urlscan.io logo urlscan.io
SecurityTrails logo

nitroslots.com Open in urlscan Pro
104.18.241.94  Public Scan

Go To Rescan Add Verdict Report
URL: https://nitroslots.com/
Submission Tags: phishingrod
Submission: On October 19 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 17 domains to perform 45 HTTP transactions. The main IP is 104.18.241.94, located in and belongs to CLOUDFLARENET, US. The main domain is nitroslots.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 19th 2023. Valid for: a year.
This is the only time nitroslots.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.18.241.94 13335 (CLOUDFLAR...)
1 143.204.98.30 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 151.101.1.91 54113 (FASTLY)
12 104.19.223.91 13335 (CLOUDFLAR...)
1 2600:9000:215... 16509 (AMAZON-02)
2 3.213.116.194 14618 (AMAZON-AES)
1 2600:9000:211... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 3 13.32.121.37 16509 (AMAZON-02)
1 1 34.249.13.87 16509 (AMAZON-02)
1 108.138.7.8 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 13.224.189.20 16509 (AMAZON-02)
1 18.66.147.119 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 130.211.23.194 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.18.6 15169 (GOOGLE)
45 22
1    104.18.241.94 (None, )

ASN13335 (CLOUDFLARENET, US)
nitroslots.com
1    143.204.98.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-30.fra50.r.cloudfront.net
tags-cdn.deployads.com
3    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    151.101.1.91 (United States)

ASN54113 (FASTLY, US)
ads.proboards.com
images.proboards.com
12    104.19.223.91 (None, )

ASN13335 (CLOUDFLARENET, US)
storage.proboards.com
1    2600:9000:2156:b000:0:5a51:64c9:c681 (United States)

ASN16509 (AMAZON-02, US)
farm5.staticflickr.com
2    3.213.116.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-116-194.compute-1.amazonaws.com
embedr.flickr.com
1    2600:9000:211e:a200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    34.249.13.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-13-87.eu-west-1.compute.amazonaws.com
api.viglink.com
1    108.138.7.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-8.fra56.r.cloudfront.net
cdn.viglink.com
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    13.224.189.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-20.fra2.r.cloudfront.net
widgets.flickr.com
1    18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net
comparisons.sovrn.com
1    2600:9000:223c:e200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net
ad.doubleclick.net
Apex Domain
Subdomains		 Transfer
14 proboards.com
ads.proboards.com
storage.proboards.com — Cisco Umbrella Rank: 122176
images.proboards.com — Cisco Umbrella Rank: 276905
531 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1081
api.btloader.com — Cisco Umbrella Rank: 1150
36 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
ad.doubleclick.net — Cisco Umbrella Rank: 173
162 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 179
3 KB
3 flickr.com
embedr.flickr.com — Cisco Umbrella Rank: 78008
widgets.flickr.com — Cisco Umbrella Rank: 119000
13 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1176
1 KB
2 viglink.com
api.viglink.com — Cisco Umbrella Rank: 18097
cdn.viglink.com — Cisco Umbrella Rank: 10396
29 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
147 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1263
641 B
1 sovrn.com
comparisons.sovrn.com — Cisco Umbrella Rank: 20925
1 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1348
9 KB
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3294
2 KB
1 staticflickr.com
farm5.staticflickr.com — Cisco Umbrella Rank: 54407
125 KB
1 deployads.com
tags-cdn.deployads.com — Cisco Umbrella Rank: 100904
1 nitroslots.com
nitroslots.com
15 KB
0 consensu.org Failed
quantcast.mgr.consensu.org Failed
45 17
Domain Requested by
12 storage.proboards.com nitroslots.com
3 api.btloader.com btloader.com
3 sb.scorecardresearch.com 1 redirects nitroslots.com
3 region1.google-analytics.com www.googletagmanager.com
3 securepubads.g.doubleclick.net nitroslots.com
securepubads.g.doubleclick.net
2 ad-delivery.net
2 www.google-analytics.com nitroslots.com
www.google-analytics.com
2 www.googletagmanager.com nitroslots.com
www.googletagmanager.com
2 embedr.flickr.com nitroslots.com
embedr.flickr.com
1 ad.doubleclick.net
1 btloader.com www.googletagmanager.com
1 rules.quantcount.com secure.quantserve.com
1 comparisons.sovrn.com api.viglink.com
1 widgets.flickr.com embedr.flickr.com
1 secure.quantserve.com cmp.quantcast.com
1 cdn.viglink.com nitroslots.com
1 api.viglink.com 1 redirects
1 images.proboards.com nitroslots.com
1 cmp.quantcast.com ads.proboards.com
1 farm5.staticflickr.com nitroslots.com
1 ads.proboards.com nitroslots.com
1 tags-cdn.deployads.com nitroslots.com
1 nitroslots.com
0 quantcast.mgr.consensu.org Failed cmp.quantcast.com
45 24

This site contains links to these domains. Also see Links.

Domain
www.proboards.com
redirect.viglink.com
Subject Issuer Validity Valid
nitroslots.com
Cloudflare Inc ECC CA-3		 2023-10-19 -
2024-10-18		 a year crt.sh
*.deployads.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
proboards.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
static.flickr.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-11		 a year crt.sh
flickr.com
Amazon RSA 2048 M01		 2023-03-07 -
2024-04-04		 a year crt.sh
cmp.quantcast.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
comparisons.sovrn.com
Amazon RSA 2048 M02		 2022-12-21 -
2024-01-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-06 -
2024-07-05		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nitroslots.com/
Frame ID: E38812D2F7E75B3585C24216B6DD870E
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Nitro Slots

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

45
Requests

93 %
HTTPS

45 %
IPv6

17
Domains

24
Subdomains

22
IPs

4
Countries

1096 kB
Transfer

3086 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://sb.scorecardresearch.com/cs/6036030/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 28
  • https://api.viglink.com/api/vglnk.js HTTP 301
  • https://cdn.viglink.com/api/vglnk.js

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nitroslots.com/ 		61 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nitroslots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.241.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d05a442ee2b4e303c99afb40d3c387c0a9fb2dbe988e81cfb7f8ac15cacc9b71
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8189a1c01dcb2bc9-FRA
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 14:15:12 GMT
server
cloudflare
via
1.1 google
x-envoy-upstream-service-time
177
x-frame-options
SAMEORIGIN
vs.nitroslots.com.js
tags-cdn.deployads.com/a/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tags-cdn.deployads.com/a/vs.nitroslots.com.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-30.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07998933829e90a0fa1cd4e545befbae75dae4bd77743837f9bc5da303697c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29100
x-xss-protection
0
server
cafe
etag
208 / 19649 / 31078905 / config-hash: 14863387668746949887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 14:15:13 GMT
cmp.js
ads.proboards.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.proboards.com/cmp.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
11bbafa55df74449969d1ee44e71ec0205d8945fae4bac45ff649f3bde8857af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
date
Thu, 19 Oct 2023 14:15:13 GMT
age
3177
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
4
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7166
x-served-by
cache-chi-klot8100099-CHI, cache-chi-kigq8000090-CHI, cache-fra-etou8220106-FRA
last-modified
Thu, 21 Jul 2022 23:25:43 GMT
server
istio-envoy
x-timer
S1697724913.045885,VS0,VE1
etag
"4d1d-5e459095399b4-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-cache-hits
0, 5, 1
widgets_1144.css
storage.proboards.com/forum/css/0/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.proboards.com/forum/css/0/widgets_1144.css
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.223.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
526ec92a6b35036be7d40708c7d7e0892d367af3e7f3250598daf186f7e39288
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 google
cf-cache-status
MISS
content-encoding
br
x-envoy-upstream-service-time
10
last-modified
Mon, 03 Oct 2022 20:52:31 GMT
server
cloudflare
etag
W/"1a9b-5ea2785aec1c0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=8640000
cf-ray
8189a1c29f13bb85-FRA
expires
Sat, 27 Jan 2024 14:15:13 GMT
proboards.combined_1144.js
storage.proboards.com/forum/js/ 		2 MB
497 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.proboards.com/forum/js/proboards.combined_1144.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.223.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22c69b8a702e85babbd4b302843914cdee85b3c619626bb2ec73ff2dfb67802
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nitroslots.com/
Origin
https://nitroslots.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 google
cf-cache-status
HIT
content-encoding
br
age
110066
x-envoy-upstream-service-time
9
last-modified
Fri, 08 Jul 2022 18:53:28 GMT
server
cloudflare
etag
W/"18a9c6-5e34fb7bb9a00"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=8640000
cf-ray
8189a1c29c9d19a0-FRA
expires
Sat, 27 Jan 2024 14:15:13 GMT
D_w7xvQHQp_1p4ysWeyf.css
storage.proboards.com/1989526/css/ 		597 B
361 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.proboards.com/1989526/css/D_w7xvQHQp_1p4ysWeyf.css
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.223.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d4106a56cd845e5e96fb9aaf49244abec440ab1bc43f6d5d388998c34eb5747
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 google
cf-cache-status
MISS
last-modified
Sat, 02 May 2015 20:26:01 GMT
server
cloudflare
content-encoding
br
etag
W/"146-5151f231fa840"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=8640000
x-envoy-upstream-service-time
168
cf-ray
8189a1c29f18bb85-FRA
expires
Sat, 27 Jan 2024 14:15:13 GMT
4RkXZDJ2tT08kSeZMEXp.js
storage.proboards.com/1989526/js/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.proboards.com/1989526/js/4RkXZDJ2tT08kSeZMEXp.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.223.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3846dcc8731f9be93a495e40ea3ef3207359d2bec008ccb9c59bfbf8c2096021
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 google
cf-cache-status
MISS
last-modified
Sat, 02 May 2015 20:26:01 GMT
server
cloudflare
content-encoding
br
etag
W/"e9d-5151f231fa840"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=8640000
x-envoy-upstream-service-time
278
cf-ray
8189a1c29f1abb85-FRA
expires
Sat, 27 Jan 2024 14:15:13 GMT
O4hHIZCztXyeAMHroabC.js
storage.proboards.com/1989526/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.proboards.com/1989526/js/O4hHIZCztXyeAMHroabC.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.223.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb466397bbb2dd46cb3e506c9234b14252d8fc914bc1bb6d1d9f98d1eb301be
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 google
cf-cache-status
MISS
last-modified
Sat, 02 May 2015 20:26:01 GMT
server
cloudflare
content-encoding
br
etag
W/"746-5151f231fa840"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=8640000
x-envoy-upstream-service-time
279
cf-ray
8189a1c29f1dbb85-FRA
expires
Sat, 27 Jan 2024 14:15:13 GMT
HRukpiJkNin1aPr8g6HF.js
storage.proboards.com/1989526/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.proboards.com/1989526/js/HRukpiJkNin1aPr8g6HF.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.223.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7709c1366198a8bbe3ec17ba0b993eebef1d27f6b51bd264a356b6a92e933f95
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 google
cf-cache-status
MISS
last-modified
Sat, 23 Feb 2013 14:53:03 GMT
server
cloudflare
content-encoding
br
etag
W/"816-4d66576fa51c0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=8640000
x-envoy-upstream-service-time
275
cf-ray
8189a1c29f21bb85-FRA
expires
Sat, 27 Jan 2024 14:15:13 GMT
fjFokd8p1oKnaT0EYTLK.js
storage.proboards.com/1989526/js/ 		559 B
384 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.proboards.com/1989526/js/fjFokd8p1oKnaT0EYTLK.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.223.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2848e64c19f6b6a633561970534c2b23020e541f28e9db5d29915824cfd391f6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 google
cf-cache-status
MISS
last-modified
Thu, 26 Nov 2015 13:34:13 GMT
server
cloudflare
content-encoding
br
etag
W/"144-52571a1677f40"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=8640000
x-envoy-upstream-service-time
262
cf-ray
8189a1c29f1fbb85-FRA
expires
Sat, 27 Jan 2024 14:15:13 GMT
ubWArmUampb4JXhum2ye.js
storage.proboards.com/1989526/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.proboards.com/1989526/js/ubWArmUampb4JXhum2ye.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.223.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d9612574bf07ab61fd064f76aa4a24645f1fe42ff3ba9a12c2dc1224d077a8a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 google
cf-cache-status
MISS
last-modified
Sat, 09 Jan 2016 16:37:09 GMT
server
cloudflare
content-encoding
br
etag
W/"54c-528e950a47740"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=8640000
x-envoy-upstream-service-time
259
cf-ray
8189a1c2bf4bbb85-FRA
expires
Sat, 27 Jan 2024 14:15:13 GMT
TnvPLsG15voP0jxwlWjU.js
storage.proboards.com/1989526/js/ 		2 KB
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.proboards.com/1989526/js/TnvPLsG15voP0jxwlWjU.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.223.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03def6154a8fc97ad0e9d47e8a204dc285b7a589d1823aea6b9d87c47790c0fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 google
cf-cache-status
MISS
last-modified
Sat, 09 Jan 2016 16:49:25 GMT
server
cloudflare
content-encoding
br
etag
W/"2a9-528e97c82ef40"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=8640000
x-envoy-upstream-service-time
254
cf-ray
8189a1c2bf48bb85-FRA
expires
Sat, 27 Jan 2024 14:15:13 GMT
ilBUNkPS70Vyegv4jsP4.js
storage.proboards.com/1989526/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.proboards.com/1989526/js/ilBUNkPS70Vyegv4jsP4.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.223.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
681a8da57d728c6a1772b88c7ae8ff4ce63b416c1002becae2c372fc06bd8dc0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 google
cf-cache-status
MISS
last-modified
Thu, 07 Jul 2016 05:29:09 GMT
server
cloudflare
content-encoding
br
etag
W/"c7a-53704f71fb340"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=8640000
x-envoy-upstream-service-time
278
cf-ray
8189a1c29f20bb85-FRA
expires
Sat, 27 Jan 2024 14:15:13 GMT
KXzLhbzJJTaIvexrrVlH.js
storage.proboards.com/1989526/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.proboards.com/1989526/js/KXzLhbzJJTaIvexrrVlH.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.223.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ccb29347e0cc7307f4f8a967906aba46b14ed629cb303e1686f5d79ba70faa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 google
cf-cache-status
MISS
last-modified
Sun, 31 Dec 2017 12:19:06 GMT
server
cloudflare
content-encoding
br
etag
W/"c7d-561a1df356280"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=8640000
x-envoy-upstream-service-time
271
cf-ray
8189a1c29f1ebb85-FRA
expires
Sat, 27 Jan 2024 14:15:13 GMT
35876553475_fc7a681b6a.jpg
farm5.staticflickr.com/4211/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://farm5.staticflickr.com/4211/35876553475_fc7a681b6a.jpg
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b000:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jubilee /
Resource Hash
4bcb158fb5d6c72571ed4bb3f047b0cf7bb3ed9059a06f4e4b27f3133b4158ff
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 15:58:09 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
mib
2
x-ttfb
0.2991
x-amz-cf-pop
FRA50-C1
surrogate-control
public, max-age=31536000
ourvalues
Grow Together (#1 of 5)
x-env
a=live, b=jubilee, c=77f4af62, e=57ff0640092cb6b0db3735df07a7742299b2307d
p3p
CP="This is not a P3P policy. We respect your privacy."
streaming
false
edge-control
public, max-age=31536000
age
166624
x-cache
Hit from cloudfront
imageheight
227
powered-by
Mutation/1.0
imagewidth
500
x-ttdb-l
127229
x-request-id
290f315d
last-modified
Sun, 17 Mar 2019 10:36:49 GMT
server
Jubilee
etag
"c458b10494c2651a1f9a83a417663e1f.1"
x-frame-options
DENY
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
quote
"I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin
*
cache-control
public, max-age=31536000
hiring
Change the world of photography with us. https://www.flickr.com/jobs/
origintype
D
x-amz-cf-id
WxL8dhxpXSMfW_sldLinWKwJUB-G9nM_3ioGIB4h4Yl8fuRlJeIyJw==
expires
Wed, 16 Oct 2024 15:58:09 GMT
client-code.js
embedr.flickr.com/assets/ 		642 B
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embedr.flickr.com/assets/client-code.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.116.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-116-194.compute-1.amazonaws.com
Software
/
Resource Hash
4be697ac695f2c11c2a9ab7075cfa7ca9cf2723baf62cfe8c913a3bb2ca56917
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
x-content-type-options
nosniff
etag
W/"282-79d207e6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
content-length
642
x-xss-protection
1; mode=block
x-request-id
a7d807f6a4a42399
csabRzqgWiTEBzocsUCX.jpg
storage.proboards.com/1989526/avatar/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.proboards.com/1989526/avatar/csabRzqgWiTEBzocsUCX.jpg
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.223.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5096c4cc1b005bed4fc7322d833e819d0cf57741e55cc79bda2ea9211147808
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 google
cf-cache-status
MISS
x-envoy-upstream-service-time
135
content-length
7449
last-modified
Wed, 19 Jan 2022 18:21:34 GMT
server
cloudflare
etag
"1d19-5d5f374a08780"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=8640000
accept-ranges
bytes
cf-ray
8189a1c2bf4cbb85-FRA
expires
Sat, 27 Jan 2024 14:15:13 GMT
choice.js
cmp.quantcast.com/choice/aHrKsT40TF-Jq/www.proboards.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/aHrKsT40TF-Jq/www.proboards.com/choice.js
Requested by
Host: ads.proboards.com
URL: https://ads.proboards.com/cmp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3b64c7a79703a8e540dae322989f57a4acd391ae3af046240bbf15ff37db4e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:14 GMT
content-encoding
br
via
1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
last-modified
Wed, 10 Feb 2021 15:47:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
etag
W/"8051faf45fb63393b15a2ddbc1e8b70d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
dQDpqzHnsTdbJRy_9YstpLu97EjLzzAapZYRXTMD6xWw4juXYdIaHQ==
gtm.js
www.googletagmanager.com/ 		174 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M6QVNSC
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b5db663e43d2971956d2fbc0b351d16af46a7d01f5a45a6525ad1f2609fb0f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64161
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 14:15:13 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js?cb=31078905
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:12:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
57773
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135205
x-xss-protection
0
server
cafe
etag
9147680799068891735
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 22:12:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		36 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nitroslots.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1953e360b1b629afb55a4ef4ecaaf8f50a537d70e1737212abe23207e8b0a04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40
x-xss-protection
0
expires
Thu, 19 Oct 2023 14:15:13 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Oct 2023 13:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1531
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 19 Oct 2023 15:49:42 GMT
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q1LJB9WYP0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6QVNSC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc1a5db1836fd2adaf7fdf5f74adefc4fadb5d772ffeea36e5409c57b89283fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86095
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 14:15:13 GMT
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Q1LJB9WYP0&gtm=45je3ai0&_p=1865327572&cid=1179890550.1697724913&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697724913&sct=1&seg=0&dl=https%3A%2F%2Fnitroslots.com%2F&dt=Home%20%7C%20Nitro%20Slots&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q1LJB9WYP0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:15:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nitroslots.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Q1LJB9WYP0&gtm=45je3ai0&_p=1865327572&cid=1179890550.1697724913&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1697724913&sct=1&seg=0&dl=https%3A%2F%2Fnitroslots.com%2F&dt=Home%20%7C%20Nitro%20Slots&en=userpbExperiment&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q1LJB9WYP0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:15:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nitroslots.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6036030/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:45:27 GMT
content-encoding
gzip
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 09:10:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
32050
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
Z90WKl2cSc2heBsANfSqqeqmWFku1GG7dknnl85U-EdjTxWXstKejA==

Redirect headers

date
Thu, 19 Oct 2023 14:15:13 GMT
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
teFZ-kTzGOQ_GzZ9eoLWRqh1QqJ_vTr8h-gpzCixtFfhjqs7VoaMLw==
sexy2.png
images.proboards.com/v5/gradients/ 		470 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.proboards.com/v5/gradients/sexy2.png
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
233c007d3953ebc0e7bce9faeb452ef63eeb709b5ad20c557cc88c2a7c4b3657
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 25 Jan 2024 18:28:11 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 19 Oct 2023 14:15:13 GMT
age
157622
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
105
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
470
x-served-by
cache-chi-kigq8000042-CHI, cache-chi-klot8100133-CHI, cache-fra-etou8220106-FRA
last-modified
Wed, 17 Oct 2012 16:45:47 GMT
server
istio-envoy
x-timer
S1697724914.543903,VS0,VE1
etag
"1d6-4cc44009d64c0"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 12, 1
collect
www.google-analytics.com/j/ 		3 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1865327572&t=pageview&_s=1&dl=https%3A%2F%2Fnitroslots.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Nitro%20Slots&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=1955482190&gjid=1681909194&cid=1179890550.1697724913&tid=UA-30657-154&_gid=1138416539.1697724913&_r=1&_slc=1&z=52279540
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nitroslots.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:15:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nitroslots.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
vglnk.js
cdn.viglink.com/api/
Redirect Chain
  • https://api.viglink.com/api/vglnk.js
  • https://cdn.viglink.com/api/vglnk.js
82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Server
108.138.7.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c4e1d1d6b881f146a475b3d009cac2e81e5a3ee71f836d62cf32330c0bcad57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:21:07 GMT
content-encoding
gzip
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 15:14:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
542703
x-amz-server-side-encryption
AES256
etag
"6c8a8d538bfaf5e3eee3cfe467f261a5"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
28925
x-amz-cf-id
KHLmdn_XWlDU0JpKfnX1HvZvBWW2XsjAR6NMlA49U-Qfaa0MtqswAw==

Redirect headers

Location
https://cdn.viglink.com/api/vglnk.js
Connection
keep-alive
Content-Length
0
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6036030&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1697724913623&ns_c=UTF-8&cs_cmp_nc=1&cs_fpcd=1&c7=https%3A%2F%2Fnitroslots.com%2F&c8=Home%20%7C%20Nitro%20Slots&c9=
Requested by
Host: nitroslots.com
URL: https://nitroslots.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
4RvDGJb6z7aIvT2kHjrnrnV3LU4hLYEWqZy2D1i9XBhWM4po9exM7g==
x-cache
Miss from cloudfront
embedr-loader.js
embedr.flickr.com/assets/ 		225 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embedr.flickr.com/assets/embedr-loader.js
Requested by
Host: embedr.flickr.com
URL: https://embedr.flickr.com/assets/client-code.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.116.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-116-194.compute-1.amazonaws.com
Software
/
Resource Hash
07517f91e27cc8d4d0dab9be8a59c1d24959d19abc0578a0d17224e487ea577f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
x-content-type-options
nosniff
etag
W/"e1-4431b6d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
content-length
225
x-xss-protection
1; mode=block
x-request-id
714c808afbbc5bfe
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/aHrKsT40TF-Jq/www.proboards.com/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:13 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 26 Oct 2023 14:15:13 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		0
0
embedr-47ad26da5deade67d472950b12c94b6c.js
widgets.flickr.com/embedr/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.flickr.com/embedr/embedr-47ad26da5deade67d472950b12c94b6c.js
Requested by
Host: embedr.flickr.com
URL: https://embedr.flickr.com/assets/embedr-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-20.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a782bcfd225befdc24238ade3ac94b33577f3a5e32d1e129415c2ca4e9dee7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 12:14:39 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Tue, 21 Mar 2023 21:44:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
3204035
etag
"9f2748071a73e4ef3feceb22e5a1cd74"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=536112000
accept-ranges
bytes
x-amz-meta-x-ysws-access
public
content-length
11335
x-amz-cf-id
c8fpTlkPMbFkYbz06bi4pB9z4ixIgbZTAXLFr5wGdeQH73qXC-sqbg==
loader.min.js
comparisons.sovrn.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comparisons.sovrn.com/js/loader.min.js
Requested by
Host: api.viglink.com
URL: https://api.viglink.com/api/vglnk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f755dbaaa79d15340992ec8653f11a8de91ab59e5d8ade29af2727c755d53318

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
zztrMxKRFefsfrfockN6O.yo5b_PAxDP
content-encoding
br
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
date
Thu, 19 Oct 2023 03:49:00 GMT
last-modified
Tue, 10 Oct 2023 13:08:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
37574
x-amz-server-side-encryption
AES256
etag
W/"c843d99783cbdd7b1afd7864642b26f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Ejj8d-qfiVAVw5pBC2pCRVLfQNfmR5ELlEu_5hSMpo6C2F9Dkay6Zw==
rules-p-aHrKsT40TF-Jq.js
rules.quantcount.com/ 		160 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-aHrKsT40TF-Jq.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbe49672f94be5aa98df6e2afbf16ade461c0f9405f889840d2eb487fed2cb84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:09:47 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
327
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:23:41 GMT
server
AmazonS3
etag
"32200a494fac2a81b2b57ca227f93c58"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
7fui7aN8mgFZ_QfiMfLF0RF0SVUxftBiwD3rAkVPsf7O-xxyx2liig==
tag
btloader.com/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5729616248438784&upapi=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6QVNSC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f8238a79473fe01c98374ac2a152a374239c24643f09dbc288c1c7612ea8e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:14 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Oct 2023 14:04:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
439
etag
W/"c33a9692f3dc9440959068c11003c6bc"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtvDZqgDeI0FAkC6rr6DcztzKhy16AhtMcmB1za%2Fkd1RGAgaOBy3A1DpMmFby6RwIW%2FUjJ99%2FKgT22OuwTaG%2BxcxGvpU%2FLaLeEjSpfvC97SqAd55YtxufHuF%2F5zqHKjnFddK6%2FJv0Uv4fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
8189a1c8a8131e6a-FRA
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5729616248438784&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 19 Oct 2023 14:15:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
814971
x-guploader-uploadid
ADPycdvss9BetkmNQALNaBNCf5vLrk1BJTKiYCnKRP7yR206OrOm6wCUuumZB2_HXL8eMer15Axwd5EmLiQynqBlnV8RghqDGZqY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7KuTSYFVUsUvyUtYEmNC5wPxeVMHCjkFziDf2XCBuOec4etHMsNCwbvJipNO5Ly2GbNMV5ZglI3MDKMPFO9sHGZ68vtMe1GWtzkC7w%2B8UMlcMDLjEi%2FnmBYlWcg3vIWxwMp1nFAskijnGSDpg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8189a1c94abf3a52-FRA
expires
Tue, 10 Oct 2023 04:47:24 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15168
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Oct 2023 10:02:26 GMT
px.gif
ad-delivery.net/ 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.5051666740879541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
814971
x-guploader-uploadid
ADPycdvss9BetkmNQALNaBNCf5vLrk1BJTKiYCnKRP7yR206OrOm6wCUuumZB2_HXL8eMer15Axwd5EmLiQynqBlnV8RghqDGZqY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtiuZxNx5cHJfXz2sKzgcMZrNnD9UeF32VWSpjYh5fjhOHE6XNwVDdrZjvKgOxLiscJWVoo2sO8KEzPk8iPs%2FxQAbhR19STyxrl8XAnB%2Fz2sMq1NbGI9i2EI5KfGY79StTgNISWEra3gde7c4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8189a1c94abe3a52-FRA
expires
Tue, 10 Oct 2023 04:47:24 GMT
country
api.btloader.com/ 		16 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5729616248438784&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:15:14 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=xfNwK8YM&w=5635347986776064&o=5729616248438784&cv=2.1.19-1-g9747148&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fnitroslots.com%2F&sid=FZg9WGmu&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5729616248438784&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 19 Oct 2023 14:15:14 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Q1LJB9WYP0&gtm=45je3ai0&_p=1865327572&cid=1179890550.1697724913&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1697724913&sct=1&seg=0&dl=https%3A%2F%2Fnitroslots.com%2F&dt=Home%20%7C%20Nitro%20Slots&en=scroll&epn.percent_scrolled=90&_et=12
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q1LJB9WYP0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nitroslots.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 14:15:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nitroslots.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
quantcast.mgr.consensu.org
URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.proboards.com

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| pbMobileSurveyCount undefined| initPBMobileSurvey object| __core-js_shared__ function| __pbCmpDiag function| __tcfapi function| __uspapi object| deployads object| googletag string| partial object| _pbdata object| pb object| dataLayer object| ggeac object| google_tag_data object| google_js_reporting_queue object| translatePo function| getCaptchaTokenSetup function| createStoreToken string| rangeType object| BlockFix function| reverse function| interpret_iframe_transport function| check_control_bar function| check_control_bar_ie object| Keys object| pbFileUpload boolean| ANALYTICS_DEBUG number| AUTOSAVE_THRESHOLD number| AUTOSAVE_NEW_THREAD number| AUTOSAVE_THREAD_REPLY number| AUTOSAVE_QUICK_REPLY number| AUTOSAVE_NEW_CONV number| AUTOSAVE_CONV_REPLY number| AUTOSAVE_CONV_QUICK_REPLY object| listManagerSettings object| listManagerPrototype function| getTopAdBanner function| listManager object| postManager number| SHOUTBOX_SCROLL_NORMAL number| SHOUTBOX_SCROLL_OVERRIDE number| SHOUTBOX_SCROLL_CONTEXTUAL function| standard_bookmarks function| standard_confirm function| standard_home function| standard_members undefined| listMan function| standard_message function| standard_poll function| mobile_board function| mobile_home function| mobile_members function| mobile_calendar_base function| mobile_common_edit function| mobile_conversation_index function| mobile_conversation_new function| mobile_conversation_show function| mobile_message_list function| mobile_post_base function| mobile_post_new function| mobile_registration_register function| mobile_search_index function| mobile_thread_edit function| mobile_thread_new function| mobile_thread_show function| mobile_unsubscribe_index function| mobile_user_edit_admin function| mobile_user_edit_common function| mobile_user_edit_privacy function| mobile_user_show_activity function| mobile_user_show_following function| mobile_user_show_groups function| mobile_user_show_notifications function| mobile_user_show_user_common function| standard_board_moderators function| standard_board_password function| standard_board_show function| standard_calendar_base function| load_month_previews function| load_month_form function| add_cal_nav function| setup_cal function| standard_conversation_index function| update_labels_preview_hex function| update_labels_preview_text function| standard_conversation_new function| standard_conversation_participants function| standard_conversation_show function| standard_custompage_edit_visual_iframe function| standard_custompage_widgets function| standard_post_base function| standard_thread_by_ip function| standard_post_edit function| standard_post_likes function| standard_post_new function| standard_registration_register function| standard_search_index function| standard_search_results_posts function| standard_search_results_threads function| standard_thread_edit function| standard_thread_find_threads function| standard_thread_new function| standard_thread_participants function| standard_thread_participated function| standard_thread_recent function| standard_thread_show function| standard_unsubscribe_index function| standard_user_edit_admin function| standard_user_edit_avatar undefined| imageAdded undefined| forumImageAdded undefined| is_loaded undefined| isForumAvatarsLoaded undefined| $previewImageAvatar undefined| $previewNoAvatar undefined| $previewForumAvatar function| update_radio function| change function| update_empty_avatar function| remove_image_avatar function| remove_forum_avatar function| add_image_avatar function| add_forum_avatar function| edit_image_avatar function| delete_image function| edit_forum_avatar function| select_forum_avatar function| check_image_link function| link_image_error function| standard_user_edit_badges function| standard_user_edit_common function| standard_user_edit_notifications function| standard_user_edit_personal undefined| dialog_opened function| standard_user_edit_privacy function| standard_user_edit_settings function| standard_user_edit_social function| standard_user_group_leaders function| standard_user_show_activity function| standard_user_show_following function| standard_user_show_friends function| standard_user_show_groups function| standard_user_show_notifications function| standard_user_show_summary function| standard_user_show_user_common function| $ function| jQuery function| DP_jQuery_1697724913224 function| flashembed string| key object| jQuery17202377124500597152 object| Select2 object| html5 object| Modernizr function| yepnope function| CodeMirror function| proboards object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill string| GoogleAnalyticsObject function| ga string| id undefined| google_measure_js_timing object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady function| tableGrid function| TBbuttonSetup function| updateCurrentBrackets function| cleanupUBBC function| displayBrackets function| setupTBstuff object| collapsible_categories function| bbg object| iDelay object| fContent boolean| isIE number| frame number| st number| wait number| index boolean| iDir number| frameHalf undefined| iTimer number| frame_m number| wait_m function| fade function| opacityFade number| iCur number| iCurMoz string| countdownObjectFormat string| eventReachedMessage string| clearTitleOnEvent string| showLongCountdown string| invalidDateMessage boolean| popAlertWhenEventIsReached string| popAlertTimeoutWindow function| countdownAddEvent function| createCountdownEvent function| begin_countdown function| postCountdowns object| _comscore undefined| Tynt number| x object| COMSCORE object| ns_p object| FlickrEmbedr object| _qevents boolean| __v5k function| vglnk function| vl_cB function| vl_disable function| quantserve function| __qc object| ezt object| _qoptions function| getDevicePixelRatio function| getSizeToFit function| getPhotoForDisplay object| displayOptions object| supportedTypes object| m101 boolean| mtz101Loaded function| extend object| config function| shoppingWidget function| priceComparison function| observeDom function| init object| galleryInfo object| gpInfo object| photostreamInfo object| favesInfo object| groupInfo object| exploreInfo object| searchInfo object| __bt_tag_d object| __bt_intrnl object| __bt object| __bt_tag_am boolean| __bt_already_invoked

4 Cookies

Domain/Path Name / Value
.nitroslots.com/ Name: _gid
Value: GA1.2.1138416539.1697724913
.nitroslots.com/ Name: _ga
Value: GA1.1.1179890550.1697724913
.nitroslots.com/ Name: _ga_Q1LJB9WYP0
Value: GS1.1.1697724913.1.0.1697724913.0.0.0
.nitroslots.com/ Name: _gat
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://tags-cdn.deployads.com/a/vs.nitroslots.com.js
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network error URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.proboards.com
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
ads.proboards.com
api.btloader.com
api.viglink.com
btloader.com
cdn.viglink.com
cmp.quantcast.com
comparisons.sovrn.com
embedr.flickr.com
farm5.staticflickr.com
images.proboards.com
nitroslots.com
quantcast.mgr.consensu.org
region1.google-analytics.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
storage.proboards.com
tags-cdn.deployads.com
widgets.flickr.com
www.google-analytics.com
www.googletagmanager.com
quantcast.mgr.consensu.org
104.18.241.94
104.19.223.91
108.138.7.8
13.224.189.20
13.32.121.37
130.211.23.194
143.204.98.30
151.101.1.91
172.217.18.6
18.66.147.119
2001:4860:4802:34::36
2600:9000:211e:a200:9:46dc:4700:93a1
2600:9000:2156:b000:0:5a51:64c9:c681
2600:9000:223c:e200:6:44e3:f8c0:93a1
2606:4700:20::681a:246
2606:4700:20::681a:78b
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
3.213.116.194
34.249.13.87
03def6154a8fc97ad0e9d47e8a204dc285b7a589d1823aea6b9d87c47790c0fc
07517f91e27cc8d4d0dab9be8a59c1d24959d19abc0578a0d17224e487ea577f
07998933829e90a0fa1cd4e545befbae75dae4bd77743837f9bc5da303697c3c
11bbafa55df74449969d1ee44e71ec0205d8945fae4bac45ff649f3bde8857af
1b5db663e43d2971956d2fbc0b351d16af46a7d01f5a45a6525ad1f2609fb0f1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
233c007d3953ebc0e7bce9faeb452ef63eeb709b5ad20c557cc88c2a7c4b3657
2848e64c19f6b6a633561970534c2b23020e541f28e9db5d29915824cfd391f6
2a782bcfd225befdc24238ade3ac94b33577f3a5e32d1e129415c2ca4e9dee7e
3846dcc8731f9be93a495e40ea3ef3207359d2bec008ccb9c59bfbf8c2096021
3eb466397bbb2dd46cb3e506c9234b14252d8fc914bc1bb6d1d9f98d1eb301be
4bcb158fb5d6c72571ed4bb3f047b0cf7bb3ed9059a06f4e4b27f3133b4158ff
4be697ac695f2c11c2a9ab7075cfa7ca9cf2723baf62cfe8c913a3bb2ca56917
4c4e1d1d6b881f146a475b3d009cac2e81e5a3ee71f836d62cf32330c0bcad57
4d4106a56cd845e5e96fb9aaf49244abec440ab1bc43f6d5d388998c34eb5747
526ec92a6b35036be7d40708c7d7e0892d367af3e7f3250598daf186f7e39288
681a8da57d728c6a1772b88c7ae8ff4ce63b416c1002becae2c372fc06bd8dc0
7709c1366198a8bbe3ec17ba0b993eebef1d27f6b51bd264a356b6a92e933f95
79ccb29347e0cc7307f4f8a967906aba46b14ed629cb303e1686f5d79ba70faa
7d9612574bf07ab61fd064f76aa4a24645f1fe42ff3ba9a12c2dc1224d077a8a
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a3b64c7a79703a8e540dae322989f57a4acd391ae3af046240bbf15ff37db4e8
a5096c4cc1b005bed4fc7322d833e819d0cf57741e55cc79bda2ea9211147808
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
bbe49672f94be5aa98df6e2afbf16ade461c0f9405f889840d2eb487fed2cb84
cc1a5db1836fd2adaf7fdf5f74adefc4fadb5d772ffeea36e5409c57b89283fc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d05a442ee2b4e303c99afb40d3c387c0a9fb2dbe988e81cfb7f8ac15cacc9b71
d6f8238a79473fe01c98374ac2a152a374239c24643f09dbc288c1c7612ea8e2
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1953e360b1b629afb55a4ef4ecaaf8f50a537d70e1737212abe23207e8b0a04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f22c69b8a702e85babbd4b302843914cdee85b3c619626bb2ec73ff2dfb67802
f755dbaaa79d15340992ec8653f11a8de91ab59e5d8ade29af2727c755d53318