urlscan.io logo urlscan.io
SecurityTrails logo

www.ph.casino Open in urlscan Pro
2606:4700::6811:931e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://redirect2.cloud/gam/ph/
Effective URL: https://www.ph.casino/casino-games?affid=239192&camp=ph
Submission: On June 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2606:4700::6811:931e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ph.casino.
TLS certificate: Issued by GTS CA 2P2 on May 16th 2023. Valid for: 3 months.
This is the only time www.ph.casino was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2607:f1c0:100... 8560 (IONOS-AS ...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 2606:4700::68... 13335 (CLOUDFLAR...)
6 4
Apex Domain
Subdomains		 Transfer
4 ph.casino
www.ph.casino
241 KB
2 getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 11865
in.getclicky.com — Cisco Umbrella Rank: 10129
6 KB
1 redirect2.cloud
redirect2.cloud
512 B
6 3
Domain Requested by
4 www.ph.casino 1 redirects www.ph.casino
1 in.getclicky.com static.getclicky.com
1 static.getclicky.com redirect2.cloud
1 redirect2.cloud
6 4

This site contains no links.

Subject Issuer Validity Valid
*.redirect2.cloud
Encryption Everywhere DV TLS CA - G2		 2023-05-02 -
2024-05-01		 a year crt.sh
*.getclicky.com
E1		 2023-06-09 -
2023-09-07		 3 months crt.sh
ph.casino
GTS CA 2P2		 2023-05-16 -
2023-08-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.ph.casino/casino-games?affid=239192&camp=ph
Frame ID: B1D3280D0224057B455C3A282F3F72F4
Requests: 10 HTTP requests in this frame

Frame: https://www.ph.casino/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Frame ID: F0DB5AE9C11B014E436073782F4CE9E1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Usoftgaming - online casino

Page URL History Show full URLs

  1. https://redirect2.cloud/gam/ph/ Page URL
  2. https://www.ph.casino/casino-games?affid=239192&camp=ph Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.getclicky\.com

Page Statistics

6
Requests

83 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

269 kB
Transfer

708 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://redirect2.cloud/gam/ph/ Page URL
  2. https://www.ph.casino/casino-games?affid=239192&camp=ph Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www.ph.casino/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://www.ph.casino/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
redirect2.cloud/gam/ph/ 		597 B
512 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect2.cloud/gam/ph/?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::200 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
129135ed55d06d07785a39d269795b51c3d552924cd5d3f328636260c409ae85

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Jun 2023 14:45:15 GMT
server
Apache
js
static.getclicky.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getclicky.com/js
Requested by
Host: redirect2.cloud
URL: https://redirect2.cloud/gam/ph/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:616c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3847d6f53d97dd5ab54a4e0fef81f1c82bcd95df0621b6abe81a1942a7fa555

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redirect2.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires
Mon, 26 Jun 2023 20:27:42 GMT
date
Sat, 24 Jun 2023 14:45:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 19 Jun 2023 20:27:42 GMT
server
cloudflare
age
411449
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7dc5c0e4cdbb2bf0-FRA
alt-svc
h3=":443"; ma=86400
x-proxy-cache
EXPIRED
in.php
in.getclicky.com/ 		127 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.getclicky.com/in.php?site_id=101408482&type=pageview&href=%2Fgam%2Fph%2F&title=PH&res=1600x1200&lang=en-US&tz=Etc%2FUnknown&tc=&ck=1&mime=js&x=0.24878968416490843
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:616c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60c69a1828eb833f47e02834b360623dadb1b977a53ccf5549f727173f6d70c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redirect2.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 14:45:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7dc5c0e67fc92bf0-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 26 Jul 1997 05:00:00 GMT
Primary Request casino-games
www.ph.casino/ 		553 KB
237 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ph.casino/casino-games?affid=239192&camp=ph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:931e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70270055195c9aed4185f4ba71b98d15b72a2077bc8ed98c904f12f990ade5d8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://redirect2.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7dc5c0ec29c7901f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 24 Jun 2023 14:45:16 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
truncated
/ 		59 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7395cf6147df4224e8e764fecb202db308b7681d2d491ac915eb490fb1ade6f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a1580645e3bff39ea13e21ded1f8820268b5d26bcf10b23db6e127aab84e61c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b27c8bb5e4669e12f738c5272b32ad78ead58b10c4ef1ec83fc9085079598da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		72 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
248cbe04f5eee7bf9a2d8d0281c9512bd13285bf87e5ec227d64cebe88d3c3f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
059d76579f18eabfa5c4697b6cd402bc6a20035afaa698cb2b6945ae677197f8

Request headers

Referer
Origin
https://www.ph.casino
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
application/font-woff
invisible.js
www.ph.casino/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/ Frame F0DB
Redirect Chain
  • https://www.ph.casino/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://www.ph.casino/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ph.casino/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Protocol
H2
Server
2606:4700::6811:931e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac56d0f4b49511b3f4b29bd5c7b2556dc4217ce359eda4efdde49b7b7caf2ccf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 14:45:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7dc5c0ecea70901f-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 24 Jun 2023 14:45:16 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
cache-control
max-age=300, public
cf-ray
7dc5c0ecda4f901f-FRA
alt-svc
h3=":443"; ma=86400
7dc5c0ec29c7901f
www.ph.casino/cdn-cgi/challenge-platform/h/g/cv/result/ Frame F0DB 		0
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ph.casino/cdn-cgi/challenge-platform/h/g/cv/result/7dc5c0ec29c7901f
Requested by
Host: www.ph.casino
URL: https://www.ph.casino/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:931e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 24 Jun 2023 14:45:17 GMT
content-encoding
br
server
cloudflare
cf-ray
7dc5c0ee19dc9a33-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

2 Cookies

Domain/Path Name / Value
.redirect2.cloud/ Name: _jsuid
Value: 4272516075
.ph.casino/ Name: __cf_bm
Value: 0cCD5u4fn7SijQ4SaaFk77f7YHj7B9WNrIUsFLGDSyY-1687617917-0-AVjBDs1N8UuDR11/1VBcHorj1MC6AEFDTLBZGydmCqKMcc4wTxDVYHWeI6qLexbDHjwO6Lc17R1kCeyXstNE8RMfGBWmo9JxT4EgUeF2ihku

1 Console Messages

Source Level URL
Text
network error URL: https://www.ph.casino/casino-games?affid=239192&camp=ph
Message:
Failed to load resource: the server responded with a status of 403 ()