Report - 1csnl4bero.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q

Report Overview

Visited public
2025-03-09 19:36:58
Tags
URL
1csnl4bero.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Finishing URL
casinolab.com/no/registration
IP / ASN
185.207.196.168
#0
Title
CasinoLab

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondnsresolve.com	unknown	2017-11-23	2023-03-14	2025-03-07	473 B	998 B	54.74.59.74
pbwvq8hmmkd0eq7z9sb.seondnsresolve.com	unknown	unknown	No data	No data	501 B	1.3 kB	143.204.55.12
wss	unknown	unknown	2025-03-02	2025-03-09	831 B	295 B	185.207.197.21
cdn.seondf.com	200610	2021-06-30	2021-07-27	2025-03-05	415 B	578 kB	104.21.32.1
casinolab.com	unknown	2003-07-31	2016-07-03	2025-03-07	7.7 kB	3.3 MB	185.207.197.21
1csnl4bero.com	unknown	2024-11-22	2024-12-06	2025-03-07	573 B	27 kB	185.207.196.168
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-03-05	1.1 kB	17 kB	142.250.74.35
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-03-05	940 B	6.4 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-03-09 19:36:43	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-09	medium	wss	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	From	Size	First Seen	Last Seen
	casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/runtime.35e61e194a8ea023.js	ScriptElement	5.2 kB	2025-02-27	2025-03-09
Pretty URL casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/runtime.35e61e194a8ea023.js IP 185.207.197.21 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-27 23:31 Last Seen2025-03-09 19:37 Times Seen4 Hash 10f27a89cb22602fa2e825b00b09d2ae b4f57f199fa2d1fe7dab0e85e3f1d200a07091e2 ec2dc4c76fdde1f812823a6ba2ca1b91bbf986e420ca9cd50e90ec621ec4cdb7 Loading...

	casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q	EventHandler	16 B	2023-04-10	2025-06-17
Pretty URL casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q IP 185.207.197.21 ASN #0 Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57 Last Seen2025-06-17 05:41 Times Seen61505 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/polyfills.4ff008e02df969f0.js	ScriptElement	0 B	0001-01-01	2025-06-17
Pretty URL casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/polyfills.4ff008e02df969f0.js IP 185.207.197.21 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-06-17 05:47 Times Seen4986962 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q	ScriptElement	921 B	2025-03-09	2025-03-09
Pretty URL casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q IP 185.207.197.21 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-09 19:37 Last Seen2025-03-09 19:37 Times Seen1 Hash 02ce223e26aa6d29761c34c3c4157361 77d7250ff9d7642cffadecfc37ec41d6566f32ed 6cb700d66a2734e40d61fd71cf2a178879a29b440533650835c183160ea0e5c7 Loading...

	cdn.seondf.com/js/v5/agent.js	ScriptElement	576 kB	2025-01-16	2025-06-16
Pretty URL cdn.seondf.com/js/v5/agent.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-16 01:10 Last Seen2025-06-16 03:49 Times Seen410 Hash 1fb3aa87c6b47729a32122041c965077 fba9a0f415090e98093eea3f8ec1325b690e3e7c e34d9b1f04ed5609baf0b372c49c819a2cce2def987a5ba2d91cae8a9e6ff078 Loading...

	casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/main.2f6d5f2dedd1e3da.js	ScriptElement	1.3 MB	2025-02-27	2025-03-09
Pretty URL casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/main.2f6d5f2dedd1e3da.js IP 185.207.197.21 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-27 23:31 Last Seen2025-03-09 19:37 Times Seen4 Hash c0546591f65e2383f5c6f29fa0554011 c881f78b3cead99e312c701dcaef1d7ff0039758 91b4fa19bf058b6b16a2a8e61ff4954ab6ae27f04f7585b42b6f8a32acdcd47b Loading...

	about:blank	ScriptElement	236 B	2025-03-09	2025-03-09
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-09 19:37 Last Seen2025-03-09 19:37 Times Seen1 Hash bdf5035515b29c4dfbc13f09dd25dd66 7ec380fd3b9eae02e56d54d5a187c5bd5bd30856 43d25436087534ca4fa0d981596c392344e7229717e9c3be441059ff9bb2927c Loading...

	casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q	ScriptElement	921 B	2025-03-09	2025-03-09
Pretty URL casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q IP 185.207.197.21 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-09 19:37 Last Seen2025-03-09 19:37 Times Seen1 Hash 9660dfe5704a5a99ca284d8d6f55cb08 9dddd0213d76b034d59d588cb4d4f3e313a4d5c1 d0b6e57e1b27af5f880a10f48d9427f666106c70909dd5f84b73112438de7e89 Loading...

	casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/main.2f6d5f2dedd1e3da.js	ScriptElement	1.3 MB	2025-02-27	2025-03-09
Pretty URL casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/main.2f6d5f2dedd1e3da.js IP 185.207.197.21 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-27 23:31 Last Seen2025-03-09 19:37 Times Seen4 Hash c0546591f65e2383f5c6f29fa0554011 c881f78b3cead99e312c701dcaef1d7ff0039758 91b4fa19bf058b6b16a2a8e61ff4954ab6ae27f04f7585b42b6f8a32acdcd47b Loading...

	about:blank	ScriptElement	236 B	2025-03-09	2025-03-09
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-09 19:37 Last Seen2025-03-09 19:37 Times Seen1 Hash 0ab07cf86cb434d26ee5894c864e1a02 b254d4c75127ec5877c2c5e6cbea2e2bfbcfe138 d4f2288dc86f742ab1d6729326a0f181faa1e9be731cc8d9e805666a1f455425 Loading...

	cdn.seondf.com/js/v5/agent.js	ScriptElement	0 B	0001-01-01	2025-06-17
Pretty URL cdn.seondf.com/js/v5/agent.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-06-17 05:47 Times Seen4986962 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/polyfills.4ff008e02df969f0.js	ScriptElement	35 kB	2024-12-07	2025-05-12
Pretty URL casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/polyfills.4ff008e02df969f0.js IP 185.207.197.21 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-07 20:00 Last Seen2025-05-12 00:49 Times Seen15 Hash bfc6406e6777247b022424d7369a6cb3 f1d3baddaa267c492cba7f366bf136840263dbb3 dfd5d6961f9f1566c091369f1834ccd6cc0d1bfd05581eecae376ccd6e710f3f Loading...

	casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/runtime.35e61e194a8ea023.js	ScriptElement	5.2 kB	2025-02-27	2025-03-09
Pretty URL casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/runtime.35e61e194a8ea023.js IP 185.207.197.21 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-27 23:31 Last Seen2025-03-09 19:37 Times Seen4 Hash 10f27a89cb22602fa2e825b00b09d2ae b4f57f199fa2d1fe7dab0e85e3f1d200a07091e2 ec2dc4c76fdde1f812823a6ba2ca1b91bbf986e420ca9cd50e90ec621ec4cdb7 Loading...

HTTP Transactions (19)

URL IP Response Size

casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/runtime.35e61e194a8ea023.js

185.207.197.21

200 OK

5.2 kB

URL GET
casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/runtime.35e61e194a8ea023.js
IP
185.207.197.21:443
ASN
#0

Requested by
https://casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subjectcasinolab.com
Fingerprint07:8E:F2:5F:06:BF:62:E5:66:50:61:5D:AB:FE:96:D4:8B:6D:DF:2A
ValiditySun, 16 Feb 2025 17:53:36 GMT - Sat, 17 May 2025 18:53:31 GMT

File type
JavaScript source, ASCII text, with very long lines (5378), with no line terminators
Size
5.2 kB (5183 bytes)
Hash
c8a9a7ae6c69b51a78bc6c5d8fe57b43
e93f48c1258264c000cf698dcc165c721b844e62
48721dabebf1a5bec169ffa9a704f9dc100b321ee6173acc32a40152366e019a

HTTP Headers

GET /cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/runtime.35e61e194a8ea023.js HTTP/1.1
Host: casinolab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
DNT: 1
Connection: keep-alive
Cookie: user="0b917d5ac443486f"; __cf_bm=FK2wHFCL8Dh9nFOHrONi6q2.pscm_k8nLGVc8oyTuYY-1741548997-1.0.1.1-F._14U6XQucCv1gaDPPRt0Nu1sFpnxcheIef.LCkVrLje7TlrZYbYr.1jp6CC3q8MSMCqsDY7yaS9urFn0vqhM2nzcWgAJkKJG8MbFraYnA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 09 Mar 2025 19:36:41 GMT
content-type: application/javascript
cf-ray: 91dd05c85db4eb46-CPH
cf-cache-status: HIT
age: 4
cache-control: public, max-age=14400
content-encoding: gzip
etag: W/"10f27a89cb22602fa2e825b00b09d2ae"
expires: Sun, 09 Mar 2025 19:57:41 GMT
last-modified: Tue, 25 Feb 2025 08:21:58 GMT
vary: Accept-Encoding
priority: u=3,i=?0
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

1csnl4bero.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q

185.207.196.168

307 Temporary Redirect

27 kB

URL User Request GET
1csnl4bero.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
IP
185.207.196.168:443
ASN
#0

Certificate
IssuerGoogle Trust Services
Subject1csnl4bero.com
Fingerprint02:38:93:2D:0A:1C:B0:C4:DE:29:E1:14:7B:CD:3B:9C:89:CD:68:CC
ValidityThu, 23 Jan 2025 14:27:57 GMT - Wed, 23 Apr 2025 15:27:54 GMT

File type

Size
27 kB (26792 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q HTTP/1.1
Host: 1csnl4bero.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Sun, 09 Mar 2025 19:36:37 GMT
content-length: 0
location: https://casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
set-cookie: __cf_bm=8fP9ZVgVhkLwX1ocXek7n8qqWWfZx_5_DIXudE76OPk-1741548997-1.0.1.1-YhlvrYFAsYZ.QC5VMTqW2b1Hh9aBZn_a1mHTeo4VL2_fhqx27x7e4QoGeZXniaybHG_1PfaLUoy9DBc_QWwc9LmwWMgUqt41CzCj0ROWWxY; path=/; expires=Sun, 09-Mar-25 20:06:37 GMT; domain=.1csnl4bero.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 91dd05af7a6092a4-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/runtime.35e61e194a8ea023.js

185.207.197.21

200 OK

5.2 kB

URL GET
casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/runtime.35e61e194a8ea023.js
IP
185.207.197.21:443
ASN
#0

Requested by
https://casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subjectcasinolab.com
Fingerprint07:8E:F2:5F:06:BF:62:E5:66:50:61:5D:AB:FE:96:D4:8B:6D:DF:2A
ValiditySun, 16 Feb 2025 17:53:36 GMT - Sat, 17 May 2025 18:53:31 GMT

File type
JavaScript source, ASCII text, with very long lines (5378), with no line terminators
Size
5.2 kB (5183 bytes)
Hash
c8a9a7ae6c69b51a78bc6c5d8fe57b43
e93f48c1258264c000cf698dcc165c721b844e62
48721dabebf1a5bec169ffa9a704f9dc100b321ee6173acc32a40152366e019a

HTTP Headers

GET /cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/runtime.35e61e194a8ea023.js HTTP/1.1
Host: casinolab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
DNT: 1
Connection: keep-alive
Cookie: user="0b917d5ac443486f"; __cf_bm=FK2wHFCL8Dh9nFOHrONi6q2.pscm_k8nLGVc8oyTuYY-1741548997-1.0.1.1-F._14U6XQucCv1gaDPPRt0Nu1sFpnxcheIef.LCkVrLje7TlrZYbYr.1jp6CC3q8MSMCqsDY7yaS9urFn0vqhM2nzcWgAJkKJG8MbFraYnA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 09 Mar 2025 19:36:37 GMT
content-type: application/javascript
cf-ray: 91dd05b33a97eb46-CPH
cf-cache-status: HIT
cache-control: public, max-age=14400
content-encoding: gzip
etag: W/"10f27a89cb22602fa2e825b00b09d2ae"
expires: Sun, 09 Mar 2025 19:57:41 GMT
last-modified: Tue, 25 Feb 2025 08:21:58 GMT
vary: Accept-Encoding
priority: u=3,i=?0
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/polyfills.4ff008e02df969f0.js

185.207.197.21

200 OK

35 kB

URL GET
casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/polyfills.4ff008e02df969f0.js
IP
185.207.197.21:443
ASN
#0

Requested by
https://casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subjectcasinolab.com
Fingerprint07:8E:F2:5F:06:BF:62:E5:66:50:61:5D:AB:FE:96:D4:8B:6D:DF:2A
ValiditySun, 16 Feb 2025 17:53:36 GMT - Sat, 17 May 2025 18:53:31 GMT

File type
JavaScript source, ASCII text, with very long lines (34811), with no line terminators
Size
35 kB (34811 bytes)
Hash
bfc6406e6777247b022424d7369a6cb3
f1d3baddaa267c492cba7f366bf136840263dbb3
dfd5d6961f9f1566c091369f1834ccd6cc0d1bfd05581eecae376ccd6e710f3f

HTTP Headers

GET /cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/polyfills.4ff008e02df969f0.js HTTP/1.1
Host: casinolab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
DNT: 1
Connection: keep-alive
Cookie: user="0b917d5ac443486f"; __cf_bm=FK2wHFCL8Dh9nFOHrONi6q2.pscm_k8nLGVc8oyTuYY-1741548997-1.0.1.1-F._14U6XQucCv1gaDPPRt0Nu1sFpnxcheIef.LCkVrLje7TlrZYbYr.1jp6CC3q8MSMCqsDY7yaS9urFn0vqhM2nzcWgAJkKJG8MbFraYnA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 09 Mar 2025 19:36:37 GMT
content-type: application/javascript
cf-ray: 91dd05b33a9aeb46-CPH
cf-cache-status: HIT
cache-control: public, max-age=14400
content-encoding: gzip
etag: W/"bfc6406e6777247b022424d7369a6cb3"
expires: Sun, 09 Mar 2025 22:22:58 GMT
last-modified: Tue, 25 Feb 2025 08:21:58 GMT
vary: Accept-Encoding
priority: u=3,i=?0
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.35

200 OK

7.7 kB

URL GET
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5
ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://casinolab.com
DNT: 1
Connection: keep-alive
Referer: https://casinolab.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Mar 2025 10:48:48 GMT
expires: Fri, 06 Mar 2026 10:48:48 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 04 Dec 2024 06:54:05 GMT
content-type: font/woff2
age: 290869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/polyfills.4ff008e02df969f0.js

185.207.197.21

200 OK

35 kB

URL GET
casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/polyfills.4ff008e02df969f0.js
IP
185.207.197.21:443
ASN
#0

Requested by
https://casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subjectcasinolab.com
Fingerprint07:8E:F2:5F:06:BF:62:E5:66:50:61:5D:AB:FE:96:D4:8B:6D:DF:2A
ValiditySun, 16 Feb 2025 17:53:36 GMT - Sat, 17 May 2025 18:53:31 GMT

File type
JavaScript source, ASCII text, with very long lines (34811), with no line terminators
Size
35 kB (34811 bytes)
Hash
bfc6406e6777247b022424d7369a6cb3
f1d3baddaa267c492cba7f366bf136840263dbb3
dfd5d6961f9f1566c091369f1834ccd6cc0d1bfd05581eecae376ccd6e710f3f

HTTP Headers

GET /cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/polyfills.4ff008e02df969f0.js HTTP/1.1
Host: casinolab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
DNT: 1
Connection: keep-alive
Cookie: user="0b917d5ac443486f"; __cf_bm=FK2wHFCL8Dh9nFOHrONi6q2.pscm_k8nLGVc8oyTuYY-1741548997-1.0.1.1-F._14U6XQucCv1gaDPPRt0Nu1sFpnxcheIef.LCkVrLje7TlrZYbYr.1jp6CC3q8MSMCqsDY7yaS9urFn0vqhM2nzcWgAJkKJG8MbFraYnA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 09 Mar 2025 19:36:41 GMT
content-type: application/javascript
cf-ray: 91dd05c85db8eb46-CPH
cf-cache-status: HIT
age: 4
cache-control: public, max-age=14400
content-encoding: gzip
etag: W/"bfc6406e6777247b022424d7369a6cb3"
expires: Sun, 09 Mar 2025 22:22:58 GMT
last-modified: Tue, 25 Feb 2025 08:21:58 GMT
vary: Accept-Encoding
priority: u=3,i=?0
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/main.2f6d5f2dedd1e3da.js

185.207.197.21

200 OK

1.3 MB

URL GET
casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/main.2f6d5f2dedd1e3da.js
IP
185.207.197.21:443
ASN
#0

Requested by
https://casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subjectcasinolab.com
Fingerprint07:8E:F2:5F:06:BF:62:E5:66:50:61:5D:AB:FE:96:D4:8B:6D:DF:2A
ValiditySun, 16 Feb 2025 17:53:36 GMT - Sat, 17 May 2025 18:53:31 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
1.3 MB (1335873 bytes)
Hash
c0546591f65e2383f5c6f29fa0554011
c881f78b3cead99e312c701dcaef1d7ff0039758
91b4fa19bf058b6b16a2a8e61ff4954ab6ae27f04f7585b42b6f8a32acdcd47b

HTTP Headers

GET /cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/main.2f6d5f2dedd1e3da.js HTTP/1.1
Host: casinolab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
DNT: 1
Connection: keep-alive
Cookie: user="0b917d5ac443486f"; __cf_bm=FK2wHFCL8Dh9nFOHrONi6q2.pscm_k8nLGVc8oyTuYY-1741548997-1.0.1.1-F._14U6XQucCv1gaDPPRt0Nu1sFpnxcheIef.LCkVrLje7TlrZYbYr.1jp6CC3q8MSMCqsDY7yaS9urFn0vqhM2nzcWgAJkKJG8MbFraYnA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 09 Mar 2025 19:36:41 GMT
content-type: application/javascript
cf-ray: 91dd05c86deaeb46-CPH
cf-cache-status: HIT
age: 4
cache-control: public, max-age=14400
content-encoding: gzip
etag: W/"c0546591f65e2383f5c6f29fa0554011"
expires: Sun, 09 Mar 2025 22:22:57 GMT
last-modified: Tue, 25 Feb 2025 08:21:58 GMT
vary: Accept-Encoding
priority: u=3,i=?0
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/assets/images/preloader.gif

185.207.197.21

200 OK

352 kB

URL GET
casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/assets/images/preloader.gif
IP
185.207.197.21:443
ASN
#0

Requested by
https://casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subjectcasinolab.com
Fingerprint07:8E:F2:5F:06:BF:62:E5:66:50:61:5D:AB:FE:96:D4:8B:6D:DF:2A
ValiditySun, 16 Feb 2025 17:53:36 GMT - Sat, 17 May 2025 18:53:31 GMT

File type
RIFF (little-endian) data, Web/P image
Size
352 kB (352032 bytes)
Hash
95d44c870e5f95f97d332c8580f042c3
b1cb4e2f2afa16b9bb9e04c1e3fffdc900f1cc10
10b9492b97e76bef815f149ef37da9a2fe62a3d15cee2b34eca64ff177b5f94d

HTTP Headers

GET /cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/assets/images/preloader.gif HTTP/1.1
Host: casinolab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
DNT: 1
Connection: keep-alive
Cookie: user="0b917d5ac443486f"; __cf_bm=FK2wHFCL8Dh9nFOHrONi6q2.pscm_k8nLGVc8oyTuYY-1741548997-1.0.1.1-F._14U6XQucCv1gaDPPRt0Nu1sFpnxcheIef.LCkVrLje7TlrZYbYr.1jp6CC3q8MSMCqsDY7yaS9urFn0vqhM2nzcWgAJkKJG8MbFraYnA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 09 Mar 2025 19:36:37 GMT
content-type: image/webp
content-length: 352032
cf-ray: 91dd05b33a8eeb46-CPH
cf-cache-status: HIT
accept-ranges: bytes
age: 1075193
cache-control: public, max-age=14400
content-disposition: inline; filename="preloader.webp"
etag: "0c13efffdc9b6010641259d280ba8c5f"
expires: Tue, 25 Feb 2025 12:24:24 GMT
last-modified: Tue, 25 Feb 2025 08:21:54 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=gif, origSize=672794
priority: u=4,i=?0
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

fonts.googleapis.com/css2?family=Poppins:wght@500;600;700&display=swap

142.250.74.10

200 OK

2.5 kB

URL GET
fonts.googleapis.com/css2?family=Poppins:wght@500;600;700&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintF1:11:17:AF:9C:89:34:EE:D5:CB:84:40:84:EA:01:19:A9:F6:ED:C2
ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT

File type
ASCII text, with very long lines (2592), with no line terminators
Size
2.5 kB (2538 bytes)
Hash
f0266c3bb816f936050f3da279ca42b5
33b59a56dff36a5908b5675da25eed30fcda5bbf
ff4d4919451ab5250af2b3bfb8f7ae1be3b81a54bea91bad84beb441a81dc559

HTTP Headers

GET /css2?family=Poppins:wght@500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casinolab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 09 Mar 2025 19:36:37 GMT
date: Sun, 09 Mar 2025 19:36:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/styles.f29a4f042b0905a7.css

185.207.197.21

200 OK

108 kB

URL GET
casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/styles.f29a4f042b0905a7.css
IP
185.207.197.21:443
ASN
#0

Requested by
https://casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subjectcasinolab.com
Fingerprint07:8E:F2:5F:06:BF:62:E5:66:50:61:5D:AB:FE:96:D4:8B:6D:DF:2A
ValiditySun, 16 Feb 2025 17:53:36 GMT - Sat, 17 May 2025 18:53:31 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
108 kB (107840 bytes)
Hash
c0e62014ed1680d5983eb26f311a75ef
656abcbf36bffe61acd3413334576d8c33d3f834
0a649521f889fa82225eef9a4a2c9679651e8b1146a45f49b28bf06d0281ef83

HTTP Headers

GET /cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/styles.f29a4f042b0905a7.css HTTP/1.1
Host: casinolab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
DNT: 1
Connection: keep-alive
Cookie: user="0b917d5ac443486f"; __cf_bm=FK2wHFCL8Dh9nFOHrONi6q2.pscm_k8nLGVc8oyTuYY-1741548997-1.0.1.1-F._14U6XQucCv1gaDPPRt0Nu1sFpnxcheIef.LCkVrLje7TlrZYbYr.1jp6CC3q8MSMCqsDY7yaS9urFn0vqhM2nzcWgAJkKJG8MbFraYnA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 09 Mar 2025 19:36:37 GMT
content-type: text/css
cf-ray: 91dd05b34aefeb46-CPH
cf-cache-status: HIT
age: 10575
cache-control: public, max-age=14400
content-encoding: gzip
etag: W/"c0e62014ed1680d5983eb26f311a75ef"
expires: Sun, 09 Mar 2025 16:53:23 GMT
last-modified: Tue, 25 Feb 2025 08:21:58 GMT
vary: Accept-Encoding
priority: u=4,i=?0
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

fonts.googleapis.com/css2?family=Poppins:wght@500;600;700&display=swap

142.250.74.10

200 OK

2.5 kB

URL GET
fonts.googleapis.com/css2?family=Poppins:wght@500;600;700&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintF1:11:17:AF:9C:89:34:EE:D5:CB:84:40:84:EA:01:19:A9:F6:ED:C2
ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT

File type
ASCII text, with very long lines (2592), with no line terminators
Size
2.5 kB (2538 bytes)
Hash
f0266c3bb816f936050f3da279ca42b5
33b59a56dff36a5908b5675da25eed30fcda5bbf
ff4d4919451ab5250af2b3bfb8f7ae1be3b81a54bea91bad84beb441a81dc559

HTTP Headers

GET /css2?family=Poppins:wght@500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casinolab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 09 Mar 2025 19:36:41 GMT
date: Sun, 09 Mar 2025 19:36:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondnsresolve.com/

54.74.59.74

200

800 B

URL GET
eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondnsresolve.com/
IP
54.74.59.74:443
ASN
#16509 AMAZON-02

Requested by
https://casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerSectigo Limited
Subjecteb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondnsresolve.com
FingerprintF0:01:26:37:F7:6B:3A:26:65:34:C4:ED:48:26:E1:FC:97:C4:BC:6A
ValidityMon, 03 Mar 2025 00:00:00 GMT - Fri, 03 Apr 2026 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (801), with no line terminators
Size
800 B (800 bytes)
Hash
4e6535b7b88cc431aa0209ff2fab9829
67f340eacf5bfaa7b727698f702d1a83c3c32d9f
fb393e88f6a4d8d2a62981c79b1bd96807d76364e137f8963ddcc320772b132c

HTTP Headers

GET / HTTP/1.1
Host: eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondnsresolve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://casinolab.com
DNT: 1
Connection: keep-alive
Referer: https://casinolab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
connection: close
content-length: 800
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
date: Sun, 09 Mar 2025 19:36:42 GMT

fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.35

200 OK

7.7 kB

URL GET
fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA4:5F:89:8D:68:B4:5F:99:BE:F5:66:6F:C1:5E:A5:8C:72:BF:1E:D5
ValidityWed, 26 Feb 2025 15:33:59 GMT - Wed, 21 May 2025 15:33:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://casinolab.com
DNT: 1
Connection: keep-alive
Referer: https://casinolab.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Mar 2025 10:48:48 GMT
expires: Fri, 06 Mar 2026 10:48:48 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 04 Dec 2024 06:54:05 GMT
content-type: font/woff2
age: 290873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pbwvq8hmmkd0eq7z9sb.seondnsresolve.com/

143.204.55.12

200 OK

702 B

URL POST
pbwvq8hmmkd0eq7z9sb.seondnsresolve.com/
IP
143.204.55.12:443
ASN
#16509 AMAZON-02

Requested by
https://casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerAmazon
Subject*.seondnsresolve.com
Fingerprint02:41:63:CC:4C:FE:97:46:D1:CA:14:DA:AC:AA:5F:69:17:2B:3E:DD
ValiditySun, 08 Sep 2024 00:00:00 GMT - Mon, 06 Oct 2025 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (706), with no line terminators
Size
702 B (702 bytes)
Hash
6b1b0e685775580c0858fe524fe6bd9c
3c874eed47f083a93aeb201e458830d5fbd26ce7
c501d39be6e2fafb8f88771c55fecb36065f423aae96fcccff2f926b484fc69d

HTTP Headers

POST / HTTP/1.1
Host: pbwvq8hmmkd0eq7z9sb.seondnsresolve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 7550
Origin: https://casinolab.com
DNT: 1
Connection: keep-alive
Referer: https://casinolab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
content-length: 702
date: Sun, 09 Mar 2025 19:36:43 GMT
access-control-allow-credentials: true
x-amzn-requestid: 751dcbd2-072f-4656-968c-ed48c1a80e03
access-control-allow-origin: *
x-amz-apigw-id: HLIX5EL1DoEEaFA=
x-amzn-trace-id: Root=1-67cdedcb-27547c8112b5d99f082cc62c;Parent=3ce654ca4b9fcec5;Sampled=0;Lineage=1:f9daf2f9:0
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _uyCs1UGJUPC3b13RcejBRoFr1oXYoOgdygbA-vF0PaWdeurPj9k5g==
X-Firefox-Spdy: h2

casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q

185.207.197.21

200 OK

27 kB

URL User Request GET
casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
IP
185.207.197.21:443
ASN
#0

Certificate
IssuerGoogle Trust Services
Subjectcasinolab.com
Fingerprint07:8E:F2:5F:06:BF:62:E5:66:50:61:5D:AB:FE:96:D4:8B:6D:DF:2A
ValiditySun, 16 Feb 2025 17:53:36 GMT - Sat, 17 May 2025 18:53:31 GMT

File type
HTML document, ASCII text, with very long lines (18102)
Size
27 kB (26792 bytes)
Hash
05062562a47beaae2dc98253ed300ecf
35ae1d1688d9a6fd099f44217216d7d99db2b308
a318ca03638f0b9d23443d93e68daa2192290b1bae4c758c3556ed9dc74aec27

HTTP Headers

GET /registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q HTTP/1.1
Host: casinolab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 09 Mar 2025 19:36:37 GMT
content-type: text/html
cf-ray: 91dd05b08ec5abd2-CPH
cf-cache-status: DYNAMIC
cache-control: no-cache
last-modified: Tue, 25 Feb 2025 08:17:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: user="0b917d5ac443486f"; HttpOnly
__cf_bm=FK2wHFCL8Dh9nFOHrONi6q2.pscm_k8nLGVc8oyTuYY-1741548997-1.0.1.1-F._14U6XQucCv1gaDPPRt0Nu1sFpnxcheIef.LCkVrLje7TlrZYbYr.1jp6CC3q8MSMCqsDY7yaS9urFn0vqhM2nzcWgAJkKJG8MbFraYnA; path=/; expires=Sun, 09-Mar-25 20:06:37 GMT; domain=.casinolab.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q

185.207.197.21

200 OK

27 kB

URL User Request GET
casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
IP
185.207.197.21:443
ASN
#0

Certificate
IssuerGoogle Trust Services
Subjectcasinolab.com
Fingerprint07:8E:F2:5F:06:BF:62:E5:66:50:61:5D:AB:FE:96:D4:8B:6D:DF:2A
ValiditySun, 16 Feb 2025 17:53:36 GMT - Sat, 17 May 2025 18:53:31 GMT

File type
HTML document, ASCII text, with very long lines (18102)
Size
27 kB (26792 bytes)
Hash
ae99ef6ecd91aa5ee01525084397f674
5c1c6e9a264085313c829b8c2af4e6f787ae8158
0b560d6ee3f5bf649b6189a8558e26dcc163f4159add7c3c0af459da8bf606c8

HTTP Headers

GET /no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q HTTP/1.1
Host: casinolab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casinolab.com/registration
DNT: 1
Connection: keep-alive
Cookie: user="0b917d5ac443486f"; __cf_bm=FK2wHFCL8Dh9nFOHrONi6q2.pscm_k8nLGVc8oyTuYY-1741548997-1.0.1.1-F._14U6XQucCv1gaDPPRt0Nu1sFpnxcheIef.LCkVrLje7TlrZYbYr.1jp6CC3q8MSMCqsDY7yaS9urFn0vqhM2nzcWgAJkKJG8MbFraYnA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 09 Mar 2025 19:36:38 GMT
content-type: text/html
cf-ray: 91dd05b9e880eb46-CPH
cf-cache-status: DYNAMIC
cache-control: no-cache
last-modified: Tue, 25 Feb 2025 08:17:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload always
referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
priority: u=1,i=?0
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

wss://casinolab.com/v3/socket/?lang=no&EIO=4&transport=websocket

185.207.197.21

101 Switching Protocols

0 B

URL GET
wss://casinolab.com/v3/socket/?lang=no&EIO=4&transport=websocket
IP
185.207.197.21:443
ASN
#0

Requested by
https://casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subjectcasinolab.com
Fingerprint07:8E:F2:5F:06:BF:62:E5:66:50:61:5D:AB:FE:96:D4:8B:6D:DF:2A
ValiditySun, 16 Feb 2025 17:53:36 GMT - Sat, 17 May 2025 18:53:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /v3/socket/?lang=no&EIO=4&transport=websocket HTTP/1.1
Host: casinolab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://casinolab.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: puGyaTaqwIsWaVBxWiEjzg==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: ws="8c1c501f76fcb61d"; user="0b917d5ac443486f"; __cf_bm=FK2wHFCL8Dh9nFOHrONi6q2.pscm_k8nLGVc8oyTuYY-1741548997-1.0.1.1-F._14U6XQucCv1gaDPPRt0Nu1sFpnxcheIef.LCkVrLje7TlrZYbYr.1jp6CC3q8MSMCqsDY7yaS9urFn0vqhM2nzcWgAJkKJG8MbFraYnA
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Sun, 09 Mar 2025 19:36:41 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: laQXDCqzdg+tXfobtozVOfuyu74=
CF-Ray: 91dd05cdaee692b8-CPH
CF-Cache-Status: DYNAMIC
Vary: Accept-Encoding
Server: cloudflare
alt-svc: h3=":443"; ma=86400

casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/main.2f6d5f2dedd1e3da.js

185.207.197.21

200 OK

1.3 MB

URL GET
casinolab.com/cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/main.2f6d5f2dedd1e3da.js
IP
185.207.197.21:443
ASN
#0

Requested by
https://casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subjectcasinolab.com
Fingerprint07:8E:F2:5F:06:BF:62:E5:66:50:61:5D:AB:FE:96:D4:8B:6D:DF:2A
ValiditySun, 16 Feb 2025 17:53:36 GMT - Sat, 17 May 2025 18:53:31 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
1.3 MB (1335873 bytes)
Hash
c0546591f65e2383f5c6f29fa0554011
c881f78b3cead99e312c701dcaef1d7ff0039758
91b4fa19bf058b6b16a2a8e61ff4954ab6ae27f04f7585b42b6f8a32acdcd47b

HTTP Headers

GET /cfr/83dbd619126f018/p/25-02-2025-08-13-45-5ca13f71/main.2f6d5f2dedd1e3da.js HTTP/1.1
Host: casinolab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casinolab.com/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
DNT: 1
Connection: keep-alive
Cookie: user="0b917d5ac443486f"; __cf_bm=FK2wHFCL8Dh9nFOHrONi6q2.pscm_k8nLGVc8oyTuYY-1741548997-1.0.1.1-F._14U6XQucCv1gaDPPRt0Nu1sFpnxcheIef.LCkVrLje7TlrZYbYr.1jp6CC3q8MSMCqsDY7yaS9urFn0vqhM2nzcWgAJkKJG8MbFraYnA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 09 Mar 2025 19:36:37 GMT
content-type: application/javascript
cf-ray: 91dd05b33ac1eb46-CPH
cf-cache-status: HIT
cache-control: public, max-age=14400
content-encoding: gzip
etag: W/"c0546591f65e2383f5c6f29fa0554011"
expires: Sun, 09 Mar 2025 22:22:57 GMT
last-modified: Tue, 25 Feb 2025 08:21:58 GMT
vary: Accept-Encoding
priority: u=3,i=?0
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

cdn.seondf.com/js/v5/agent.js

104.21.32.1

200 OK

576 kB

URL GET
cdn.seondf.com/js/v5/agent.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://casinolab.com/no/registration?mid=239376_1462205&fluid=440fa032-ca93-4e11-91b6-142ebe2c5176&clickid=akfxs3q
Certificate
IssuerGoogle Trust Services
Subjectseondf.com
Fingerprint38:D4:3D:60:B6:F5:66:13:AA:88:A2:DA:C7:D0:59:7B:8F:7D:F8:92
ValidityTue, 21 Jan 2025 05:05:21 GMT - Mon, 21 Apr 2025 06:03:31 GMT

File type

Size
576 kB (576534 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/v5/agent.js HTTP/1.1
Host: cdn.seondf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casinolab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 09 Mar 2025 19:36:41 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bSGVD77MOfLjZU9dlqm8qeOOYTjfYbLl%2FI2Iea2ploPMbohq76IOt09cYPHHIkvJOxsBr7ZE97ZKsNnzUlO94SCBV4zlQOfBhQ6kVX44xIYfJlS0TCTAJxHrhyXJcVzksQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 15 Jan 2025 10:38:19 GMT
etag: W/"1fb3aa87c6b47729a32122041c965077"
x-amz-server-side-encryption: AES256
cache-control: max-age=14400
x-amz-version-id: rQlhJ0vfZWFBK4hip1lsYzMrtQW6pGlk
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M5H0eu4uaYbMWGmVxy8ngIlGlr_TgVsfXUtVl6tFkLSJ0ostVIBjrQ==
cf-cache-status: HIT
age: 2459
content-encoding: br
cf-ray: 91dd05cd7937568f-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML