betplay.com.co Open in urlscan Pro
104.18.25.38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.transsacionesbancol.com/
Effective URL:
https://betplay.com.co/
Submission: On December 12 via automatic, source openphish (December 12th 2024, 1:12:07 am UTC) — Scanned from IL

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 104.18.25.38, located in and belongs to CLOUDFLARENET, US. The main domain is betplay.com.co. The Cisco Umbrella rank of the primary domain is 203017.
TLS certificate: Issued by WE1 on November 29th 2024. Valid for: 3 months.

This is the only time betplay.com.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	93.123.109.49 93.123.109.49	401116 (NYBULA) (NYBULA)
5	104.18.25.38 104.18.25.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.95.41 104.18.95.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.94.41 104.18.94.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	5

6 93.123.109.49 (Bulgaria)

ASN401116 (NYBULA, US)
PTR: 93-123-109-49.sarnica.net

www.transsacionesbancol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.25.38 (None, )

ASN13335 (CLOUDFLARENET, US)

betplay.com.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	transsacionesbancol.com www.transsacionesbancol.com	35 KB
5	betplay.com.co betplay.com.co — Cisco Umbrella Rank: 203017	61 KB
2	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 3147	16 KB
0	geojs.io Failed get.geojs.io Failed
18	4

	Domain	Requested by
6	www.transsacionesbancol.com	www.transsacionesbancol.com
5	betplay.com.co	www.transsacionesbancol.com betplay.com.co
2	challenges.cloudflare.com	betplay.com.co challenges.cloudflare.com
0	get.geojs.io Failed	www.transsacionesbancol.com
18	4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
transsacionesbancol.com E6	`2024-12-10` - `2025-03-10`	3 months	crt.sh
betplay.com.co WE1	`2024-11-29` - `2025-02-27`	3 months	crt.sh
challenges.cloudflare.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://betplay.com.co/
Frame ID: 2B4693574953E8FF05F8254FA84F342E
Requests: 15 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/qoybm/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/normal/auto/
Frame ID: E359E69695A52405B707D1BE972999C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

רק רגע...

Page URL History Show full URLs

http://www.transsacionesbancol.com/ HTTP 307
https://www.transsacionesbancol.com/ Page URL
https://betplay.com.co/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

72 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

112 kB
Transfer

276 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=l
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.transsacionesbancol.com/ HTTP 307
https://www.transsacionesbancol.com/ Page URL
https://betplay.com.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.transsacionesbancol.com/ HTTP 307
https://www.transsacionesbancol.com/

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
www.transsacionesbancol.com/
Redirect Chain

http://www.transsacionesbancol.com/
https://www.transsacionesbancol.com/

2 KB
1006 B

1151ms
149ms

Document
text/html

93.123.109.49
NYBULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.transsacionesbancol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 93.123.109.49 , Bulgaria, ASN401116 (NYBULA, US),
Reverse DNS: 93-123-109-49.sarnica.net
Software: Apache/2.4.62 (Debian) /
Resource Hash: 2daff4f0976c8f53bf22bc57f62f90cd7e6fc410f81eef8ac784b44e0f348959

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 754
Content-Type: text/html; charset=UTF-8
Date: Thu, 12 Dec 2024 01:11:43 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.62 (Debian)
Vary: Accept-Encoding

Redirect headers

Location: https://www.transsacionesbancol.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
www.transsacionesbancol.com/panel/js/ 87 KB
31 KB 160ms
136ms Script
text/javascript 93.123.109.49
NYBULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.transsacionesbancol.com/panel/js/jquery-3.6.0.min.js
Requested by: Host: www.transsacionesbancol.com
URL: https://www.transsacionesbancol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 93.123.109.49 , Bulgaria, ASN401116 (NYBULA, US),
Reverse DNS: 93-123-109-49.sarnica.net
Software: Apache/2.4.62 (Debian) /
Resource Hash: ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.transsacionesbancol.com/

Response headers

Content-Encoding: gzip
ETag: "15d9f-606b3edc09d80-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30908
Keep-Alive: timeout=5, max=99
Date: Thu, 12 Dec 2024 01:11:43 GMT
Last-Modified: Mon, 02 Oct 2023 04:08:38 GMT
Vary: Accept-Encoding
Server: Apache/2.4.62 (Debian)
Content-Type: text/javascript

GET
H/1.1 200
OK index.js Show response
www.transsacionesbancol.com/js/ 3 KB
1 KB 469ms
191ms Script
text/javascript 93.123.109.49
NYBULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.transsacionesbancol.com/js/index.js
Requested by: Host: www.transsacionesbancol.com
URL: https://www.transsacionesbancol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 93.123.109.49 , Bulgaria, ASN401116 (NYBULA, US),
Reverse DNS: 93-123-109-49.sarnica.net
Software: Apache/2.4.62 (Debian) /
Resource Hash: 41c89d961ee8434af04eadaeb9ebe1e1df7dbfae4cb9b7338a54651ab19783ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.transsacionesbancol.com/

Response headers

Content-Encoding: gzip
ETag: "cb8-628b6c8a9e400-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1023
Keep-Alive: timeout=5, max=100
Date: Thu, 12 Dec 2024 01:11:44 GMT
Last-Modified: Sat, 07 Dec 2024 23:49:36 GMT
Vary: Accept-Encoding
Server: Apache/2.4.62 (Debian)
Content-Type: text/javascript

GET
H/1.1 200
OK functions2.js Show response
www.transsacionesbancol.com/scripts/ 2 KB
951 B 468ms
188ms Script
text/javascript 93.123.109.49
NYBULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.transsacionesbancol.com/scripts/functions2.js
Requested by: Host: www.transsacionesbancol.com
URL: https://www.transsacionesbancol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 93.123.109.49 , Bulgaria, ASN401116 (NYBULA, US),
Reverse DNS: 93-123-109-49.sarnica.net
Software: Apache/2.4.62 (Debian) /
Resource Hash: f97b6db05b011de48e20e61f2d338949c422959d2ab0ba980e77ffbe84c426af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.transsacionesbancol.com/

Response headers

Content-Encoding: gzip
ETag: "7fa-625de8e24ae80-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 609
Keep-Alive: timeout=5, max=98
Date: Thu, 12 Dec 2024 01:11:44 GMT
Last-Modified: Fri, 01 Nov 2024 19:00:58 GMT
Vary: Accept-Encoding
Server: Apache/2.4.62 (Debian)
Content-Type: text/javascript

GET
H/1.1 200
OK script.js
www.transsacionesbancol.com/scripts/ 785 B
671 B 617ms
150ms Script
text/javascript 93.123.109.49
NYBULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.transsacionesbancol.com/scripts/script.js
Requested by: Host: www.transsacionesbancol.com
URL: https://www.transsacionesbancol.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 93.123.109.49 , Bulgaria, ASN401116 (NYBULA, US),
Reverse DNS: 93-123-109-49.sarnica.net
Software: Apache/2.4.62 (Debian) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.transsacionesbancol.com/

Response headers

Content-Encoding: gzip
ETag: "311-628f3a08ca600-gzip"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 328
Keep-Alive: timeout=5, max=100
Date: Thu, 12 Dec 2024 01:11:44 GMT
Last-Modified: Wed, 11 Dec 2024 00:24:56 GMT
Vary: Accept-Encoding
Server: Apache/2.4.62 (Debian)
Content-Type: text/javascript

GET country.json
get.geojs.io/v1/ip/ 0
0

GET
H2 403 Primary Request / Show response
betplay.com.co/ 10 KB
8 KB 737ms
48ms Document
text/html 104.18.25.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://betplay.com.co/

Requested by

Host: www.transsacionesbancol.com
URL: https://www.transsacionesbancol.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c0f175b250b60b6b86995486bc6c325f6fd578716650cc557bb4446adc3e9cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.transsacionesbancol.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: gRc8KSzRv6DS5DZ26GF8Y68Nw9QGdGI16t08bIEtCo6Rp1LNsiSu2nQ8PiSWGgfBLGiIFcfj9U1lKdyU7tRTwrAWg4rXNwFAwzFc6z4hKDpsKfGByWke/tK0kkvfpoaaJcDsjWMoqPv9BGImgvYLHA==$gshtYlXot1WEztyM+L05Vg==
cf-mitigated: challenge
cf-ray: 8f09d79b298c7d95-TLV
content-encoding: br
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 12 Dec 2024 01:11:45 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-content-options: nosniff
x-frame-options: SAMEORIGIN

GET geo.json
get.geojs.io/v1/ip/ 0
0

GET
H/1.1 404
Not Found favicon.ico
www.transsacionesbancol.com/ 290 B
506 B 177ms
173ms Other
text/html 93.123.109.49
NYBULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.transsacionesbancol.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 93.123.109.49 , Bulgaria, ASN401116 (NYBULA, US),
Reverse DNS: 93-123-109-49.sarnica.net
Software: Apache/2.4.62 (Debian) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.transsacionesbancol.com/

Response headers

Keep-Alive: timeout=5, max=99
Content-Length: 290
Date: Thu, 12 Dec 2024 01:11:44 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.62 (Debian)
Connection: Keep-Alive

GET
H2 200 v1 Show response
betplay.com.co/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 100 KB
36 KB 176ms
137ms Script
application/javascript 104.18.25.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://betplay.com.co/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f09d79b298c7d95
Requested by: Host: betplay.com.co
URL: https://betplay.com.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6609f6cb1c8adc29f3e8f4c8008c941f084abeedc01fffa596edb87c784f8eb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://betplay.com.co/?__cf_chl_rt_tk=036YvIdP.lhjVZLM_q204Wh9jFY5_CRFc2PcbgE.nF4-1733965905-1.0.1.1-G.H3WiwRS_z9PKz3fZohB8d39xyikW2MvbEfCSnBuSk

Response headers

cf-ray: 8f09d79e2ade7d95-TLV
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
date: Thu, 12 Dec 2024 01:11:45 GMT
content-type: application/javascript; charset=UTF-8
server: cloudflare

GET 0170bcfc-22e0-4d79-98d5-566fb10f0984
https://betplay.com.co/ Frame 0
0

GET
H3 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/ 47 KB
16 KB 190ms
90ms Script
application/javascript 104.18.95.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit
Requested by: Host: betplay.com.co
URL: https://betplay.com.co/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f09d79b298c7d95
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://betplay.com.co
Referer

Response headers

server: cloudflare
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 8f09d7a11e20c21f-TLV
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 12 Dec 2024 01:11:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 03 Dec 2024 18:31:41 GMT
vary: Accept-Encoding
priority: u=3,i=?0

GET
H2 403 favicon.ico
betplay.com.co/ 3 KB
3 KB 88ms
83ms Image
text/html 104.18.25.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://betplay.com.co/favicon.ico

Requested by

Host: betplay.com.co
URL: https://betplay.com.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

214b516df8efe6e158bd02cd3b4db6b68b4addfae81b5f757d70372ecd190fea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://betplay.com.co/

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-content-options: nosniff
date: Thu, 12 Dec 2024 01:11:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: O2CHGQGWAYxZjZreyYf5+l8QN0wCT2YVTDgchwp99NL5OA9FQhox1/txCyh6OgCIL2wVhnYfDcFCIhoXaVfDzVGOe7SFVQnYcEVXho6FYrGzeIHrikJ/6XyC413Bjqt7P0mUKwd2Wpy2ZZ9iwbNOxQ==$aMFow2MlDTlC0UFC6B0tpw==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8f09d7a0ac047d95-TLV
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

POST
H2 200 dHJ1ZtJ7n2MMaOCWqmAMWvYfmpl6MPX1cwO0xlR6yrI-1733965905-1.2.1.1-QH4L5ZfI13GnhKjS.PrnYjWDnxf5EwhCvp.kwNkWzgk.uUb5C2mLXrIuI61EdhDq Show response
betplay.com.co/cdn-cgi/challenge-platform/h/g/flow/ov1/1657462519:1733963279:EOyq4KHO4Ef33q1C5gmVKmldJHMOzvF43KEr97mJaPg/8f09d79b298c7d95/ 13 KB
9 KB 119ms
87ms XHR
text/plain 104.18.25.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://betplay.com.co/cdn-cgi/challenge-platform/h/g/flow/ov1/1657462519:1733963279:EOyq4KHO4Ef33q1C5gmVKmldJHMOzvF43KEr97mJaPg/8f09d79b298c7d95/dHJ1ZtJ7n2MMaOCWqmAMWvYfmpl6MPX1cwO0xlR6yrI-1733965905-1.2.1.1-QH4L5ZfI13GnhKjS.PrnYjWDnxf5EwhCvp.kwNkWzgk.uUb5C2mLXrIuI61EdhDq
Requested by: Host: betplay.com.co
URL: https://betplay.com.co/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f09d79b298c7d95
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63c8b3a61acfd326f299ecacb19af6016b435df2871b603e900d111a40bbc40

Request headers

Referer: https://betplay.com.co/
CF-Chl-RetryAttempt: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
CF-Challenge: dHJ1ZtJ7n2MMaOCWqmAMWvYfmpl6MPX1cwO0xlR6yrI-1733965905-1.2.1.1-QH4L5ZfI13GnhKjS.PrnYjWDnxf5EwhCvp.kwNkWzgk.uUb5C2mLXrIuI61EdhDq

Response headers

cf-ray: 8f09d7a1ac747d95-TLV
content-encoding: br
date: Thu, 12 Dec 2024 01:11:46 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: NbgNpKofNk7J2FSuUSKIWNGF2F6q6a6W34uZfWdP9iTMUnRCd125N6x70w8eqG/uxg04KuUKvL0=$PLslwwskgKbxsBEJ
server: cloudflare

GET 90127350-1314-4d9d-975d-420cb8b643e5
https://betplay.com.co/ Frame 0
0

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/qoybm/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/normal/auto/ Frame E359 0
0 219ms
87ms Document
text/html 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/qoybm/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/normal/auto/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8f09d7a43867c231-TLV
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 12 Dec 2024 01:11:46 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority: u=0,i
referrer-policy: same-origin
server: cloudflare
server-timing: cfExtPri

GET
H2 403 favicon.ico
betplay.com.co/ 8 KB
5 KB 166ms
80ms Other
text/html 104.18.25.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://betplay.com.co/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

509aeb290e5256bcd6b5b397a43f31841157f78675b0202d52e03ac346098353

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://betplay.com.co/

Response headers

content-encoding: br
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-content-options: nosniff
date: Thu, 12 Dec 2024 01:11:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: yo32G/1z3sBYYK41Ba//8tp/cWVGMVvP7EWsgOrjrtVdOkrb3i+kwqMbO5TRtWK0tlU2XyFLtOOTv9AI/qppkAblnjlYTR3Miwes7n8Bjpm0S/qiXcvSTEg+my+ESs0tyr4JI+jMKb8naFBM6qUOdg==$ZG10+p31AsiLPODnBqQAjw==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8f09d7a3ad627d95-TLV
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: get.geojs.io
URL: https://get.geojs.io/v1/ip/country.json

Domain: get.geojs.io
URL: https://get.geojs.io/v1/ip/country.json

Domain: get.geojs.io
URL: https://get.geojs.io/v1/ip/geo.json

Domain: betplay.com.co
URL: blob:https://betplay.com.co/0170bcfc-22e0-4d79-98d5-566fb10f0984

Domain: betplay.com.co
URL: blob:https://betplay.com.co/90127350-1314-4d9d-975d-420cb8b643e5

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.betplay.com.co/	1970-01-21 01:39:27	Name: __cf_bm Value: SdJS1ZpSZPHe8ZbNbr5pZKNjgPxvGGyJZ65D_wKIeTA-1733965905-1.0.1.1-guoo_QRaoTWRT0pyr4KnSPihw3yMLOhZLBrOhHZS3d7boaj3W8PPpeyKtqAt5vzlOaJi54v3VFSKzqM3eDm5TA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.transsacionesbancol.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://betplay.com.co/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://betplay.com.co/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://betplay.com.co/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

betplay.com.co
challenges.cloudflare.com
get.geojs.io
www.transsacionesbancol.com
betplay.com.co
get.geojs.io
104.18.25.38
104.18.94.41
104.18.95.41
93.123.109.49
214b516df8efe6e158bd02cd3b4db6b68b4addfae81b5f757d70372ecd190fea
2daff4f0976c8f53bf22bc57f62f90cd7e6fc410f81eef8ac784b44e0f348959
3c0f175b250b60b6b86995486bc6c325f6fd578716650cc557bb4446adc3e9cc
41c89d961ee8434af04eadaeb9ebe1e1df7dbfae4cb9b7338a54651ab19783ab
509aeb290e5256bcd6b5b397a43f31841157f78675b0202d52e03ac346098353
6609f6cb1c8adc29f3e8f4c8008c941f084abeedc01fffa596edb87c784f8eb7
a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141
b63c8b3a61acfd326f299ecacb19af6016b435df2871b603e900d111a40bbc40
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
f97b6db05b011de48e20e61f2d338949c422959d2ab0ba980e77ffbe84c426af

betplay.com.co Open in urlscan Pro 104.18.25.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

72 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

112 kBTransfer

276 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

1 Cookies

4 Console Messages

Indicators

betplay.com.co Open in urlscan Pro
104.18.25.38 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

72 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

112 kB
Transfer

276 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions