leon.casino
Open in
urlscan Pro
3.33.158.153
Public Scan
Effective URL: https://leon.casino/traff/de/dragon/index_metrika.html?qtag=a27112_t34074_c543_s21102_65805487d85e1a00013d1ddc
Submission: On December 18 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on November 10th 2023. Valid for: 3 months.
This is the only time leon.casino was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:4700:303... 2606:4700:3033::ac43:c223 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3035::ac43:b07e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3032::ac43:dadc | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 3.33.158.153 3.33.158.153 | 16509 (AMAZON-02) (AMAZON-02) | |
16 | 2a03:90c0:41:... 2a03:90c0:41:2801::62 | 199524 (GCORE) (GCORE) | |
17 | 2 |
ASN13335 (CLOUDFLARENET, US)
bets-nature-gyarados-pokemon-planet-657239.omskminzdrav.online |
ASN16509 (AMAZON-02, US)
PTR: a74c9b096c06d2617.awsglobalaccelerator.com
leon.casino |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
gcdn.co
landingpageslb.gcdn.co |
1 MB |
2 |
omskminzdrav.online
2 redirects
bets-nature-gyarados-pokemon-planet-657239.omskminzdrav.online |
1 KB |
1 |
leon.casino
leon.casino |
2 KB |
1 |
ksa5lu5y3o.com
1 redirects
ksa5lu5y3o.com |
759 B |
1 |
elbe1lif.xyz
1 redirects
go.elbe1lif.xyz |
668 B |
1 |
flakozt.ru
1 redirects
tds.flakozt.ru |
655 B |
17 | 6 |
Domain | Requested by | |
---|---|---|
16 | landingpageslb.gcdn.co |
leon.casino
landingpageslb.gcdn.co |
2 | bets-nature-gyarados-pokemon-planet-657239.omskminzdrav.online | 2 redirects |
1 | leon.casino | |
1 | ksa5lu5y3o.com | 1 redirects |
1 | go.elbe1lif.xyz | 1 redirects |
1 | tds.flakozt.ru | 1 redirects |
17 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
leon.casino R3 |
2023-11-10 - 2024-02-08 |
3 months | crt.sh |
*.gcdn.co DigiCert Global G3 TLS ECC SHA384 2020 CA1 |
2023-07-07 - 2024-07-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://leon.casino/traff/de/dragon/index_metrika.html?qtag=a27112_t34074_c543_s21102_65805487d85e1a00013d1ddc
Frame ID: EDC8AA33BF394D76719BA9B404233181
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
LEONPage URL History Show full URLs
-
http://bets-nature-gyarados-pokemon-planet-657239.omskminzdrav.online/
HTTP 301
https://bets-nature-gyarados-pokemon-planet-657239.omskminzdrav.online/ HTTP 302
https://tds.flakozt.ru/1?q=index.php-bets-nature-gyarados-pokemon-planet-657239.omskminzdrav.online/ HTTP 302
https://go.elbe1lif.xyz/click?pid=21102&offer_id=4210&sub1=2a01:4a0:2b::9-de-erlangen-index.php-bets... HTTP 302
https://ksa5lu5y3o.com/?serial=34074&creative_id=543&anid=21102_65805487d85e1a00013d1ddc HTTP 302
https://leon.casino/traff/de/dragon/index_metrika.html?qtag=a27112_t34074_c543_s21102_65805487d8... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bets-nature-gyarados-pokemon-planet-657239.omskminzdrav.online/
HTTP 301
https://bets-nature-gyarados-pokemon-planet-657239.omskminzdrav.online/ HTTP 302
https://tds.flakozt.ru/1?q=index.php-bets-nature-gyarados-pokemon-planet-657239.omskminzdrav.online/ HTTP 302
https://go.elbe1lif.xyz/click?pid=21102&offer_id=4210&sub1=2a01:4a0:2b::9-de-erlangen-index.php-bets-nature-gyarados-pokemon-planet-657239.omskminzdrav.online%2F&l=1700747712 HTTP 302
https://ksa5lu5y3o.com/?serial=34074&creative_id=543&anid=21102_65805487d85e1a00013d1ddc HTTP 302
https://leon.casino/traff/de/dragon/index_metrika.html?qtag=a27112_t34074_c543_s21102_65805487d85e1a00013d1ddc Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index_metrika.html
leon.casino/traff/de/dragon/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
landingpageslb.gcdn.co/wheel_de2/public/css/ |
21 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
landingpageslb.gcdn.co/wheel_de2/public/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
circle-1.png
landingpageslb.gcdn.co/wheel_de2/public/img/ |
475 KB 476 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
circle-2.png
landingpageslb.gcdn.co/wheel_de2/public/img/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wheel-win-0.png
landingpageslb.gcdn.co/wheel_de2/public/img/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wheel-win.png
landingpageslb.gcdn.co/wheel_de2/public/img/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bandit.png
landingpageslb.gcdn.co/wheel_de2/public/img/ |
470 KB 471 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
el-1.png
landingpageslb.gcdn.co/wheel_de2/public/img/elem/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
el-2.png
landingpageslb.gcdn.co/wheel_de2/public/img/elem/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
el-3.png
landingpageslb.gcdn.co/wheel_de2/public/img/elem/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popup-1.png
landingpageslb.gcdn.co/wheel_de2/public/img/popup/ |
121 KB 121 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popup-2.png
landingpageslb.gcdn.co/wheel_de2/public/img/popup/ |
168 KB 169 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
parallax.min.js
landingpageslb.gcdn.co/wheel_de2/public/js/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min.js
landingpageslb.gcdn.co/wheel_de2/public/js/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.jpg
landingpageslb.gcdn.co/wheel_de2/public/img/ |
117 KB 117 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniSansBold.woff2
landingpageslb.gcdn.co/wheel_de2/public/fonts/ |
23 KB 23 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| getCookie function| affLink function| Parallax function| $$ function| h_el function| debugging function| Opn function| OpnTwo function| firstBonus function| secondBonus object| parallax number| index4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
tds.flakozt.ru/ | Name: 95622e70ccf25e97e0474310a2e55cb7 Value: 0.1 |
|
go.elbe1lif.xyz/ | Name: afclick Value: 65805487d85e1a00013d1ddc |
|
go.elbe1lif.xyz/ | Name: afoffers Value: {"4210":1702909063} |
|
leon.casino/ | Name: qtag Value: a27112_t34074_c543_s21102_65805487d85e1a00013d1ddc |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bets-nature-gyarados-pokemon-planet-657239.omskminzdrav.online
go.elbe1lif.xyz
ksa5lu5y3o.com
landingpageslb.gcdn.co
leon.casino
tds.flakozt.ru
2606:4700:3032::ac43:dadc
2606:4700:3033::ac43:c223
2606:4700:3035::ac43:b07e
2a03:90c0:41:2801::62
2a06:98c1:3120::3
3.33.158.153
13807d3b9bbba5b5eeb0dc813b9423a66357389fc0808207d3d660b4296bddb7
1646b20562bfbbee63d431690cf097e3cade7568feff508b348a4c732d6bd4d8
1aa4cad8b8c65ae062f64172ceb16f7eb02242cee0ec506f6a18390b650b98e3
267b1781147d864815592282da85d5c349b0a12b7347c6ed07cfd2abe54c8786
5180278a81d2fadf713cc6db6f4f733396486c51179e0b390b7bfadd7b669809
60e3808a755889e222006c44835e3aa2b655c7131087d17679830591625dd11f
6729fe016ce01f3f3d940362a3a9fbc6dd0d48570594acbf85259c46f570a2b5
6e77d4e115f70e912d964fe68c07ff6555f96ec48e47f63c8d8beab18f8a6f0b
8888a631459933fda25c74f4c2397fb316b84d8d13662a4e52d1538d53b7cb66
902dc44c8fc98aacd190557d62da026b4691582678553de6554b0223d5074a2a
9d89afe161992ffca5891f8b731ec810d786bd2fa307fdd2873a979bdc00c0f1
af41296caaed28995224780ad79685bc0b31f0c753d795ea3febb4dc54f63399
beee58832085a77cf431b3152a77b42e0f69d8ab3faa11f30fdeba804c5f6b89
c8e2354e893f2bb454538ecccdf4e059c737e42603d1a2ebd4d7a15326f1b0d5
d8569b58aa9af9a99b2397a84e0461e636af74284d6d9ddcf709bac55fed80b4
ec4bd70634f7282ef39e69103f5e31d3ddde953b78c301f43878f9bd2b824193
f06e607369dd4e0223346f3876cd70d1bee8671a31c174487c2affc3f3f9eeb0