www.000393.win Open in urlscan Pro
109.74.204.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://leon-pd-group-d1ec.com/
Effective URL:
https://www.000393.win/
Submission: On November 16 via api (November 16th 2024, 12:42:43 pm UTC) from US — Scanned from NL

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 22 HTTP transactions. The main IP is 109.74.204.108, located in London, United Kingdom and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.000393.win.
TLS certificate: Issued by R11 on September 26th 2024. Valid for: 3 months.

This is the only time www.000393.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.223.227.236 159.223.227.236	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	109.74.204.108 109.74.204.108	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE G-C...) (GCORE G-Core Labs S.A.)
22	3

1 159.223.227.236 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

leon-pd-group-d1ec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 109.74.204.108 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 109-74-204-108.ip.linodeusercontent.com

www.000393.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE G-Core Labs S.A., LU)

leoncasino.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	gcdn.co leoncasino.gcdn.co	265 KB
3	000393.win www.000393.win	69 KB
1	leon-pd-group-d1ec.com 1 redirects leon-pd-group-d1ec.com	237 B
22	3

	Domain	Requested by
3	leoncasino.gcdn.co	www.000393.win leoncasino.gcdn.co
3	www.000393.win	leoncasino.gcdn.co
1	leon-pd-group-d1ec.com	1 redirects
22	3

This site contains no links.

Subject Issuer	Validity	Valid
000393.win R11	`2024-09-26` - `2024-12-25`	3 months	crt.sh
*.gcdn.co DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-03` - `2025-08-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.000393.win/
Frame ID: 7A4DE7C92F5DD6E7472E72BE82E36D4B
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Leon - Slots | LIVE Casino

Page URL History Show full URLs

https://leon-pd-group-d1ec.com/ HTTP 302
https://www.000393.win/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

22
Requests

27 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

334 kB
Transfer

1484 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://leon-pd-group-d1ec.com/ HTTP 302
https://www.000393.win/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.000393.win/
Redirect Chain

https://leon-pd-group-d1ec.com/
https://www.000393.win/

23 KB
9 KB

101ms
28ms

Document
text/html

109.74.204.108
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.000393.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.74.204.108 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-74-204-108.ip.linodeusercontent.com

Software

nginx/1.16.0 /

Resource Hash

0f1d544f4b15ed9888540ccefe067ca428d0138b9954d1582e0da1bebff350fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 16 Nov 2024 12:42:13 GMT
expires: 0
pragma: no-cache
server: nginx/1.16.0
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Redirect headers

content-length: 145
content-type: text/html
date: Sat, 16 Nov 2024 12:42:13 GMT
location: https://www.000393.win/
server: nginx/1.16.0

GET
H2 200 webpack.d.m.4457e682.js Show response
leoncasino.gcdn.co/js/ 157 KB
27 KB 130ms
55ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/webpack.d.m.4457e682.js
Requested by: Host: www.000393.win
URL: https://www.000393.win/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 6b5fd6a6c8205e11ffca1cd5fd76aeccb1b5f14d5799e1e6432a2be42e17e7a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.000393.win/

Response headers

cache: HIT
content-encoding: gzip
etag: W/"672dcb02-27391"
age: 456135
expires: Thu, 31 Dec 2037 23:55:55 GMT
traceparent: 00-fa862450766ae20ac117436d496bc7f2-9b39d99c03c4ab8c-01
date: Sat, 16 Nov 2024 12:42:13 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 08:25:38 GMT
vary: Accept-Encoding
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc28
x-id-fe: fr5-hw-edge-gc28
access-control-allow-origin: *
x-cached-since: 2024-11-11T05:59:58+00:00
server: nginx

GET
H2 200 vendors.d.m.342cb5e4.js Show response
leoncasino.gcdn.co/js/ 588 KB
157 KB 144ms
69ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/vendors.d.m.342cb5e4.js
Requested by: Host: www.000393.win
URL: https://www.000393.win/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: b9a3f468cf72b8006d60929615ffc665c8325a58679960ee087bf2b7d45904ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.000393.win/

Response headers

cache: HIT
content-encoding: br
etag: "66fd539b-27201"
age: 3804911
expires: Thu, 31 Dec 2037 23:55:55 GMT
traceparent: 00-6fbbb8a24fdcbdec8d138a6ada28ec8b-9d354bbbe6132529-01
date: Sat, 16 Nov 2024 12:42:13 GMT
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 14:07:23 GMT
vary: Accept-Encoding
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc28
x-id-fe: fr5-hw-edge-gc28
accept-ranges: bytes
access-control-allow-origin: *
content-length: 160257
x-cached-since: 2024-10-03T11:47:02+00:00
server: nginx

GET
H2 200 app.1c710a334ea0.js Show response
leoncasino.gcdn.co/js/ 430 KB
81 KB 68ms
26ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://leoncasino.gcdn.co/js/app.1c710a334ea0.js
Requested by: Host: www.000393.win
URL: https://www.000393.win/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 4aa34dff76e6b6a472272dfaffe14fbd9aacc66bfcd4b039fee57b2a9bb8c02f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.000393.win/

Response headers

cache: HIT
content-encoding: br
etag: "672e26c5-143d9"
age: 429366
expires: Thu, 31 Dec 2037 23:55:55 GMT
traceparent: 00-c6b4278e1fb525e07421d4fbe0376a54-f6b381808504313f-01
date: Sat, 16 Nov 2024 12:42:13 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 14:57:09 GMT
vary: Accept-Encoding
cache-control: max-age=315360000, public
x-id: fr5-hw-edge-gc28
x-id-fe: fr5-hw-edge-gc28
accept-ranges: bytes
access-control-allow-origin: *
content-length: 82905
x-cached-since: 2024-11-11T13:26:07+00:00
server: nginx

GET async-vendor-vue-router.d.m.65d0c79d.js
leoncasino.gcdn.co/js/ 0
0

GET async-vendor-vue.d.m.d27a6fd0.js
leoncasino.gcdn.co/js/ 0
0

GET async-route-modules-core.d.m.d0d2a338.js
leoncasino.gcdn.co/js/ 0
0

GET async-module-sportline.d.m.8f0601af.js
leoncasino.gcdn.co/js/ 0
0

GET async-module-profile.d.m.f9dcbac6.js
leoncasino.gcdn.co/js/ 0
0

GET async-module-landings.d.m.a4c6dafe.js
leoncasino.gcdn.co/js/ 0
0

GET async-module-slip.d.m.910f0734.js
leoncasino.gcdn.co/js/ 0
0

GET async-module-core.d.m.d0bfc394.js
leoncasino.gcdn.co/js/ 0
0

GET async-module-referral-program.d.m.71edc875.js
leoncasino.gcdn.co/js/ 0
0

GET async-module-errors.d.m.c05b3657.js
leoncasino.gcdn.co/js/ 0
0

GET async-module-pin-code.d.m.f55cec91.js
leoncasino.gcdn.co/js/ 0
0

GET async-module-dialogs.d.m.3a1b5371.js
leoncasino.gcdn.co/js/ 0
0

GET async-module-registration.d.m.7ff6dc3f.js
leoncasino.gcdn.co/js/ 0
0

GET async-module-customer-notifications.d.m.2c18dd45.js
leoncasino.gcdn.co/js/ 0
0

GET async-app.d.m.21397a9c.js
leoncasino.gcdn.co/js/ 0
0

GET async-vendors.d.m.55cb6d05.js
leoncasino.gcdn.co/js/ 0
0

POST
H2 200 api-1
www.000393.win/ 19 KB
0 176ms
141ms Fetch
application/json 109.74.204.108
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.000393.win/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.1c710a334ea0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.74.204.108 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-74-204-108.ip.linodeusercontent.com

Software

nginx/1.16.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-env: prod
x-app-skin: leoncasino
x-app-platform: web
x-app-modernity: modern
Referer: https://www.000393.win/
x-app-os: linux
x-requested-uri: /
x-app-version: 6.99.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-app-rendering: csr
content-type: application/json
x-app-layout: desktop
x-app-browser: chrome

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Sat, 16 Nov 2024 12:42:13 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.16.0
content-language: nl-NL
x-frame-options: SAMEORIGIN

POST
H2 200 api-1 Show response
www.000393.win/ 267 KB
60 KB 161ms
147ms Fetch
application/json 109.74.204.108
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.000393.win/api-1

Requested by

Host: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/app.1c710a334ea0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.74.204.108 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

109-74-204-108.ip.linodeusercontent.com

Software

nginx/1.16.0 /

Resource Hash

ac78b06ca5df6b4d5020fc52c8fd227e9bbe6cfea3ef8b90bd91e2811b2345b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

x-app-env: prod
x-app-skin: leoncasino
x-app-platform: web
x-app-modernity: modern
Referer: https://www.000393.win/
x-app-os: linux
x-requested-uri: /
x-app-version: 6.99.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-app-rendering: csr
content-type: application/json
x-app-layout: desktop
x-app-browser: chrome

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: 0
date: Sat, 16 Nov 2024 12:42:43 GMT
x-xss-protection: 0
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: nginx/1.16.0
content-language: nl-NL
x-frame-options: SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-vendor-vue-router.d.m.65d0c79d.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-vendor-vue.d.m.d27a6fd0.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-route-modules-core.d.m.d0d2a338.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-sportline.d.m.8f0601af.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-profile.d.m.f9dcbac6.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-landings.d.m.a4c6dafe.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-slip.d.m.910f0734.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-core.d.m.d0bfc394.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-referral-program.d.m.71edc875.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-errors.d.m.c05b3657.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-pin-code.d.m.f55cec91.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-dialogs.d.m.3a1b5371.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-registration.d.m.7ff6dc3f.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-module-customer-notifications.d.m.2c18dd45.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-app.d.m.21397a9c.js

Domain: leoncasino.gcdn.co
URL: https://leoncasino.gcdn.co/js/async-vendors.d.m.55cb6d05.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __webpack_public_path__ object| initConfig object| webpackChunk_frontend_web function| _

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.000393.win/	1970-01-21 10:38:40	Name: eua Value: syFTG5xheOkWSiUoL5sV8yfzua4rFB/aCuCGysLEWnDLhyvzlFPnRjTN5vn/cobNDizvsMP6hf+Id8v0fILTdUdnk8we6OLSmoxFdgBNF3a+/PKrNYH1WPxvWL+7d5UFQOFMpVIsVAyZN+Xd3UOW0FkoriRoOtIu1BH5TPZbJQ4tV2CzRXPwIOdZALMPLoK+HPviErwm3Usd1eFFZ/nrxsk43E7KEKpoLH0v7K84XL8j5KPBXG1lY0uyfAo=
www.000393.win/	1970-01-21 10:38:40	Name: ABTestSeed Value: 19
www.000393.win/	1970-01-21 01:45:52	Name: qtag_rfrr Value: null-null
www.000393.win/	1970-01-21 09:48:16	Name: ipfrom Value: 31.204.152.218
www.000393.win/	1970-01-21 10:38:40	Name: x-app-language Value: en_US

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

leon-pd-group-d1ec.com
leoncasino.gcdn.co
www.000393.win
leoncasino.gcdn.co
109.74.204.108
159.223.227.236
2a03:90c0:41:2801::62
0f1d544f4b15ed9888540ccefe067ca428d0138b9954d1582e0da1bebff350fa
4aa34dff76e6b6a472272dfaffe14fbd9aacc66bfcd4b039fee57b2a9bb8c02f
6b5fd6a6c8205e11ffca1cd5fd76aeccb1b5f14d5799e1e6432a2be42e17e7a5
ac78b06ca5df6b4d5020fc52c8fd227e9bbe6cfea3ef8b90bd91e2811b2345b0
b9a3f468cf72b8006d60929615ffc665c8325a58679960ee087bf2b7d45904ea

www.000393.win Open in urlscan Pro 109.74.204.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

27 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

334 kBTransfer

1484 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

www.000393.win Open in urlscan Pro
109.74.204.108 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

27 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

334 kB
Transfer

1484 kB
Size

5
Cookies

22 HTTP transactions
0 data transactions