mass.report
Scan Intelligence Report0/100
low Risk
casino-dostup.com
https://casino-dostup.com/
IP
104.21.74.6 · Cloudflare, Inc.
Location
Toronto, Canada
Domain Age
14 days
HTTP
200 · 23.1s
SSL
Valid· E7, Let's Encrypt, US
Status
COMPLETED
KB/IOK Matches (0)—
No KB/IOK detections were recorded for this scan.
casino-dostup.com
Unknownfinance | technology | ecommerce | healthcare | government | social_media | cryptocurrency | telecommunications | education | other · 6/3/2026
Summary
The page appears to be a minimal SPA-like landing with dynamic content. The static HTML shows a generic placeholder page title and no credential forms. Network activity includes a POST to /cdn-cgi/rum? and a beacon script from Cloudflare, but there is no clear impersonation of a well-known brand in the visible UI. The SSL is valid but the domain is newly registered (14 days). Overall, there is insufficient evidence of credential phishing or first-party abuse from the provided page content; the observed POST endpoint may be benign telemetry or CDN-related, though the dynamic rendering raises potential risk if credential collection is implemented via JavaScript.
Evidence Summary
▸Observed 3 capture stage(s); canonical stage is late_render_3s.
▸POST targets observed during capture: https://casino-dostup.com/cdn-cgi/rum?.
▸Distinctive asset clues: v833ccba57c9e4d2798f2e76cebdd09a11778172276447, css2.
Capture
Stages: 3
Canonical: Late Render (+3s)
Changed: No
Credential Signals
Forms: 0
Password fields: 0
Late-stage login UI: No
Resource Signals
Resources: 7
Hosts: 4
Domains: 4
Observed Signals (0)
Observed Indicators (1)
▸No static login/credential fields in HTML; potential SPA rendering
Risk AssessmentUsed in abuse reports
The site is a new domain (14 days old) with a valid SSL cert and Cloudflare routing. The page content shown is a generic placeholder with branding not matching any known consumer service. The SPA-like behavior and dynamic forms could be used for credential capture, but there is no explicit impersonation of a known brand in the visible UI. The scan did observe a POST to /cdn-cgi/rum? which may be benign CDN telemetry, but the combination of dynamic rendering and unfamiliar branding warrants cautious monitoring. Recommend monitoring the domain for changes and deeper content analysis to rule out credential phishing or impersonation in future renders.
Recommended Action
Monitor
Cross-Reference8
URL Intelligence
Domain Intelligence
IP Intelligence
Public threat feed available — JSON API