ph.casino Open in urlscan Pro
2606:4700::6811:f857 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ph.casino/
Submission: On December 05 via manual (December 5th 2023, 3:53:48 am UTC) from US — Scanned from NO

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2606:4700::6811:f857, located in United States and belongs to CLOUDFLARENET, US. The main domain is ph.casino.

This is the only time ph.casino was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	2606:4700::68... 2606:4700::6811:f857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	2606:4700::68... 2606:4700::6811:f757	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	3

3 2606:4700::6811:f857 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ph.casino	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:f757 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ph.casino	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ph.casino 4 redirects ph.casino	289 KB
7	1

	Domain	Requested by
9	ph.casino	4 redirects
7	1

This site contains no links.

Subject Issuer	Validity	Valid
ph.casino GTS CA 1P5	`2023-11-10` - `2024-02-08`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://ph.casino/
Frame ID: FEA0644A36095E3B7DBCFCEA2F199CFF
Requests: 7 HTTP requests in this frame

Frame: https://ph.casino/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: AEF089C67F30B7D4E54D78FC50D3A45A
Requests: 2 HTTP requests in this frame

Frame: https://ph.casino/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: B51B523D99AB49870E5D6CA910006B81
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Usoftgaming - online casino

Page Statistics

7
Requests

29 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

3
IPs

1
Countries

310 kB
Transfer

717 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://ph.casino/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://ph.casino/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://ph.casino/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Request Chain 7

http://ph.casino/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://ph.casino/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://ph.casino/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Request Chain 8

http://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/7c98623b60920903 HTTP 302
https://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/7c98623b60920903

Request Chain 9

http://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/830957f6dff756a9 HTTP 302
https://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/830957f6dff756a9

7 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 403
Forbidden Primary Request / Show response
ph.casino/ 564 KB
280 KB 147ms
91ms Document
text/html 2606:4700::6811:f857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://ph.casino/

Protocol

HTTP/1.1

Server

2606:4700::6811:f857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3605d4d5ecfcad454c6ac9ac00856443ee104f1a6f1a090cfed4ae67cbc68702

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

CF-RAY: 830957f6dff756a9-OSL
Cache-Control: max-age=15
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Dec 2023 03:53:42 GMT
Expires: Tue, 05 Dec 2023 03:53:57 GMT
Referrer-Policy: same-origin
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 59 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7395cf6147df4224e8e764fecb202db308b7681d2d491ac915eb490fb1ade6f3

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a1580645e3bff39ea13e21ded1f8820268b5d26bcf10b23db6e127aab84e61c

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://ph.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 25 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e39203a15909083113d7ea9bd87fbfc2fbdad5b81cdb9396ccaf624e2c20961

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://ph.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 72 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 248cbe04f5eee7bf9a2d8d0281c9512bd13285bf87e5ec227d64cebe88d3c3f4

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://ph.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://ph.casino/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d76579f18eabfa5c4697b6cd402bc6a20035afaa698cb2b6945ae677197f8

Request headers

Referer: http://ph.casino/
Origin: http://ph.casino
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2

200

main.js Show response
ph.casino/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame AEF0
Redirect Chain

http://ph.casino/cdn-cgi/challenge-platform/scripts/invisible.js
https://ph.casino/cdn-cgi/challenge-platform/scripts/invisible.js
https://ph.casino/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 KB
3 KB

45ms
44ms

Script
application/javascript

2606:4700::6811:f757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ph.casino/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Protocol

Server

2606:4700::6811:f757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcd2336788d839cafab2c5ad6a02dedc7e24b7e177eea275d127cde65ead3f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:53:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 830957f99cc856ba-OSL
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 05 Dec 2023 03:53:42 GMT
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 830957f95cb956ba-OSL
alt-svc: h3=":443"; ma=86400

GET
H2

200

main.js Show response
ph.casino/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame B51B
Redirect Chain

http://ph.casino/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://ph.casino/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://ph.casino/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 KB
3 KB

47ms
46ms

Script
application/javascript

2606:4700::6811:f757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ph.casino/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Protocol

Server

2606:4700::6811:f757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86936b97e2942c3a981c6267b79a2c5fdfe87089a2486beac6dee560ad8bac1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:53:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 830957f9acc956ba-OSL
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 05 Dec 2023 03:53:42 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
cache-control: max-age=300, public
cf-ray: 830957f95cbb56ba-OSL
alt-svc: h3=":443"; ma=86400

GET

7c98623b60920903
ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame AEF0
Redirect Chain

http://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/7c98623b60920903
https://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/7c98623b60920903

0
0

GET

830957f6dff756a9
ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B51B
Redirect Chain

http://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/830957f6dff756a9
https://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/830957f6dff756a9

0
0

OPTIONS
H3 400 7c98623b60920903
ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0
0 134ms
51ms Preflight
application/json 2606:4700::6811:f757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/7c98623b60920903
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:f757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://ph.casino
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: 82gYijQGI410N7cnwXY9QQ==$gRxqFH5Skh58LIu93KejAw==
cf-ray: 830957fb7a7956c7-OSL
content-type: application/json
date: Tue, 05 Dec 2023 03:53:42 GMT
server: cloudflare

OPTIONS
H3 400 830957f6dff756a9
ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0
0 59ms
50ms Preflight
application/json 2606:4700::6811:f757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/830957f6dff756a9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:f757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://ph.casino
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: LIADRBETo3LoqANsDAmYww==$x3LBtAm0b5FM6jBH/CZNLw==
cf-ray: 830957fb7a7856c7-OSL
content-type: application/json
date: Tue, 05 Dec 2023 03:53:42 GMT
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ph.casino
URL: https://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/7c98623b60920903

Domain: ph.casino
URL: https://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/830957f6dff756a9

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ph.casino/	1970-01-20 16:42:30	Name: __cf_bm Value: opKgug_zSzKUzLtsLf4PQUbna2R227.Kkq2Lcy24btQ-1701748422-0-ASm4Im0YL/Jp2kec9NqciM25VEDNtv5DFC35WI914m/tpKF7I9N+RDs6A4Ie0KX81cq4nVdresQtzQjgqmqB3Yw=

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://ph.casino/ Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	error	URL: about:blank Message: Access to XMLHttpRequest at 'https://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/830957f6dff756a9' (redirected from 'http://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/830957f6dff756a9') from origin 'http://ph.casino' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/830957f6dff756a9 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: about:blank Message: Access to XMLHttpRequest at 'https://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/7c98623b60920903' (redirected from 'http://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/7c98623b60920903') from origin 'http://ph.casino' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ph.casino/cdn-cgi/challenge-platform/h/b/jsd/r/7c98623b60920903 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ph.casino
ph.casino
2606:4700::6811:f757
2606:4700::6811:f857
059d76579f18eabfa5c4697b6cd402bc6a20035afaa698cb2b6945ae677197f8
248cbe04f5eee7bf9a2d8d0281c9512bd13285bf87e5ec227d64cebe88d3c3f4
3605d4d5ecfcad454c6ac9ac00856443ee104f1a6f1a090cfed4ae67cbc68702
7395cf6147df4224e8e764fecb202db308b7681d2d491ac915eb490fb1ade6f3
7a1580645e3bff39ea13e21ded1f8820268b5d26bcf10b23db6e127aab84e61c
86936b97e2942c3a981c6267b79a2c5fdfe87089a2486beac6dee560ad8bac1e
8e39203a15909083113d7ea9bd87fbfc2fbdad5b81cdb9396ccaf624e2c20961
dcd2336788d839cafab2c5ad6a02dedc7e24b7e177eea275d127cde65ead3f04
f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4

ph.casino Open in urlscan Pro 2606:4700::6811:f857 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

29 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

3 IPs

1 Countries

310 kBTransfer

717 kBSize

1 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

5 Console Messages

Security Headers

Indicators

ph.casino Open in urlscan Pro
2606:4700::6811:f857 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

29 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

3
IPs

1
Countries

310 kB
Transfer

717 kB
Size

1
Cookies

7 HTTP transactions
6 data transactions