promos.betano.bg - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 2606:4700::6812:1d3d, located in United States and belongs to CLOUDFLARENET, US. The main domain is promos.betano.bg.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 12th 2022. Valid for: a year.

This is the only time promos.betano.bg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::ac43:bee4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:303... 2606:4700:3030::6815:55a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:1d3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2

1 2606:4700:3031::ac43:bee4 (United States)

ASN13335 (CLOUDFLARENET, US)

adstracked.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:55a9 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

gml-grp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:1d3d (United States)

ASN13335 (CLOUDFLARENET, US)

promos.betano.bg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	betano.bg promos.betano.bg	11 KB
2	gml-grp.com 2 redirects gml-grp.com — Cisco Umbrella Rank: 61982	3 KB
1	adstracked.xyz adstracked.xyz	679 B
5	3

	Domain	Requested by
4	promos.betano.bg	promos.betano.bg
2	gml-grp.com	2 redirects
1	adstracked.xyz
5	3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
adstracked.xyz GTS CA 1P5	`2023-08-08` - `2023-11-06`	3 months	crt.sh
promos.betano.bg Cloudflare Inc ECC CA-3	`2022-10-12` - `2023-10-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://promos.betano.bg/bonus-pitch-sb/index.html?btag=a_12536b_1695c_5b80dc233930805f9b1b2985cd47f8005fe735442df4b&utm_medium=3957&utm_source=1&siteid=12536
Frame ID: CC0303F9C79618F829EB9EB1973F79D8
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Attention Required! | Cloudflare

Page URL History Show full URLs

https://adstracked.xyz/web/bg/btno.php?s1=5b80dc233930805f9b1b2985cd47f8005fe735442df4b Page URL
http://gml-grp.com/C.ashx?btag=a_12536b_1695c_&affid=3957&siteid=12536&adid=1695&c=5b80dc233930... HTTP 302
http://gml-grp.com/C.ashx?btag=a_12536b_1695c_&affid=3957&siteid=12536&adid=1695&c=5b80dc233930... HTTP 302
https://promos.betano.bg/bonus-pitch-sb/index.html?btag=a_12536b_1695c_5b80dc233930805f9b1b2985cd47f8... Page URL

Page Statistics

5
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

11 kB
Transfer

32 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/5xx-error-landing
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://adstracked.xyz/web/bg/btno.php?s1=5b80dc233930805f9b1b2985cd47f8005fe735442df4b Page URL
http://gml-grp.com/C.ashx?btag=a_12536b_1695c_&affid=3957&siteid=12536&adid=1695&c=5b80dc233930805f9b1b2985cd47f8005fe735442df4b HTTP 302
http://gml-grp.com/C.ashx?btag=a_12536b_1695c_&affid=3957&siteid=12536&adid=1695&c=5b80dc233930805f9b1b2985cd47f8005fe735442df4b&AutoR=1 HTTP 302
https://promos.betano.bg/bonus-pitch-sb/index.html?btag=a_12536b_1695c_5b80dc233930805f9b1b2985cd47f8005fe735442df4b&utm_medium=3957&utm_source=1&siteid=12536 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 btno.php Show response
adstracked.xyz/web/bg/ 270 B
679 B 344ms
327ms Document
text/html 2606:4700:3031::ac43:bee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adstracked.xyz/web/bg/btno.php?s1=5b80dc233930805f9b1b2985cd47f8005fe735442df4b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:bee4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ccd123a01750e7bc161006243d2590e8f3cc28da8a14cec3788e89230a891ae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fb648635b064411-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 21:00:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmiDXigzb98%2FKR%2BBQfl2HWXBSTqIJtxgX4MLQpv5R4vIbGSc5Xoo3TwmbXn9KrNcV7mh6sQNoD%2B3IZ6%2BvAD1BFsk9RMqnJfNetL6nOkyMCl%2Byw1161hQNN4aL5C5mwz6bb1b5HquTAXRWEuQmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

403

Primary Request index.html Show response
promos.betano.bg/bonus-pitch-sb/
Redirect Chain

http://gml-grp.com/C.ashx?btag=a_12536b_1695c_&affid=3957&siteid=12536&adid=1695&c=5b80dc233930805f9b1b2985cd47f8005fe735442df4b
http://gml-grp.com/C.ashx?btag=a_12536b_1695c_&affid=3957&siteid=12536&adid=1695&c=5b80dc233930805f9b1b2985cd47f8005fe735442df4b&AutoR=1
https://promos.betano.bg/bonus-pitch-sb/index.html?btag=a_12536b_1695c_5b80dc233930805f9b1b2985cd47f8005fe735442df4b&utm_medium=3957&utm_source=1&siteid=12536

4 KB
2 KB

176ms
17ms

Document
text/html

2606:4700::6812:1d3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.bg/bonus-pitch-sb/index.html?btag=a_12536b_1695c_5b80dc233930805f9b1b2985cd47f8005fe735442df4b&utm_medium=3957&utm_source=1&siteid=12536

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

720f7a0a991327bdb3d4e2f48f465b8a856767d9a6d7456eddff7b066eccee45

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://adstracked.xyz/web/bg/btno.php?s1=5b80dc233930805f9b1b2985cd47f8005fe735442df4b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=15
cf-ray: 7fb648693fc04393-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 21:00:03 GMT
expires: Wed, 23 Aug 2023 21:00:18 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
CF-RAY: 7fb64867b9cb183d-EWR
Cache-Control: private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Aug 2023 21:00:03 GMT
Location: https://promos.betano.bg/bonus-pitch-sb/index.html?btag=a_12536b_1695c_5b80dc233930805f9b1b2985cd47f8005fe735442df4b&utm_medium=3957&utm_source=1&siteid=12536
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IO%2B9%2FTmu%2FITgZZYMQ1rpeOxZAfzXnq1m2SgEzUWVKfR3mb0GJ%2FGt8YzIAcWnmlZ%2FQ%2FzYym8YBfUkPdolWrQtEGNSTBtvObSW4KpwkYNKXuuYg7ABp3DKfgOUkg1In6X9uYG2CyDjtFFQfg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 cf.errors.css
promos.betano.bg/cdn-cgi/styles/ 24 KB
5 KB 7ms
6ms Stylesheet
text/css 2606:4700::6812:1d3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promos.betano.bg/cdn-cgi/styles/cf.errors.css

Requested by

Host: promos.betano.bg
URL: https://promos.betano.bg/bonus-pitch-sb/index.html?btag=a_12536b_1695c_5b80dc233930805f9b1b2985cd47f8005fe735442df4b&utm_medium=3957&utm_source=1&siteid=12536

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://promos.betano.bg/bonus-pitch-sb/index.html?btag=a_12536b_1695c_5b80dc233930805f9b1b2985cd47f8005fe735442df4b&utm_medium=3957&utm_source=1&siteid=12536
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 21:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 15:15:55 GMT
server: cloudflare
etag: W/"64e37fab-5e44"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7fb648695ff24393-EWR
expires: Wed, 23 Aug 2023 23:00:03 GMT

GET
H2 200 browser-bar.png
promos.betano.bg/cdn-cgi/images/ 715 B
804 B 6ms
5ms Image
image/png 2606:4700::6812:1d3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.bg/cdn-cgi/images/browser-bar.png?1376755637

Requested by

Host: promos.betano.bg
URL: https://promos.betano.bg/cdn-cgi/styles/cf.errors.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://promos.betano.bg/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 21:00:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 15:15:55 GMT
server: cloudflare
etag: "64e37fab-2cb"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7fb6486978174393-EWR
content-length: 715
expires: Wed, 23 Aug 2023 23:00:03 GMT

GET
H2 200 cf-no-screenshot-error.png
promos.betano.bg/cdn-cgi/images/ 3 KB
3 KB 6ms
6ms Image
image/png 2606:4700::6812:1d3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promos.betano.bg/cdn-cgi/images/cf-no-screenshot-error.png

Requested by

Host: promos.betano.bg
URL: https://promos.betano.bg/cdn-cgi/styles/cf.errors.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d3d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://promos.betano.bg/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 21:00:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 15:15:55 GMT
server: cloudflare
etag: "64e37fab-c8d"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7fb6486978194393-EWR
content-length: 3213
expires: Wed, 23 Aug 2023 23:00:03 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _cf_translation

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gml-grp.com/	1970-01-20 23:49:44	Name: CEK Value: a
gml-grp.com/	1970-01-20 16:23:20	Name: XYZ Value: 120&1&148&&&&0&1&&55eac5fc-004f-4b7f-a67b-6624b10d2d26&&a_12536b_1695&
gml-grp.com/	1970-01-20 16:23:20	Name: A_1695 Value: a=1695&r=0&fv=0&lv=0&vc=0&fc=20230823&lc=20230823090003&cc=1
gml-grp.com/	1970-01-20 16:23:20	Name: PM_23 Value: id=8905f23b-0de0-4cb5-a6c7-0e8572df8e11&c=5b80dc233930805f9b1b2985cd47f8005fe735442df4b&s=12536&ad=1695&md=0&pm=23&d=20230823210003&ip=0&r=0&ref=&RedirectParams=btag%3Da_12536b_1695c_5b80dc233930805f9b1b2985cd47f8005fe735442df4b%26utm_medium%3D3957%26utm_source%3D1%26siteid%3D12536&cip=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMjo4NmIzOjc4MDU6YWUyNg==
.betano.bg/	1970-01-20 14:13:46	Name: __cf_bm Value: Hq0XtazkN_BOueAauSpGwSQo6bj2dzDxzlD4U2LqvvQ-1692824403-0-AbCDGLVLz9Ew17SQ4LoCc5PBgDC5HYn+Lk7v5f3+QTh8CI5vTz13C3HKMulAQKiJn2hZ/+AhggqW4YNzXahIebk=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://promos.betano.bg/bonus-pitch-sb/index.html?btag=a_12536b_1695c_5b80dc233930805f9b1b2985cd47f8005fe735442df4b&utm_medium=3957&utm_source=1&siteid=12536 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adstracked.xyz
gml-grp.com
promos.betano.bg
2606:4700:3030::6815:55a9
2606:4700:3031::ac43:bee4
2606:4700::6812:1d3d
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
1ccd123a01750e7bc161006243d2590e8f3cc28da8a14cec3788e89230a891ae
720f7a0a991327bdb3d4e2f48f465b8a856767d9a6d7456eddff7b066eccee45
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db

promos.betano.bg Open in urlscan Pro 2606:4700::6812:1d3d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

11 kBTransfer

32 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

promos.betano.bg Open in urlscan Pro
2606:4700::6812:1d3d Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

11 kB
Transfer

32 kB
Size

5
Cookies

5 HTTP transactions
0 data transactions