:77:5F:36:4B:C4:65:B1:AD:DC:7A
ValidityMon, 27 May 2024 18:14:15 GMT - Sun, 25 Aug 2024 18:14:14 GMT

File type
PNG image data, 960 x 53, 8-bit colormap, non-interlaced
Size
715 B (715 bytes)
Hash
226dcb8f6144bdaafdfbd8f2f354be64
3785cc5b3bf52f8e398177b0ff1020b24aa86b8c
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Sinkholed / Blocked

HTTP Headers

GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1
Host: www.betano.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.betano.pe/cdn-cgi/styles/cf.errors.css
Cookie: btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]; __cf_bm=XTQaXBoj0pXBPsD.gVAq1m3R3RH4U1Tbt4BFv2IaAyo-1720354482-1.0.1.1-Fvf.lcHmZazdXApax3ntzpokfq0AVY_aHJ8dak0vZ9NLDEJzWnvs0hyLamnBkrCx_kPSkE1cLHP6Eo6dLgWh3w; _cfuvid=RHtuWJNBf2YnZL9Fbj3ASL8hAj_wzf6tvcpf7aVjRHs-1720354482701-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 07 Jul 2024 12:14:42 GMT
content-type: image/png
content-length: 715
last-modified: Thu, 04 Jul 2024 09:57:21 GMT
etag: "66867201-2cb"
server: cloudflare
cf-ray: 89f7c17d197fb51d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sun, 07 Jul 2024 14:14:42 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2

www.betano.pe/cdn-cgi/images/cf-no-screenshot-error.png

104.18.1.104

200 OK

3.2 kB

URL GET HTTP/2
www.betano.pe/cdn-cgi/images/cf-no-screenshot-error.png
IP
104.18.1.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
Certificate
IssuerGoogle Trust Services LLC
Subjectbetano.pe
Fingerprint12:52:37:3B:54:36:5F:8A:B9:4B:77:5F:36:4B:C4:65:B1:AD:DC:7A
ValidityMon, 27 May 2024 18:14:15 GMT - Sun, 25 Aug 2024 18:14:14 GMT

File type
PNG image data, 178 x 175, 8-bit colormap, non-interlaced
Size
3.2 kB (3213 bytes)
Hash
0d768cbc261841d3affc933b9ac3130e
aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Sinkholed / Blocked

HTTP Headers

GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1
Host: www.betano.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.betano.pe/cdn-cgi/styles/cf.errors.css
Cookie: btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]; __cf_bm=XTQaXBoj0pXBPsD.gVAq1m3R3RH4U1Tbt4BFv2IaAyo-1720354482-1.0.1.1-Fvf.lcHmZazdXApax3ntzpokfq0AVY_aHJ8dak0vZ9NLDEJzWnvs0hyLamnBkrCx_kPSkE1cLHP6Eo6dLgWh3w; _cfuvid=RHtuWJNBf2YnZL9Fbj3ASL8hAj_wzf6tvcpf7aVjRHs-1720354482701-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 07 Jul 2024 12:14:42 GMT
content-type: image/png
content-length: 3213
last-modified: Thu, 04 Jul 2024 09:57:21 GMT
etag: "66867201-c8d"
server: cloudflare
cf-ray: 89f7c17d1980b51d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sun, 07 Jul 2024 14:14:42 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2

www.betano.pe/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.18.1.104

302 Found

0 B

URL GET HTTP/2
www.betano.pe/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.18.1.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
Certificate
IssuerGoogle Trust Services LLC
Subjectbetano.pe
Fingerprint12:52:37:3B:54:36:5F:8A:B9:4B:77:5F:36:4B:C4:65:B1:AD:DC:7A
ValidityMon, 27 May 2024 18:14:15 GMT - Sun, 25 Aug 2024 18:14:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: www.betano.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]; __cf_bm=XTQaXBoj0pXBPsD.gVAq1m3R3RH4U1Tbt4BFv2IaAyo-1720354482-1.0.1.1-Fvf.lcHmZazdXApax3ntzpokfq0AVY_aHJ8dak0vZ9NLDEJzWnvs0hyLamnBkrCx_kPSkE1cLHP6Eo6dLgWh3w; _cfuvid=RHtuWJNBf2YnZL9Fbj3ASL8hAj_wzf6tvcpf7aVjRHs-1720354482701-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Sun, 07 Jul 2024 12:14:42 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?
cache-control: max-age: 300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2F8YiIXTtRQOmMrECYvBrKmb9Ez1Lwf0oWaqHHr7e7UKKnjeVZWndRQyB91mgW%2FS201%2BDuJoCi7Tm%2FDF0t0GFpnDQK4D9rPEjzca6eerbyJW41pzCUVWMB64ZRsgMFI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 89f7c17d49cdb51d-OSL
X-Firefox-Spdy: h2

www.betano.pe/favicon.ico

104.18.1.104

301 Moved Permanently

0 B

URL GET HTTP/2
www.betano.pe/favicon.ico
IP
104.18.1.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
Certificate
IssuerGoogle Trust Services LLC
Subjectbetano.pe
Fingerprint12:52:37:3B:54:36:5F:8A:B9:4B:77:5F:36:4B:C4:65:B1:AD:DC:7A
ValidityMon, 27 May 2024 18:14:15 GMT - Sun, 25 Aug 2024 18:14:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.betano.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
DNT: 1
Connection: keep-alive
Cookie: btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]; __cf_bm=XTQaXBoj0pXBPsD.gVAq1m3R3RH4U1Tbt4BFv2IaAyo-1720354482-1.0.1.1-Fvf.lcHmZazdXApax3ntzpokfq0AVY_aHJ8dak0vZ9NLDEJzWnvs0hyLamnBkrCx_kPSkE1cLHP6Eo6dLgWh3w; _cfuvid=RHtuWJNBf2YnZL9Fbj3ASL8hAj_wzf6tvcpf7aVjRHs-1720354482701-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Sun, 07 Jul 2024 12:14:42 GMT
content-length: 0
location: /favicon.ico/
cf-ray: 89f7c17d49c4b51d-OSL
cf-cache-status: HIT
age: 404
cache-control: public, max-age=1800
expires: Sun, 07 Jul 2024 12:44:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-cacheable-status: 301
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2F12PoneYGD%2BiTMfx0AeaYgSohMapyagZNl3BLInhL7%2FLLR10BXbvnpVZZOgO5ok0ziB%2FCosoMvM0i6Za1y1pjovr3NN2GoWodivr0Ccb4xmCf%2FAr559h%2B%2FosddpiTY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

www.betano.pe/cdn-cgi/challenge-platform/h/g/jsd/r/89f7c17bcf28b51d

104.18.1.104

200 OK

0 B

URL POST HTTP/2
www.betano.pe/cdn-cgi/challenge-platform/h/g/jsd/r/89f7c17bcf28b51d
IP
104.18.1.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
Certificate
IssuerGoogle Trust Services LLC
Subjectbetano.pe
Fingerprint12:52:37:3B:54:36:5F:8A:B9:4B:77:5F:36:4B:C4:65:B1:AD:DC:7A
ValidityMon, 27 May 2024 18:14:15 GMT - Sun, 25 Aug 2024 18:14:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/89f7c17bcf28b51d HTTP/1.1
Host: www.betano.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12513
Origin: https://www.betano.pe
DNT: 1
Connection: keep-alive
Referer: https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
Cookie: btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]; __cf_bm=XTQaXBoj0pXBPsD.gVAq1m3R3RH4U1Tbt4BFv2IaAyo-1720354482-1.0.1.1-Fvf.lcHmZazdXApax3ntzpokfq0AVY_aHJ8dak0vZ9NLDEJzWnvs0hyLamnBkrCx_kPSkE1cLHP6Eo6dLgWh3w; _cfuvid=RHtuWJNBf2YnZL9Fbj3ASL8hAj_wzf6tvcpf7aVjRHs-1720354482701-0.0.1.1-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 07 Jul 2024 12:14:42 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.betano.pe; HttpOnly; Secure; SameSite=None
cf_clearance=ov_O3vNAQ3YXYDyBpdKJjXEKhmZ5UtWrQ_WU3ivgup4-1720354482-1.0.1.1-ytnJ42gv.ENnCCaLGV7tPjx6OXMDSRv4KhamV2kcDhi_X3NOVvLd6Su0fdkh02beSRZY4KbyeilLog1X2PAH7g; Path=/; Expires=Mon, 07-Jul-25 12:14:42 GMT; Domain=.betano.pe; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7rH1q7r9J0yySAdwcxsJBw5%2F%2BmKTBcSUHTOxBfAUu8nj605JBTUkByMqBPuEC2i32Y8iymUm09wfocyUPzVZzYromnTHE0T3Bre8STEGseQcR7uYsAblPKd8ZxbVL8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 89f7c17e8b74b51d-OSL
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
861cce1bf441610f1dfbb14264d55122
1596b2c44fcdb5f7a49c73da766e4ab48b6bd064
f67d59f3fddbcaf61f9f1aa87eca02a320f59402bb412687a4db4d8aa81867d2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F67D59F3FDDBCAF61F9F1AA87ECA02A320F59402BB412687A4DB4D8AA81867D2"
Last-Modified: Fri, 05 Jul 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13752
Expires: Sun, 07 Jul 2024 16:03:56 GMT
Date: Sun, 07 Jul 2024 12:14:44 GMT
Connection: keep-alive

www.betano.pe/favicon.ico/

104.18.1.104

403 Forbidden

9.3 kB

URL GET HTTP/2
www.betano.pe/favicon.ico/
IP
104.18.1.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
Certificate
IssuerGoogle Trust Services LLC
Subjectbetano.pe
Fingerprint12:52:37:3B:54:36:5F:8A:B9:4B:77:5F:36:4B:C4:65:B1:AD:DC:7A
ValidityMon, 27 May 2024 18:14:15 GMT - Sun, 25 Aug 2024 18:14:14 GMT

File type
gzip compressed data, from Unix
Size
9.3 kB (9258 bytes)
Hash
1d529381e0eed59f1e089708a5edf3be
9df3ad80f6683b8f51267cad5805cd5f42c4511c
5a42facd9bc0495a578494a17c54202e64f1bcc25c95438f76b8c73a1291daa3

HTTP Headers

GET /favicon.ico/ HTTP/1.1
Host: www.betano.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
DNT: 1
Connection: keep-alive
Cookie: btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]; __cf_bm=XTQaXBoj0pXBPsD.gVAq1m3R3RH4U1Tbt4BFv2IaAyo-1720354482-1.0.1.1-Fvf.lcHmZazdXApax3ntzpokfq0AVY_aHJ8dak0vZ9NLDEJzWnvs0hyLamnBkrCx_kPSkE1cLHP6Eo6dLgWh3w; _cfuvid=RHtuWJNBf2YnZL9Fbj3ASL8hAj_wzf6tvcpf7aVjRHs-1720354482701-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
date: Sun, 07 Jul 2024 12:14:43 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Sun, 07 Jul 2024 12:14:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSvW%2BWbfqRa2%2BsfE%2Bulb7I16Et7EWUPu%2FmVLzH3vybjLSrBVrwJa12p5hqiO%2FBC7fR5TwqKX%2FJSFXdB9grfCzuQr8eOiivfYwqdAAi9yhIQJUFHeH8%2FiYgSp17bwQ4Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 89f7c17e9b8cb51d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.betano.pe/cdn-cgi/styles/cf.errors.css

104.18.1.104

200 OK

24 kB

URL GET HTTP/2
www.betano.pe/cdn-cgi/styles/cf.errors.css
IP
104.18.1.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
Certificate
IssuerGoogle Trust Services LLC
Subjectbetano.pe
Fingerprint12:52:37:3B:54:36:5F:8A:B9:4B:77:5F:36:4B:C4:65:B1:AD:DC:7A
ValidityMon, 27 May 2024 18:14:15 GMT - Sun, 25 Aug 2024 18:14:14 GMT

File type
ASCII text, with very long lines (24050)
Size
24 kB (24051 bytes)
Hash
5e8c69a459a691b5d1b9be442332c87d
f24dd1ad7c9080575d92a9a9a2c42620725ef836
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

HTTP Headers

GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: www.betano.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
DNT: 1
Connection: keep-alive
Cookie: btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]; __cf_bm=XTQaXBoj0pXBPsD.gVAq1m3R3RH4U1Tbt4BFv2IaAyo-1720354482-1.0.1.1-Fvf.lcHmZazdXApax3ntzpokfq0AVY_aHJ8dak0vZ9NLDEJzWnvs0hyLamnBkrCx_kPSkE1cLHP6Eo6dLgWh3w
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 07 Jul 2024 12:14:42 GMT
content-type: text/css
last-modified: Thu, 04 Jul 2024 09:57:21 GMT
etag: W/"66867201-5df3"
server: cloudflare
cf-ray: 89f7c17cb8feb51d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sun, 07 Jul 2024 14:14:42 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2

www.betano.pe/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?

104.18.1.104

200 OK

7.9 kB

URL GET HTTP/2
www.betano.pe/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js?
IP
104.18.1.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
Certificate
IssuerGoogle Trust Services LLC
Subjectbetano.pe
Fingerprint12:52:37:3B:54:36:5F:8A:B9:4B:77:5F:36:4B:C4:65:B1:AD:DC:7A
ValidityMon, 27 May 2024 18:14:15 GMT - Sun, 25 Aug 2024 18:14:14 GMT

File type
JavaScript source, ASCII text, with very long lines (7861), with no line terminators
Size
7.9 kB (7861 bytes)
Hash
726bcb853de4b642fa8e846cc2386812
bdb8c3748d58701c29fdadce6ae5ed1bf1862089
a544b00ff2bc1541fb3a0737ba372cbb45221d519fd9e4ac9afa300df6c55776

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js? HTTP/1.1
Host: www.betano.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]; __cf_bm=XTQaXBoj0pXBPsD.gVAq1m3R3RH4U1Tbt4BFv2IaAyo-1720354482-1.0.1.1-Fvf.lcHmZazdXApax3ntzpokfq0AVY_aHJ8dak0vZ9NLDEJzWnvs0hyLamnBkrCx_kPSkE1cLHP6Eo6dLgWh3w; _cfuvid=RHtuWJNBf2YnZL9Fbj3ASL8hAj_wzf6tvcpf7aVjRHs-1720354482701-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 07 Jul 2024 12:14:42 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XH64VlCGk1DTFMfHaroY26SRq%2BP%2FZ%2B0MD2b8JO%2F03lUP3qZ12BIdtBKp7GBLG9lNDOWxL2wW2gNOgbheI1GRa4qv2Z5oLwH8Vw%2BIEp0NFVce70%2Bchup1ut3QtHktn1o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 89f7c17d79fcb51d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345

104.18.1.104

403 Forbidden

5.5 kB

URL User Request GET HTTP/2
www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
IP
104.18.1.104:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectbetano.pe
Fingerprint12:52:37:3B:54:36:5F:8A:B9:4B:77:5F:36:4B:C4:65:B1:AD:DC:7A
ValidityMon, 27 May 2024 18:14:15 GMT - Sun, 25 Aug 2024 18:14:14 GMT

File type
HTML document, ASCII text, with very long lines (5761), with no line terminators
Size
5.5 kB (5522 bytes)
Hash
17f10d7fcecd8e666924ddacb0618daf
be37ede657f31a35784e8e835fe59d5f6d050aa4
caab82acbe6b3a83ef419dee5634945715e2088a97227e18e5918129c15620b9

HTTP Headers

GET /?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345 HTTP/1.1
Host: www.betano.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promos.betano.pe/
DNT: 1
Connection: keep-alive
Cookie: btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Sun, 07 Jul 2024 12:14:42 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Sun, 07 Jul 2024 12:14:57 GMT
set-cookie: __cf_bm=XTQaXBoj0pXBPsD.gVAq1m3R3RH4U1Tbt4BFv2IaAyo-1720354482-1.0.1.1-Fvf.lcHmZazdXApax3ntzpokfq0AVY_aHJ8dak0vZ9NLDEJzWnvs0hyLamnBkrCx_kPSkE1cLHP6Eo6dLgWh3w; path=/; expires=Sun, 07-Jul-24 12:44:42 GMT; domain=.betano.pe; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwPvUzEMQw7CWu5r%2Br2hL7CM5QemJdQaf5vtU6K7OzNJ2yTlAyvMaEyYO0%2BmSxeOqcEl4CVGqNs2MhgEcy%2F8m4qwhQpt4%2FwMtBzJHyhDryHWuatM8IhpSCihCD4FJ7Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 89f7c17bcf28b51d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

pe.betano.com/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345

104.18.6.133

301 Moved Permanently

5.5 kB

URL User Request GET HTTP/2
pe.betano.com/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
IP
104.18.6.133:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectbetano.com
FingerprintD0:1E:FE:D2:D8:14:BE:3C:B6:EA:87:2D:79:DA:D7:0D:9A:D3:B3:BB
ValiditySun, 31 Dec 2023 00:00:00 GMT - Mon, 30 Dec 2024 23:59:59 GMT

File type

Size
5.5 kB (5522 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345 HTTP/1.1
Host: pe.betano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promos.betano.pe/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sun, 07 Jul 2024 12:14:42 GMT
content-type: text/html
location: https://www.betano.pe/?pid=incomeaccess_int&af_sub1=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60&af_ad_id=12198&btag=a_45345b_2889c_wj6kpvqb9uu4e4i23rgs9a60//gml-grp.com/C.ashx?btag=a_45345b_2889c_,wj6kpvqb9uu4e4i23rgs9a60[CustomMergeFields]&siteid=45345,45345
cf-ray: 89f7c17b08910b45-OSL
cache-control: max-age=3600
expires: Sun, 07 Jul 2024 13:14:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPKMvbctqwMoPnJyuxYwliMUgkLCjL2xWHK%2B5uCL3pviCBH2wbpF7bkFd526UHaoSVBtaj8KixNv6I18pYZhgwTTD38cPhgHEb1JsBPbpG80FH8YF6T5JWyPQduSeK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=pMza3bb.LT.mFE4OFKdO8WosdqfzLfSn1p_aMdT7aQE-1720354482-1.0.1.1-faOggtZaxZyb9isY5eND8hIVuI1srTyJNAmQjK7d6TrKLIANdWOL8FIyz6s43.D203W6_7nc_Uo9CSvtPy7Qlg; path=/; expires=Sun, 07-Jul-24 12:44:42 GMT; domain=.betano.com; HttpOnly; Secure; SameSite=None
_cfuvid=w9iCVzwPZbvTDZKdyJoR8t9P0Jt2wiF2aHjFWFV82i0-1720354482496-0.0.1.1-604800000; path=/; domain=.betano.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash