urlscan.io logo urlscan.io
SecurityTrails logo

r7.casino Open in urlscan Pro
172.64.147.131  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://selektorcasino3.click/
Effective URL: https://r7.casino/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-long%2Ctemplate-regfo...
Submission Tags: @phish_report
Submission: On October 29 via api from FI — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 5 HTTP transactions. The main IP is 172.64.147.131, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is r7.casino.
TLS certificate: Issued by WE1 on October 14th 2024. Valid for: 3 months.
This is the only time r7.casino was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 194.62.105.154 211381 (PODAON)
1 1 104.21.40.218 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 5 172.64.147.131 13335 (CLOUDFLAR...)
5 3
Apex Domain
Subdomains		 Transfer
5 r7.casino
r7.casino
2 MB
1 travel-to-r7.com
losangeles.travel-to-r7.com
921 B
1 aristocratic-hall.com
aristocratic-hall.com
871 B
1 selektorcasino3.click
selektorcasino3.click
97 B
5 4
Domain Requested by
5 r7.casino 1 redirects losangeles.travel-to-r7.com
r7.casino
1 losangeles.travel-to-r7.com
1 aristocratic-hall.com 1 redirects
1 selektorcasino3.click 1 redirects
5 4

This site contains no links.

Subject Issuer Validity Valid
travel-to-r7.com
WE1		 2024-09-21 -
2024-12-20		 3 months crt.sh
r7.casino
WE1		 2024-10-14 -
2025-01-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://r7.casino/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-long%2Ctemplate-regform%2Caction-no
Frame ID: 15E54A05C78BE0BA7A7E94EF0A101FE4
Requests: 6 HTTP requests in this frame

Frame: https://r7.casino/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js
Frame ID: 43EF8991E4571D7179CDA81E0D395CA2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Location restriction

Page URL History Show full URLs

  1. https://selektorcasino3.click/ HTTP 301
    https://aristocratic-hall.com/s73da9d26 HTTP 302
    https://losangeles.travel-to-r7.com/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-l... Page URL
  2. https://r7.casino/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-l... Page URL

Page Statistics

5
Requests

80 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

1899 kB
Transfer

2738 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://selektorcasino3.click/ HTTP 301
    https://aristocratic-hall.com/s73da9d26 HTTP 302
    https://losangeles.travel-to-r7.com/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-long%2Ctemplate-regform%2Caction-no Page URL
  2. https://r7.casino/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-long%2Ctemplate-regform%2Caction-no Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://selektorcasino3.click/ HTTP 301
  • https://aristocratic-hall.com/s73da9d26 HTTP 302
  • https://losangeles.travel-to-r7.com/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-long%2Ctemplate-regform%2Caction-no
Request Chain 4
  • https://r7.casino/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://r7.casino/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
losangeles.travel-to-r7.com/ru/signup/
Redirect Chain
  • https://selektorcasino3.click/
  • https://aristocratic-hall.com/s73da9d26
  • https://losangeles.travel-to-r7.com/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-long%2Ctemplate-regform%2Caction-no
357 B
921 B 		Document
General
Check archive.org
Download Go to
Full URL
https://losangeles.travel-to-r7.com/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-long%2Ctemplate-regform%2Caction-no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:54aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f7e2dcd5d795659425703d426f3f425230ea88124e61de00944c610bfb5a34

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8da17b4f9a2b6621-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 29 Oct 2024 07:34:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
unsafe-url
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pw9JTc5wWLvY3ZIRgSzI4uwGL5tTg8Mn8FyEwdupV5Dss%2Fj%2BIevhGWypKIsnb4k7KJeCI3mPhfnXOjf6S848bir0JxIELwMPgUmekDvpyclNksKAyNXVmXSzyUteQs5ypmdmuHUN1iu3x2Qb69PMVGQ4nzf0uDr86no%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=15454&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3978&recv_bytes=2386&delivery_rate=258109&cwnd=253&unsent_bytes=0&cid=39b0cc81b1ae5b46&ts=81&x=0"
vary
Accept-Encoding
x-robots-tag
none

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8da17b4e896eb89a-AMS
content-type
text/html; charset=utf-8
date
Tue, 29 Oct 2024 07:34:11 GMT
location
https://LosAngeles.travel-to-r7.com/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-long%2Ctemplate-regform%2Caction-no
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nwWIe1tkUl7%2BYpAVthjaztcM42i%2BJkoDmh8ViqfG8xNNqytEaPGCELz4GmqzbNOljVoTX7ULsrybn60Tdx%2FERjULBr2jNcIebSAdCXFwc1Bfwx1eHfK%2F1%2BQ8KuvR8RyP3ZoeKr7hXQE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15129&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4180&recv_bytes=4498&delivery_rate=694&cwnd=12000&unsent_bytes=0&cid=92a71db9ed06b359&ts=120&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=15724800; includeSubDomains max-age=31536000
vary
Accept-Encoding
Primary Request /
r7.casino/ru/signup/ 		1 MB
934 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r7.casino/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-long%2Ctemplate-regform%2Caction-no
Requested by
Host: losangeles.travel-to-r7.com
URL: https://losangeles.travel-to-r7.com/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-long%2Ctemplate-regform%2Caction-no
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.147.131 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b68cc7a4c663ad8867633277759a6880feb1124e87e494d19392fba991c553
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://losangeles.travel-to-r7.com/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-long%2Ctemplate-regform%2Caction-no
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=15
cf-ray
8da17b508dc16640-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 29 Oct 2024 07:34:11 GMT
expires
Tue, 29 Oct 2024 07:34:26 GMT
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
truncated
/ 		915 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bfed812e3f3b4b4350b79952e7f2089b6f3f24440b90b824a25bfb416e6ba382

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		54 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c42c6c00ad5f7e193433e3df9a1770a5935f1392002f3ea5a822a6427368e955

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd9a26030958b78e2bb5ef554758257b9e25889acaee0db35286f06877d568aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://r7.casino
Referer

Response headers

Content-Type
font/woff2
main.js
r7.casino/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/ Frame 43EF
Redirect Chain
  • https://r7.casino/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://r7.casino/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r7.casino/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
Protocol
H3
Server
172.64.147.131 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8860b8a55015c128c1e23c84ce2a7a060fb9f9e9b6e40bbb533bee333cbf2d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8da17b5369246640-AMS
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 07:34:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
cf-ray
8da17b5308b36640-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 29 Oct 2024 07:34:11 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
r7.casino/ 		1 MB
936 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://r7.casino/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.147.131 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cda6c0099a317082598731425aa760b2bbabffc8653325d4a8b5c76ab9ca16b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://r7.casino/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-long%2Ctemplate-regform%2Caction-no

Response headers

cache-control
max-age=15
content-encoding
br
referrer-policy
same-origin
cf-ray
8da17b5318bc6640-AMS
expires
Tue, 29 Oct 2024 07:34:26 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 07:34:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
8da17b508dc16640
r7.casino/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 43EF 		0
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r7.casino/cdn-cgi/challenge-platform/h/g/jsd/r/8da17b508dc16640
Requested by
Host: r7.casino
URL: https://r7.casino/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.147.131 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8da17b543a636640-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 29 Oct 2024 07:34:11 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery

4 Cookies

Domain/Path Name / Value
aristocratic-hall.com/ Name: eb3be230bbd2844b1f5d
Value: 67208ff38aa460dd58631df2
losangeles.travel-to-r7.com/ Name: __firstVisit
Value: 1730187251
.r7.casino/ Name: __cf_bm
Value: cAomnBF96LAArU_51CwgU04Rq7dVOQYc9waBULJrY_4-1730187251-1.0.1.1-rAqALw6KxfRj_KKw4HSxsB3fVPikzxlwxmZqoMJMXC3z2sl5_kggFukOd9O3MCQmbajkDpTdTN93wqB49LvlhQ
.r7.casino/ Name: cf_clearance
Value: IsAwau2f.GFADy8zT6TpZWWBlqOxT8aQGeYMDQ5a.UE-1730187251-1.2.1.1-XNfb7QruiTpG6FWQkUAJddRaNoVl1oLT4IFJMj28tvd6nKp5HDL77VBbGQs3NtYLMJfa7dNLYHVtAda8V18kUPAqlKB1vH4UzCTWYotkeUg0cu_cRl8pv4RF_boRW5Xvv5Bg0629qZW41Vfe9xUG3VjgTjl0f_hZ6PW8kaz0npJSAH9x6fTGUJdy9cui6n9cDWZ1fs5K1Jj0bO0opxOma1P8fGtm8SR4eQ.d19Zm.p9ZNiLkXiFb.fGHmyTvj17Tk7aqlXECxtfVXE0gaRMD37gPZHdl9o5APndbEiOw3_yzutMX18AmCZC28q.PVDitNd2Q57wJcHXjiUrAlR.0wXX8pjItaRYis58Anf5UM4luh8y4258qusdTXyfhV1w5

2 Console Messages

Source Level URL
Text
network error URL: https://r7.casino/ru/signup/?stag=112499_67208ff38aa460dd58631df2&tags=type-redirector%2Creg-long%2Ctemplate-regform%2Caction-no
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://r7.casino/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()