lex3.casino Open in urlscan Pro
104.21.78.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lex-irrs01.com/cdb0a1cff
Effective URL:
https://lex3.casino/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d...
Submission: On August 22 via api (August 22nd 2024, 12:21:12 pm UTC) from US — Scanned from NL

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 7 domains to perform 15 HTTP transactions. The main IP is 104.21.78.144, located in and belongs to CLOUDFLARENET, US. The main domain is lex3.casino.
TLS certificate: Issued by WE1 on July 29th 2024. Valid for: 3 months.

This is the only time lex3.casino was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.175.49 172.67.175.49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	172.67.191.37 172.67.191.37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.21.78.144 104.21.78.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.95.41 104.18.95.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	4

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lex-irrs01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.175.49 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lex-blrs10.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.191.37 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vip.premiumlex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.21.78.144 (None, )

ASN13335 (CLOUDFLARENET, US)

lex3.casino	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	lex3.casino lex3.casino Failed	71 KB
4	premiumlex.com 1 redirects vip.premiumlex.com	34 KB
2	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 3877	15 KB
1	lex-blrs10.com 1 redirects lex-blrs10.com	591 B
1	lex-irrs01.com 1 redirects lex-irrs01.com	490 B
0	lex-casino25.com Failed lex-casino25.com Failed
0	lex.casino Failed lex.casino Failed
15	7

	Domain	Requested by
5	lex3.casino	vip.premiumlex.com lex3.casino
4	vip.premiumlex.com	1 redirects vip.premiumlex.com
2	challenges.cloudflare.com	lex3.casino challenges.cloudflare.com
1	lex-blrs10.com	1 redirects
1	lex-irrs01.com	1 redirects
0	lex-casino25.com Failed	vip.premiumlex.com
0	lex.casino Failed	vip.premiumlex.com
15	7

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
premiumlex.com WE1	`2024-07-02` - `2024-09-30`	3 months	crt.sh
lex3.casino WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
challenges.cloudflare.com E5	`2024-07-17` - `2024-10-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://lex3.casino/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385
Frame ID: C22442004F673E7AA9FB796A0AFE2F7B
Requests: 12 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/obyte/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: 64D02BA0D9D84A7FD81303AA96A469EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Even geduld...

Page URL History Show full URLs

http://lex-irrs01.com/cdb0a1cff HTTP 307
https://lex-irrs01.com/cdb0a1cff HTTP 301
https://lex-blrs10.com/cdb0a1cff?&al_id=94d5166f6faac72a9fd092cb7641b4cc HTTP 302
https://vip.premiumlex.com/roulette/registration?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag... HTTP 302
https://vip.premiumlex.com/roulette/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&sta... Page URL
https://lex3.casino/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_... Page URL

Page Statistics

15
Requests

67 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

4
IPs

3
Countries

120 kB
Transfer

284 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lex-irrs01.com/cdb0a1cff HTTP 307
https://lex-irrs01.com/cdb0a1cff HTTP 301
https://lex-blrs10.com/cdb0a1cff?&al_id=94d5166f6faac72a9fd092cb7641b4cc HTTP 302
https://vip.premiumlex.com/roulette/registration?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385 HTTP 302
https://vip.premiumlex.com/roulette/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385 Page URL
https://lex3.casino/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://lex-irrs01.com/cdb0a1cff HTTP 307
https://lex-irrs01.com/cdb0a1cff HTTP 301
https://lex-blrs10.com/cdb0a1cff?&al_id=94d5166f6faac72a9fd092cb7641b4cc HTTP 302
https://vip.premiumlex.com/roulette/registration?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385 HTTP 302
https://vip.premiumlex.com/roulette/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
vip.premiumlex.com/roulette/registration/
Redirect Chain

http://lex-irrs01.com/cdb0a1cff
https://lex-irrs01.com/cdb0a1cff
https://lex-blrs10.com/cdb0a1cff?&al_id=94d5166f6faac72a9fd092cb7641b4cc
https://vip.premiumlex.com/roulette/registration?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385
https://vip.premiumlex.com/roulette/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385

1 KB
1 KB

65ms
61ms

Document
text/html

172.67.191.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vip.premiumlex.com/roulette/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bc42fc081c6abdd27e38944297fd6f2fa8228d7106acd532983ff2fc9ac0182

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, must-revalidate, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8b72d21caf109fd0-AMS
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Thu, 22 Aug 2024 12:21:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UyBgtnW%2FhdSz0vVvtMaxSOcfZJsr4RN5nrlggsCXp4T%2BWhbfSgDBfAoUgJQPOkxXWRoGkcXFQLaWKLyf6ib911uE90O4dqLdsKDX0Tbtz5z1CIdzVa%2BhcUfgr2xUnLzo78vxgzg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-iplb-instance: 58409
x-iplb-request-id: AC47B6D7:2540_4F893455:01BB_66C72D32_CDCFB:6F18

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b72d21c2e2f9fd0-AMS
content-type: text/html
date: Thu, 22 Aug 2024 12:21:06 GMT
location: /roulette/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JpiPvR9ee9rrNVgIr6cPlJ6ttcGuQ60rADo%2Fd6a7E5xo4XvqMrkbcXZBaectCHVJ3ODxSuuKY%2Ff8yYxR2ScFMa7yu8SKiee5VDjx3gxIriUR6BJyW1BRRAi1UqwXNoOnjP4RocQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-iplb-instance: 58409
x-iplb-request-id: AC47B6D7:2540_4F893455:01BB_66C72D32_CDCF3:6F18

GET
H3 200 index.js Show response
vip.premiumlex.com/assets/redirector-js/ 89 KB
31 KB 57ms
56ms Script
application/javascript 172.67.191.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vip.premiumlex.com/assets/redirector-js/index.js
Requested by: Host: vip.premiumlex.com
URL: https://vip.premiumlex.com/roulette/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d517ddab8824d0476bafb2b57a345cb3146587c6f0e2c70f1a64eab67fc3c7d0

Request headers

Referer: https://vip.premiumlex.com/roulette/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 12:21:06 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3118
x-iplb-instance: 58340
alt-svc: h3=":443"; ma=86400
content-length: 31623
last-modified: Tue, 30 Jul 2024 08:24:05 GMT
server: cloudflare
x-iplb-request-id: AC476756:AEDE_4F893455:01BB_66BF186E_A0D8:7806
etag: "66a8a325-7b87"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s5XqPA6363dd37bV7RnsRRHar3Leofxjq1ShhogqehcIHteKghugFGv1crEwZnun7FjO85BS7qe7Vt8CXLMDlRuzBS7pdp3LNVfWiWXXtYoUC3dWzAa9t%2FVWJ6aDkd%2F40YvENMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b72d21d4fa59fd0-AMS

GET /
lex3.casino/kshtrjq63hdasd/ 0
0

GET
H3 200 favicon.ico
vip.premiumlex.com/ 0
564 B 39ms
39ms Other
text/html 172.67.191.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vip.premiumlex.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.191.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.premiumlex.com/roulette/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 12:21:06 GMT
content-encoding: zstd
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-iplb-request-id: AC4767BD:56B0_4F893455:01BB_66C72D32_CDD37:6F18
x-iplb-instance: 58409
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mkWNANqByOQsQpv2lIFcRqyia%2FUCh6WCWcHEOkWiQzyJcy6ulj4rOds9qW5e5%2B8IcbMMfBFFYLc%2Bk9bE7ChY0td3x%2BuElo6Ry4puLXIEt3HD%2FfzU6Xw80qVJFbpEu4zFZIwg1x8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate, no-cache, no-store, max-age=0
cf-ray: 8b72d21dc85e9fd0-AMS
alt-svc: h3=":443"; ma=86400

GET /
lex.casino/kshtrjq63hdasd/ 0
0

GET /
lex-casino25.com/kshtrjq63hdasd/ 0
0

GET
H2 403 Primary Request / Show response
lex3.casino/registration/ 19 KB
11 KB 116ms
28ms Document
text/html 104.21.78.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lex3.casino/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385

Requested by

Host: vip.premiumlex.com
URL: https://vip.premiumlex.com/assets/redirector-js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.78.144 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6f6fcbae83777d437385f6c3ef94acdc15dc2e47f371ad71f7f9fde57f56b3e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vip.premiumlex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: bfSWJKvI+kcb1Bl2fhV5ncMwcIFz1wIwtjPZPp9NzwCOTIthsXRLogDsTKUeiyCtdErxmQClLHDL0dUU7g12aLRSxEswYaFuTanraksX9ubS1dannVNy73F838XEcCMoj8gQJq9tgjVYS/Zb3VEsLA==$kJhePGNcdOWQv/GT4QujPg==
cf-mitigated: challenge
cf-ray: 8b72d22e3cca0bb3-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 22 Aug 2024 12:21:09 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-content-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
lex3.casino/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 91 KB
35 KB 40ms
35ms Script
application/javascript 104.21.78.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lex3.casino/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8b72d22e3cca0bb3
Requested by: Host: lex3.casino
URL: https://lex3.casino/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.78.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa5139104dc102d9e6afeab19479b054ce8b024e6866482151525aa022f0d0a6

Request headers

Referer: https://lex3.casino/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385&__cf_chl_rt_tk=A82xW_ISZyuszQ2KyOoF0ojLFfX3r4SsqSvkS4ZoWHc-1724329269-0.0.1.1-7530
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 12:21:09 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
server: cloudflare
cf-ray: 8b72d22fbe9a0bb3-AMS
content-type: application/javascript; charset=UTF-8

GET 84c358f1-14ea-4aa5-9859-70e4bc81f76a
https://lex3.casino/ Frame 0
0

GET
H3 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/ 44 KB
15 KB 71ms
29ms Script
application/javascript 104.18.95.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js?onload=FWtH0&render=explicit
Requested by: Host: lex3.casino
URL: https://lex3.casino/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8b72d22e3cca0bb3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55

Request headers

Referer
Origin: https://lex3.casino
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 12:21:09 GMT
content-encoding: br
last-modified: Thu, 15 Aug 2024 16:28:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy: cross-origin
cf-ray: 8b72d23069a166c3-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 403 favicon.ico
lex3.casino/ 5 KB
5 KB 30ms
28ms Image
text/html 104.21.78.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lex3.casino/favicon.ico

Requested by

Host: lex3.casino
URL: https://lex3.casino/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.78.144 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc195667d773af5dab634a4edcd8f4e5699df3d6e7f73f4912a622b3bd0265db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lex3.casino/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 12:21:09 GMT
content-encoding: br
x-content-options: nosniff
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
cf-chl-out: Utzj0kVNXmiSWchG4bimM/1Sj6hndFe8eFWb4iw3GHDJ1oh0T0eL5eBGs50g6WAKJZ/W1xq/DahLLHmMfSFaZd5SS0hpptLWpgUPp/uKBjjl+l2YvdOt2ogEwcRpM+S/6B4biFryo45PNbK08xvjCA==$uACC5/vxSYmwEcpeRUCcpQ==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8b72d2303f1b0bb3-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 bae7b4f39b0fd36 Show response
lex3.casino/cdn-cgi/challenge-platform/h/b/flow/ov1/1376618652:1724325986:ubo0HYfkgbCFLKHjdlWJC70ADozMoCE-E98_uUAYiZE/8b72d22e3cca0bb3/ 17 KB
13 KB 38ms
36ms XHR
text/plain 104.21.78.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lex3.casino/cdn-cgi/challenge-platform/h/b/flow/ov1/1376618652:1724325986:ubo0HYfkgbCFLKHjdlWJC70ADozMoCE-E98_uUAYiZE/8b72d22e3cca0bb3/bae7b4f39b0fd36
Requested by: Host: lex3.casino
URL: https://lex3.casino/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8b72d22e3cca0bb3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.78.144 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc6280dffc1edd97703642a807d3621573de43647fd06e5db82e56ffaceb13e

Request headers

Referer: https://lex3.casino/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
CF-Challenge: bae7b4f39b0fd36
Content-type: application/x-www-form-urlencoded

Response headers

content-type: text/plain; charset=UTF-8
date: Thu, 22 Aug 2024 12:21:09 GMT
content-encoding: br
server: cloudflare
cf-ray: 8b72d231285c0bb3-AMS
cf-chl-gen: igMBB9NYY6MtqPKs9UEjEUi5BhvHl7YH4HnnhNDxVQqP/rzgHVVSEByNjdUpKcapnBIs/EYKxg==$n+ISbry6Szy8sKzC

GET
H2 403 favicon.ico
lex3.casino/ 16 KB
8 KB 29ms
28ms Other
text/html 104.21.78.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lex3.casino/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.78.144 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ea5c5a71856dc7678c78fbfb9b2eb83c7cd6368c0384b595780e29f0292227f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lex3.casino/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 12:21:09 GMT
content-encoding: br
x-content-options: nosniff
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
cf-chl-out: 3JcguxuDg2Jp68UuR+iVAEUD9r60/BIcxETep5ii7W37xFBb0CNiBoqKZm6Adc23pO/BIc5iKAYhZ7m5szvhQODznW2i9dN0BpWiHgiHqpF7UQ6MHk45ILVeA/sITtipNUtBXWgLSJdqmxDfGRZWaA==$shWRL+4v07yuOB5QAytMng==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8b72d23148840bb3-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET cbdd83d0-a1d8-4811-9018-bec784276d45
https://lex3.casino/ Frame 0
0

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/obyte/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 64D0 0
0 46ms
27ms Document
text/html 104.18.95.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/obyte/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js?onload=FWtH0&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8b72d2324e790b78-AMS
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 22 Aug 2024 12:21:10 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lex3.casino
URL: https://lex3.casino/kshtrjq63hdasd/

Domain: lex.casino
URL: https://lex.casino/kshtrjq63hdasd/

Domain: lex-casino25.com
URL: https://lex-casino25.com/kshtrjq63hdasd/

Domain: lex3.casino
URL: blob:https://lex3.casino/84c358f1-14ea-4aa5-9859-70e4bc81f76a

Domain: lex3.casino
URL: blob:https://lex3.casino/cbdd83d0-a1d8-4811-9018-bec784276d45

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lex-blrs10.com/	1970-01-20 23:42:01	Name: 8241649609f88ccd2a0a Value: 66c72d3272edad3c749d7385
.premiumlex.com/	1970-01-20 22:58:51	Name: __cf_bm Value: jUfdhE51vhHQz_qIx9bAV1chUeFJ3PK2ZYMCsLYkrb4-1724329266-1.0.1.1-.ze4U_nxnyFsyUgyiLVUk7kf1lfIiT1O4bS9bZqTtbZgGx76PLg21JevacwbpJElXBVMsO2PpnZOOM0uWG1M0Q
.lex3.casino/	1970-01-20 22:58:51	Name: __cf_bm Value: 67FKl7wStK2nY5rhANoUsvi5K48SKRkYR4zy9hVqLY8-1724329269-1.0.1.1-G7IfZkNHa_zYXFdNMLkg6fH8phyg9AQ1HwwREfzdfPix5U_bKdSEDr7B2GoWX1Yda7esLHEoAGtrYATU4Qaljw

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://vip.premiumlex.com/roulette/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385 Message: Access to XMLHttpRequest at 'https://lex3.casino/kshtrjq63hdasd/' from origin 'https://vip.premiumlex.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://lex3.casino/kshtrjq63hdasd/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vip.premiumlex.com/roulette/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385 Message: Access to XMLHttpRequest at 'https://lex.casino/kshtrjq63hdasd/' from origin 'https://vip.premiumlex.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://lex.casino/kshtrjq63hdasd/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vip.premiumlex.com/roulette/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385 Message: Access to XMLHttpRequest at 'https://lex-casino25.com/kshtrjq63hdasd/' from origin 'https://vip.premiumlex.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://lex-casino25.com/kshtrjq63hdasd/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://lex3.casino/registration/?affb_id=92&al_id=94d5166f6faac72a9fd092cb7641b4cc&stag=215788_66c72d3272edad3c749d7385 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lex3.casino/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lex3.casino/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
lex-blrs10.com
lex-casino25.com
lex-irrs01.com
lex.casino
lex3.casino
vip.premiumlex.com
lex-casino25.com
lex.casino
lex3.casino
104.18.95.41
104.21.78.144
172.67.175.49
172.67.191.37
188.114.97.3
6bc42fc081c6abdd27e38944297fd6f2fa8228d7106acd532983ff2fc9ac0182
7ea5c5a71856dc7678c78fbfb9b2eb83c7cd6368c0384b595780e29f0292227f
7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55
abc6280dffc1edd97703642a807d3621573de43647fd06e5db82e56ffaceb13e
c6f6fcbae83777d437385f6c3ef94acdc15dc2e47f371ad71f7f9fde57f56b3e
d517ddab8824d0476bafb2b57a345cb3146587c6f0e2c70f1a64eab67fc3c7d0
dc195667d773af5dab634a4edcd8f4e5699df3d6e7f73f4912a622b3bd0265db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa5139104dc102d9e6afeab19479b054ce8b024e6866482151525aa022f0d0a6

lex3.casino Open in urlscan Pro 104.21.78.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

67 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

4 IPs

3 Countries

120 kBTransfer

284 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

3 Cookies

9 Console Messages

Indicators

lex3.casino Open in urlscan Pro
104.21.78.144 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

67 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

4
IPs

3
Countries

120 kB
Transfer

284 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions