urlscan.io logo urlscan.io
SecurityTrails logo

www.nitrocasino.ca Open in urlscan Pro
104.22.69.220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nitrocasino.ca/
Effective URL: https://www.nitrocasino.ca/en
Submission Tags: phishingrod
Submission: On November 07 via api from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 4 countries across 35 domains to perform 78 HTTP transactions. The main IP is 104.22.69.220, located in Shahr, Iran, Islamic Republic Of and belongs to CLOUDFLARENET, US. The main domain is www.nitrocasino.ca.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on August 16th 2022. Valid for: a year.
This is the only time www.nitrocasino.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 104.22.69.220 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.128.57 16509 (AMAZON-02)
1 3.222.206.229 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
2 54.72.94.180 16509 (AMAZON-02)
1 108.138.106.101 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
5 23.0.197.94 16625 (AKAMAI-AS)
1 2600:9000:24f... 16509 (AMAZON-02)
1 18.164.96.90 16509 (AMAZON-02)
2 5 199.38.167.131 54312 (ROCKETFUEL)
1 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.128.58 16509 (AMAZON-02)
3 63.34.106.143 16509 (AMAZON-02)
3 3 142.251.40.194 15169 (GOOGLE)
1 2 68.67.179.166 29990 (ASN-APPNEX)
1 8.43.72.97 26667 (RUBICONPR...)
1 2 52.203.222.38 14618 (AMAZON-AES)
1 2 50.16.174.192 14618 (AMAZON-AES)
1 23.41.168.23 16625 (AKAMAI-AS)
1 54.89.37.176 14618 (AMAZON-AES)
1 1 108.138.106.17 16509 (AMAZON-02)
1 3 35.190.60.146 15169 (GOOGLE)
1 52.55.72.99 14618 (AMAZON-AES)
1 2 192.40.39.223 27381 (CASALE-MEDIA)
1 23.205.56.183 16625 (AKAMAI-AS)
1 2 192.35.249.138 11742 (SPOTX-IAD)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 13.225.214.90 16509 (AMAZON-02)
1 52.7.103.185 14618 (AMAZON-AES)
1 2 35.211.178.172 19527 (GOOGLE-2)
2 2 151.101.2.49 54113 (FASTLY)
1 1 13.226.39.20 16509 (AMAZON-02)
3 13.33.60.4 16509 (AMAZON-02)
4 23.41.168.211 16625 (AKAMAI-AS)
1 2 68.67.160.24 29990 (ASN-APPNEX)
1 1 74.121.140.14 30419 (MEDIAMATH...)
1 2 54.165.211.179 14618 (AMAZON-AES)
2 2 3.217.8.50 14618 (AMAZON-AES)
1 76.223.78.13 16509 (AMAZON-02)
1 52.209.125.240 16509 (AMAZON-02)
78 39
21    104.22.69.220 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
nitrocasino.ca
www.nitrocasino.ca
service.nitrocasino.ca
3    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    108.138.128.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-57.jfk50.r.cloudfront.net
client.pragmaticplaylive.net
1    3.222.206.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-206-229.compute-1.amazonaws.com
intlsblntrca.nitrocasino.ca
1    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    54.72.94.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-94-180.eu-west-1.compute.amazonaws.com
c5.adalyser.com
1    108.138.106.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-101.jfk50.r.cloudfront.net
static.hotjar.com
2    2606:4700:10::ac43:aac (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.inspectlet.com
hn.inspectlet.com
2    2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    23.0.197.94 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-197-94.deploy.static.akamaitechnologies.com
zz.connextra.com
1    2600:9000:24f1:fc00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
1    18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net
script.hotjar.com
5    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
20838089p.rfihub.com
a.rfihub.com
p.rfihub.com
1    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    108.138.128.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-58.jfk50.r.cloudfront.net
vars.hotjar.com
3    63.34.106.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-106-143.eu-west-1.compute.amazonaws.com
in.hotjar.com
3    142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
cm.g.doubleclick.net
2    68.67.179.166 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    52.203.222.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-222-38.compute-1.amazonaws.com
dpm.demdex.net
2    50.16.174.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-174-192.compute-1.amazonaws.com
ps.eyeota.net
1    23.41.168.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    54.89.37.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-37-176.compute-1.amazonaws.com
bs.serving-sys.com
1    108.138.106.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-17.jfk50.r.cloudfront.net
live.rezync.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
1    52.55.72.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-72-99.compute-1.amazonaws.com
bpi.rtactivate.com
2    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    23.205.56.183 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-56-183.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
2    192.35.249.138 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
1    2600:1f18:612b:4232:6c23:5a2c:6d97:91e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
1    13.225.214.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-90.ewr50.r.cloudfront.net
aa.agkn.com
1    52.7.103.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-103-185.compute-1.amazonaws.com
beacon.krxd.net
2    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    13.226.39.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-20.ewr53.r.cloudfront.net
widget.intercom.io
3    13.33.60.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-4.ewr52.r.cloudfront.net
js.intercomcdn.com
4    23.41.168.211 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-211.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    68.67.160.24 (Newark, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    54.165.211.179 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-211-179.compute-1.amazonaws.com
segment.prod.bidr.io
2    3.217.8.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-8-50.compute-1.amazonaws.com
match.prod.bidr.io
1    76.223.78.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: a919daa9564471cec.awsglobalaccelerator.com
api.paymentiq.io
1    52.209.125.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-125-240.eu-west-1.compute.amazonaws.com
api-iam.eu.intercom.io
Apex Domain
Subdomains		 Transfer
22 nitrocasino.ca
nitrocasino.ca
www.nitrocasino.ca
intlsblntrca.nitrocasino.ca
service.nitrocasino.ca
862 KB
6 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 889
script.hotjar.com — Cisco Umbrella Rank: 1168
vars.hotjar.com — Cisco Umbrella Rank: 1210
in.hotjar.com — Cisco Umbrella Rank: 2124
72 KB
5 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1362
sync.mathtag.com — Cisco Umbrella Rank: 723
5 KB
5 rfihub.com
20838089p.rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 4258
p.rfihub.com — Cisco Umbrella Rank: 1229
7 KB
5 connextra.com
zz.connextra.com — Cisco Umbrella Rank: 20100
18 KB
4 bidr.io
segment.prod.bidr.io — Cisco Umbrella Rank: 8193
match.prod.bidr.io — Cisco Umbrella Rank: 818
2 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 313
secure.adnxs.com — Cisco Umbrella Rank: 690
4 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
cm.g.doubleclick.net — Cisco Umbrella Rank: 320
1 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 4898
201 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 578
523 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
2 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 5727
api-iam.eu.intercom.io — Cisco Umbrella Rank: 184091
2 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 916
604 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 415
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 799
904 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 819
2 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1386
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 285
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 97
20 KB
2 gstatic.com
fonts.gstatic.com
44 KB
2 inspectlet.com
cdn.inspectlet.com — Cisco Umbrella Rank: 17641
hn.inspectlet.com — Cisco Umbrella Rank: 17997
63 KB
2 adalyser.com
c5.adalyser.com — Cisco Umbrella Rank: 35080
12 KB
1 paymentiq.io
api.paymentiq.io — Cisco Umbrella Rank: 574509
17 KB
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 774
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 759
534 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1629
183 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 2045
191 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 2995
109 B
1 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2870
775 B
1 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1479
105 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 809
616 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 483
741 B
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 6947
6 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 121
84 KB
1 pragmaticplaylive.net
client.pragmaticplaylive.net — Cisco Umbrella Rank: 72676
4 KB
78 35
Domain Requested by
11 service.nitrocasino.ca www.nitrocasino.ca
9 www.nitrocasino.ca www.nitrocasino.ca
5 zz.connextra.com www.googletagmanager.com
www.nitrocasino.ca
4 pixel.mathtag.com zz.connextra.com
pixel.mathtag.com
3 js.intercomcdn.com widget.intercom.io
3 idsync.rlcdn.com 1 redirects www.nitrocasino.ca
3 p.rfihub.com 2 redirects
3 cm.g.doubleclick.net 3 redirects
3 in.hotjar.com www.nitrocasino.ca
3 fonts.googleapis.com www.nitrocasino.ca
2 match.prod.bidr.io 2 redirects
2 segment.prod.bidr.io 1 redirects www.nitrocasino.ca
2 secure.adnxs.com 1 redirects www.nitrocasino.ca
2 sync-tm.everesttech.net 2 redirects
2 x.bidswitch.net 1 redirects
2 sync.search.spotxchange.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 ps.eyeota.net 1 redirects
2 dpm.demdex.net 1 redirects
2 ib.adnxs.com 1 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 c5.adalyser.com www.nitrocasino.ca
1 api-iam.eu.intercom.io js.intercomcdn.com
1 api.paymentiq.io www.nitrocasino.ca
1 sync.mathtag.com 1 redirects
1 widget.intercom.io 1 redirects
1 beacon.krxd.net www.nitrocasino.ca
1 aa.agkn.com www.nitrocasino.ca
1 partners.tremorhub.com www.nitrocasino.ca
1 x.dlx.addthis.com www.nitrocasino.ca
1 bpi.rtactivate.com www.nitrocasino.ca
1 live.rezync.com 1 redirects
1 bs.serving-sys.com www.nitrocasino.ca
1 contextual.media.net www.nitrocasino.ca
1 pixel.rubiconproject.com www.nitrocasino.ca
1 a.rfihub.com
1 hn.inspectlet.com www.nitrocasino.ca
1 vars.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.nitrocasino.ca
1 20838089p.rfihub.com c1.rfihub.net
1 script.hotjar.com static.hotjar.com
1 c1.rfihub.net www.nitrocasino.ca
1 cdn.inspectlet.com www.nitrocasino.ca
1 static.hotjar.com www.nitrocasino.ca
1 www.googletagmanager.com www.nitrocasino.ca
1 intlsblntrca.nitrocasino.ca www.nitrocasino.ca
1 client.pragmaticplaylive.net www.nitrocasino.ca
1 nitrocasino.ca 1 redirects
78 49

This site contains links to these domains. Also see Links.

Domain
nitrocasino.com
Subject Issuer Validity Valid
*.nitrocasino.ca
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
pragmaticplaylive.net
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
intlsblntrca.nitrocasino.ca
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-09-08 -
2023-09-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.adalyser.com
Thawte RSA CA 2018		 2022-06-10 -
2023-07-11		 a year crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-17 -
2023-06-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.connextra.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-26 -
2023-05-26		 a year crt.sh
*.rfihub.net
Amazon		 2021-12-29 -
2023-01-27		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
bs.serving-sys.com
Amazon		 2022-04-20 -
2023-05-19		 a year crt.sh
rtactivate.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.paymentiq.io
Amazon		 2021-12-23 -
2023-01-21		 a year crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.eu.intercom.io
Amazon		 2022-09-05 -
2023-10-04		 a year crt.sh

This page contains 10 frames:

Primary Page: https://www.nitrocasino.ca/en
Frame ID: 1688A7DC58F61812738C048FBB46B51E
Requests: 48 HTTP requests in this frame

Frame: https://20838089p.rfihub.com/ca.html?ver=9&rb=45721&ca=20838089&_o=45721&_t=20838089&pe=https%3A%2F%2Fwww.nitrocasino.ca%2Fen&pf=&ra=3739689429928481
Frame ID: F1532D43BF4D9CE47791D297C43AAE29
Requests: 19 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
Frame ID: F6A7E0797070DDD903F69EFAB5F7C9AA
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/seg?add=23280880&t=2
Frame ID: 39969FC1375ADEDF270161DAFBF4E95D
Requests: 1 HTTP requests in this frame

Frame: https://zz.connextra.com/sync/data/uid/6c883bd680/aaa06368-aaea-4f00-a708-ed5bcef86647
Frame ID: C289FAADA53253623AED9C0285FC038B
Requests: 1 HTTP requests in this frame

Frame: https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/3964086563855495067
Frame ID: 1C88EC74A15674B54470B49AF9F68EB6
Requests: 1 HTTP requests in this frame

Frame: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-539&value=&_bee_ppp=1
Frame ID: 558E17A84C022B7BAF5914F5D38021DB
Requests: 1 HTTP requests in this frame

Frame: https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAAu8k7G0VYAACCSBFNv3g
Frame ID: 1D22D4F8419034A5AF3736210F1A62E6
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=6a5d6368-aaea-4500-b4a5-fe05d9bd5671&no_iframe=1&mt_adid=239849&source=mathtag
Frame ID: B5064674FA73534921DAC17D0AA622DA
Requests: 2 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.aa3fc0a2.js
Frame ID: 524CBFCB70E7DBB67B6072B67A5EEAF6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NitroCasino.ca - blazing fast online casino.

Page URL History Show full URLs

  1. https://nitrocasino.ca/ HTTP 301
    https://www.nitrocasino.ca/en Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.inspectlet\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/

Page Statistics

78
Requests

81 %
HTTPS

18 %
IPv6

35
Domains

49
Subdomains

39
IPs

4
Countries

1426 kB
Transfer

4984 kB
Size

56
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nitrocasino.ca/ HTTP 301
    https://www.nitrocasino.ca/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=OTc4NDc3NDEwNzMyNTE3NjE3&forward= HTTP 302
  • https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=OTc4NDc3NDEwNzMyNTE3NjE3&forward=&google_tc= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEFCezPQgAS2EI8maqXoyHU8&google_cver=1
Request Chain 28
  • https://ib.adnxs.com/setuid?entity=18&code=978477410732517617 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D978477410732517617
Request Chain 30
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=978477410732517617&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=978477410732517617&redir=
Request Chain 31
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=978477410732517617&bid=omt9pi0 HTTP 302
  • https://ps.eyeota.net/match/bounce/?uid=978477410732517617&bid=omt9pi0
Request Chain 34
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477410732517617&referrer=https%3A%2F%2Fwww.nitrocasino.ca%2Fen HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=1ca0a358-8c20-4293-b24b-9cb7d11ff700%3A1667803882.049698&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D1ca0a358-8c20-4293-b24b-9cb7d11ff700%253A1667803882.049698 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=1ca0a358-8c20-4293-b24b-9cb7d11ff700%3A1667803882.049698 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKjBvmBxxvuZMBhzOoNt0NY&google_cver=1
Request Chain 36
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978477410732517617&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978477410732517617&forward=&C=1
Request Chain 39
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978477410732517617&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978477410732517617&img=1&__user_check__=1&sync_id=9700d136-5e68-11ed-8452-13f2d9420403
Request Chain 43
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=978477410732517617&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=978477410732517617&expires=30
Request Chain 44
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y2iq6gAGKi6cFgAr HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=Y2iq6gAGKi6cFgAr&_test=Y2iq6gAGKi6cFgAr
Request Chain 45
  • https://widget.intercom.io/widget/cskb295h HTTP 302
  • https://js.intercomcdn.com/shim.latest.js
Request Chain 49
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP 302
  • https://zz.connextra.com/sync/data/uid/6c883bd680/aaa06368-aaea-4f00-a708-ed5bcef86647
Request Chain 50
  • https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP 302
  • https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/3964086563855495067
Request Chain 51
  • https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-539&value= HTTP 303
  • https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-539&value=&_bee_ppp=1
Request Chain 52
  • https://match.prod.bidr.io/cookie-sync/geniussports HTTP 303
  • https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1 HTTP 303
  • https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAAu8k7G0VYAACCSBFNv3g

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request en
www.nitrocasino.ca/
Redirect Chain
  • https://nitrocasino.ca/
  • https://www.nitrocasino.ca/en
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d8cd5ee55fc85bae04e9b3b44d24f572891095134a1dc87eb956a1bf42e9fe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
766423cee962c46b-EWR
content-encoding
gzip
content-type
text/html
date
Mon, 07 Nov 2022 06:51:21 GMT
last-modified
Mon, 31 Oct 2022 06:01:51 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=3600
cf-ray
766423ceb90ec46b-EWR
date
Mon, 07 Nov 2022 06:51:20 GMT
expires
Mon, 07 Nov 2022 07:51:20 GMT
location
https://www.nitrocasino.ca/en
server
cloudflare
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		746 B
886 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lilita+One&display=swap
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6630b6cfaf586e37b98dfe0986446c593762961c8407c5da7a997b5a23988a82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 06:51:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 06:40:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Nov 2022 06:51:21 GMT
css2
fonts.googleapis.com/ 		3 KB
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Raleway:wght@600;700&display=swap
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89fd74503d8e87828edc54150f0650dddef91f7d45d740422edc0cac7035911a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 06:51:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 06:51:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Nov 2022 06:51:21 GMT
css2
fonts.googleapis.com/ 		19 KB
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
021180e29cc92285037d179cdfc5afb5d6bb9cf90068d228556e5714b38dbf62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 06:51:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 06:51:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Nov 2022 06:51:21 GMT
fullscreenApi.js
client.pragmaticplaylive.net/desktop/assets/api/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.pragmaticplaylive.net/desktop/assets/api/fullscreenApi.js
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-57.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83844b1cdcc798ae0e9838fc02d4cb31b4dfdd094f23d39eeba5918a228dd167

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sun, 06 Nov 2022 10:04:20 GMT
content-encoding
gzip
via
1.1 eabcac050cde7358c94fc7ecf124ea4a.cloudfront.net (CloudFront)
last-modified
Thu, 03 Nov 2022 06:20:55 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
74822
etag
W/"6466f3a8e95c5accc4528ed58c7c1b1a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=60, public, must-revalidate, proxy-revalidate
x-amz-cf-id
V6DHlUGK-mpFM08bxxt_DQMeOWWJcCDKxjcpKLAqW3-_MEvZviHcEA==
styles.67bdfcd8a0c84d6c74d0.css
www.nitrocasino.ca/ 		110 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nitrocasino.ca/styles.67bdfcd8a0c84d6c74d0.css
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff490369a02c37a4ed3df0cdac988319092ee8f6f905855b9af507735ca40a28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Mon, 31 Oct 2022 06:01:51 GMT
server
cloudflare
content-encoding
gzip
etag
W/"635f64cf-1b782"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
766423d0fbeec46b-EWR
x-xss-protection
1; mode=block
/
intlsblntrca.nitrocasino.ca/v4/html5/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intlsblntrca.nitrocasino.ca/v4/html5/?version=v2
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.206.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-206-229.compute-1.amazonaws.com
Software
Apache /
Resource Hash
38e49fbc7f65ec614292367d8f2c58edfc2be9538404d54dbce38e3fb549c71b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
public
date
Mon, 07 Nov 2022 06:51:21 GMT
server
Apache
content-description
File Transfer
content-type
application/octet-stream
cache-control
must-revalidate
content-disposition
attachment; filename="embed.js"
content-length
19179
expires
0
runtime.b5c298d8746a05795138.js
www.nitrocasino.ca/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nitrocasino.ca/runtime.b5c298d8746a05795138.js
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8dea3cedd37d0a5b7ddd9d66208d2075ec0f282b6f1b17a267ad3216ef55b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Mon, 31 Oct 2022 06:01:51 GMT
server
cloudflare
content-encoding
gzip
etag
W/"635f64cf-c49"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
766423d19cc0c46b-EWR
x-xss-protection
1; mode=block
polyfills.3129774a1216ec64e566.js
www.nitrocasino.ca/ 		239 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f8d0dae16465d107bb632f64ec82de6380208eda4d5f641098151ec9b51cab7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Mon, 31 Oct 2022 06:01:51 GMT
server
cloudflare
content-encoding
gzip
etag
W/"635f64cf-3bd82"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
766423d19cc1c46b-EWR
x-xss-protection
1; mode=block
scripts.165589be2078df8b03e1.js
www.nitrocasino.ca/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nitrocasino.ca/scripts.165589be2078df8b03e1.js
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69c6c7826eeae57a0d3533bf29dd0a56b7edab56bdebda56684bcae32e44ec07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Mon, 31 Oct 2022 06:01:51 GMT
server
cloudflare
content-encoding
gzip
etag
W/"635f64cf-fd6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
766423d19cc3c46b-EWR
x-xss-protection
1; mode=block
main.6daca8c20bc17744f0fe.js
www.nitrocasino.ca/ 		3 MB
698 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nitrocasino.ca/main.6daca8c20bc17744f0fe.js
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
442aa09567fb82891ead2ee7334974050a4e57f11f4f5f1ad824ef80ec1f57ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Mon, 31 Oct 2022 06:01:51 GMT
server
cloudflare
content-encoding
gzip
etag
W/"635f64cf-2bfece"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
766423d19cc4c46b-EWR
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		263 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNTTRFL
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7fbff53b1aa8d8a4ed1596a5a61ea65f10e4efb20203aa768c33795326d547b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85054
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Nov 2022 06:51:21 GMT
adalyser.js
c5.adalyser.com/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c5.adalyser.com/adalyser.js?cid=nitrocasino
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.94.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-94-180.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
ff96aff83ec7f9a4d67cd4c2aa0e29987ebb18a9c60e82ab9193da458523bec3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:21 GMT
content-encoding
gzip
x-powered-by
Express
etag
"1a89733d9c93c7da9e9db75c1b0097244170f3fa"
p3p
CP="ADMa OUR IND DSP NON COR"
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=21600
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
11224
hotjar-3170631.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3170631.js?sv=6
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-101.jfk50.r.cloudfront.net
Software
/
Resource Hash
ccc94f4adba7d444d99b8715c744d5d710e291f527ee632b542b6633f22687d0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:21 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/3c6bb4f9220b2ff7bfceed49bdfe6bf1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
aH-gEAnmeUG2XMTNoT5C5vh0mTkfWyd_esHss5HMZdjcq4mBAepgeA==
inspectlet.js
cdn.inspectlet.com/ 		188 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inspectlet.com/inspectlet.js?wid=264295737&r=463278
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:aac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:21 GMT
via
1.1 vegur
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Mon, 07 Nov 2022 06:32:15 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
s-maxage=60, max-age=14400
cf-ray
766423d31a0f715a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i7dPIFZ9Zz-WBtRtedDbYEF8RQ.woff2
fonts.gstatic.com/s/lilitaone/v13/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lilitaone/v13/i7dPIFZ9Zz-WBtRtedDbYEF8RQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lilita+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2575d4fa3632580aafcbcdf6978b3b57e144b90cf5bd9c2c98194f28b869704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nitrocasino.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:30:06 GMT
x-content-type-options
nosniff
age
307275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10672
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:45:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Nov 2023 17:30:06 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNTTRFL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Nov 2022 06:34:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
983
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 07 Nov 2022 08:34:58 GMT
homepage
zz.connextra.com/dcs/tagController/tag/3b78db34ae68/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zz.connextra.com/dcs/tagController/tag/3b78db34ae68/homepage
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNTTRFL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.197.94 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-197-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3be3bbff46e01281a1711efdecd2575c593c6f0756c21d7d2151d4bd97b352a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
text/javascript;charset=utf-8
date
Mon, 07 Nov 2022 06:51:21 GMT
content-encoding
gzip
cache-control
must-revalidate, max-age=300
content-length
16587
vary
Accept-Encoding
expires
Mon, 07 Nov 2022 06:56:21 GMT
tc.min.js
c1.rfihub.net/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:fc00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:22:38 GMT
content-encoding
gzip
via
1.1 8ee187646f657ced7afa83005e9249cc.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 06:22:28 GMT
server
Jetty(9.3.29.v20201019)
x-amz-cf-pop
JFK50-P4
age
1723
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
fYLkvmpWVdxozX-rqHptRxYh-YaE9iOS5L_dl6-bOAM1Fx4E-Xpptw==
expires
Mon, 07 Nov 2022 07:22:38 GMT
modules.f1e65ef904544a33c6d0.js
script.hotjar.com/ 		262 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.f1e65ef904544a33c6d0.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3170631.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
/
Resource Hash
bd411c282a41f2967f5db7ec0b4c9d8ea6eb6b95b26b5507f2889c8c37fd8043
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 12:22:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3b0649a8bee506c1d7498462d39e6c44.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
239354
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68402
last-modified
Fri, 04 Nov 2022 12:21:18 GMT
etag
"0f58b5937c38edb646c879633af2ba34"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
DRPw-sQhRGFbIdDBJNReIncdZZ9XnpI9wKA2Qr9nKCckxHIztd_wPA==
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=999618908&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nitrocasino.ca%2Fen&ul=en-us&de=UTF-8&dt=NitroCasino.ca&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=582688112&gjid=603872629&cid=1018384978.1667803882&tid=UA-157166516-1&_gid=690173413.1667803882&_r=1&gtm=2wgb20WNTTRFL&z=210061838
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 06:51:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nitrocasino.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca.html
20838089p.rfihub.com/ Frame F153 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20838089p.rfihub.com/ca.html?ver=9&rb=45721&ca=20838089&_o=45721&_t=20838089&pe=https%3A%2F%2Fwww.nitrocasino.ca%2Fen&pf=&ra=3739689429928481
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.38.167.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
81adcc68b11f88130bb6ffa14a8203ba37e104af136598acc2b74980bbbb9563

Request headers

Referer
https://www.nitrocasino.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
2598
Content-Type
text/html;charset=utf-8
Date
Mon, 07 Nov 2022 06:51:21 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
collect
stats.g.doubleclick.net/j/ 		1 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-157166516-1&cid=1018384978.1667803882&jid=582688112&gjid=603872629&_gid=690173413.1667803882&_u=YEBAAEAAAAAAACAAI~&z=1454988207
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 07 Nov 2022 06:51:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nitrocasino.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-c6ca1c87e308a39aabb76b56ba54398b.html
vars.hotjar.com/ Frame F6A7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3170631.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-58.jfk50.r.cloudfront.net
Software
/
Resource Hash
a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://www.nitrocasino.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
239354
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 04 Nov 2022 12:22:07 GMT
etag
"b6d25d1350d6a014d80689f389e76f97"
last-modified
Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 bd83fc15ab125846f839dd3c1ad21462.cloudfront.net (CloudFront)
x-amz-cf-id
5tgj4NnxkZ2-CgEBtjZp08FyZqrCCFZSXejLT-hq3kw04rWHwnclWA==
x-amz-cf-pop
JFK50-P4
x-cache
Hit from cloudfront
x-robots-tag
none
en.json
www.nitrocasino.ca/languages/NCA/ 		56 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nitrocasino.ca/languages/NCA/en.json?cb=1667803881763
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1523633a252b8730c2e92a04fd8244ab45847f6145f349eb64c2127b1f17c5d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.nitrocasino.ca/en
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
last-modified
Thu, 20 Oct 2022 05:16:56 GMT
server
cloudflare
content-encoding
gzip
etag
W/"6350d9c8-df61"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/json
cf-ray
766423d518cfc46b-EWR
x-xss-protection
1; mode=block, 1; mode=block
visit-data
in.hotjar.com/api/v2/client/sites/3170631/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/3170631/visit-data?sv=6
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.106.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-106-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
23084b00ffe368652957dcb8afc244c1c432069472e90048b07634fccd27440b

Request headers

Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 06:51:22 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
264295737
hn.inspectlet.com/ginit/ 		26 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hn.inspectlet.com/ginit/264295737
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:aac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d0b1cb1455ecf8ab5a7eb203460cc7ff790df097c5907eb3d27ff7344282517e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 06:51:21 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"1a-SbP85p8orEJpLUh6vRJ6Iw"
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nitrocasino.ca
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
766423d5dcdf715a-YUL
access-control-allow-headers
X-Requested-With, Content-Type
content-length
26
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p
c5.adalyser.com/tracking/track/v3/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c5.adalyser.com/tracking/track/v3/p?stm=1667803881891&e=lce1&url=https%3A%2F%2Fwww.nitrocasino.ca%2Fen&cid=nitrocasino&p=%7B%22a4%22%3A%22www.nitrocasino.ca%22%2C%22et%22%3A1667803881888%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Direct%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22direct%22%2C%22me%22%3A%22none%22%2C%22ca%22%3A%22direct%22%2C%22co%22%3A%22(not%20set)%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A%221%22%2C%22sid%22%3A%2203f27047-0e49-4e61-8769-0534460ee9ea%22%2C%22duid%22%3A%22c22f9659-1750-425f-a6be-fb335432450c%22%2C%22cw%22%3A1667803881888%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36&domain=www.nitrocasino.ca
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.94.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-94-180.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 06:51:21 GMT
x-powered-by
Express
etag
W/"2b-B//0C13UlayirE4cP7xgqg"
p3p
CP="ADMa OUR IND DSP NON COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
43
expires
0
cm
a.rfihub.com/ Frame F153
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=OTc4NDc3NDEwNzMyNTE3NjE3&forward=
  • https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=OTc4NDc3NDEwNzMyNTE3NjE3&forward=&google_tc=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEFCezPQgAS2EI8maqXoyHU8&google_cver=1
42 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEFCezPQgAS2EI8maqXoyHU8&google_cver=1
Protocol
HTTP/1.1
Server
199.38.167.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 07 Nov 2022 06:51:23 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 06:51:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEFCezPQgAS2EI8maqXoyHU8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame F153
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=18&code=978477410732517617
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D978477410732517617
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D978477410732517617
Protocol
HTTP/1.1
Server
68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 06:51:22 GMT
AN-X-Request-Uuid
03fe95ac-d194-4fa0-8dd3-07252c9e6290
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 06:51:21 GMT
AN-X-Request-Uuid
4c8fceca-853f-4387-9867-78025196bcf9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D978477410732517617
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame F153 		42 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=978477410732517617&
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
demconf.jpg
dpm.demdex.net/ Frame F153
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=978477410732517617&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=978477410732517617&redir=
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=978477410732517617&redir=
Protocol
HTTP/1.1
Server
52.203.222.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-222-38.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v044-0ba00a715.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4U1I2rimRkQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-2-v044-0b491a7f9.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
cOeGEzxGSco=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=978477410732517617&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
ps.eyeota.net/match/bounce/ Frame F153
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=978477410732517617&bid=omt9pi0
  • https://ps.eyeota.net/match/bounce/?uid=978477410732517617&bid=omt9pi0
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?uid=978477410732517617&bid=omt9pi0
Protocol
HTTP/1.1
Server
50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-174-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 07 Nov 2022 06:51:22 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?uid=978477410732517617&bid=omt9pi0
Date
Mon, 07 Nov 2022 06:51:22 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
cksync.php
contextual.media.net/ Frame F153 		45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=978477410732517617
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 07 Nov 2022 06:51:22 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 07 Nov 2022 06:51:22 GMT
serving
bs.serving-sys.com/ Frame F153 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.37.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-37-176.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:22 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
0
p3p
CP="NOI DEVa OUR BUS UNI"
362358.gif
idsync.rlcdn.com/ Frame F153
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978477410732517617&referrer=https%3A%2F%2Fwww.nitrocasino.ca%2Fen
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=1ca0a358-8c20-4293-b24b-9cb7d11ff700%3A1667803882.049698&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D1ca0a358-8c20-4293-b24b-9cb7d11f...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=1ca0a358-8c20-4293-b24b-9cb7d11ff700%3A1667803882.049698
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKjBvmBxxvuZMBhzOoNt0NY&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKjBvmBxxvuZMBhzOoNt0NY&google_cver=1
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:22 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 07 Nov 2022 06:51:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKjBvmBxxvuZMBhzOoNt0NY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
bpi.rtactivate.com/tag/ Frame F153 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=978477410732517617
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.72.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-72-99.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:22 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame F153
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978477410732517617&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978477410732517617&forward=&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=978477410732517617&forward=&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 06:51:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 06:51:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=57&external_user_id=978477410732517617&forward=&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
360947.gif
idsync.rlcdn.com/ Frame F153 		42 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=978477410732517617
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:22 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
rocketfuel_sync
x.dlx.addthis.com/e/ Frame F153 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=978477410732517617
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.56.183 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-56-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Mon, 07 Nov 2022 06:51:22 GMT
pragma
no-cache
date
Mon, 07 Nov 2022 06:51:22 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame F153
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978477410732517617&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978477410732517617&img=1&__user_check__=1&sync_id=9700d136-5e68-11ed-8452-13f2d9420403
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=978477410732517617&img=1&__user_check__=1&sync_id=9700d136-5e68-11ed-8452-13f2d9420403
Protocol
H2
Server
192.35.249.138 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:22 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
301
content-length
43

Redirect headers

date
Mon, 07 Nov 2022 06:51:22 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
/partner?adv_id=7180&uid=978477410732517617&img=1&__user_check__=1&sync_id=9700d136-5e68-11ed-8452-13f2d9420403
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
404
content-length
0
sync
partners.tremorhub.com/ Frame F153 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=978477410732517617&r=OR52rJC7KJLm
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:6c23:5a2c:6d97:91e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 07 Nov 2022 06:51:22 GMT
server
Apache-Coyote/1.1
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame F153 		43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=978477410732517617
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-90.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 06:51:22 GMT
via
1.1 d3fbeb74a503a5fcf3e4ca458c365012.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
Ux2XqEnf1j4wNFMrvt2TxbugyMjQVMOjYhL99isTJsQSfYoSDUE4Rw==
expires
0
usermatch.gif
beacon.krxd.net/ Frame F153 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=978477410732517617
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.103.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-103-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by
beacon-n032-ash-prod.krxd.net
date
Mon, 07 Nov 2022 06:51:22 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1667803882
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/ Frame F153
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=978477410732517617&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=978477410732517617&expires=30
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=978477410732517617&expires=30
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 06:51:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=978477410732517617&expires=30
Date
Mon, 07 Nov 2022 06:51:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cm
p.rfihub.com/ Frame F153
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y2iq6gAGKi6cFgAr
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=Y2iq6gAGKi6cFgAr&_test=Y2iq6gAGKi6cFgAr
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y2iq6gAGKi6cFgAr&_test=Y2iq6gAGKi6cFgAr
Protocol
HTTP/1.1
Server
199.38.167.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://20838089p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 07 Nov 2022 06:51:22 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-yul12821-YUL
pragma
no-cache
date
Mon, 07 Nov 2022 06:51:22 GMT
via
1.1 varnish
server
Varnish
x-timer
S1667803882.212830,VS0,VE0
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y2iq6gAGKi6cFgAr&_test=Y2iq6gAGKi6cFgAr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/cskb295h
  • https://js.intercomcdn.com/shim.latest.js
18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
13.33.60.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-4.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bf42094bd9a856755c18109acf000feb75038f6f6311a65398d41c2318a81bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
rGri4bR_O.4fV9NZx6oNJgUL07ChRcWF
content-encoding
gzip
via
1.1 d13d8a0a456d6aa0acf023a1e3acb2be.cloudfront.net (CloudFront)
date
Mon, 07 Nov 2022 06:48:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
EWR52-C1
age
202
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
6171
last-modified
Fri, 04 Nov 2022 17:12:57 GMT
server
AmazonS3
etag
"df998c9c12d23fa54da39a042e780ebf"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
Gp2cg9D2pAf_WYhwQXiy5KPb0cOrdp6wUfcdSkJ-O_EkLCNBosasfA==

Redirect headers

date
Sun, 06 Nov 2022 00:39:01 GMT
via
1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
108742
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
AW2xXsetHpOCEWW_gn2ue17l6d9XDqO4L0DdZIfiMsj1FaNZXNlpvg==
3b78db34ae68
zz.connextra.com/NitroCasino/dcs/tagController/tagData/ 		0
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zz.connextra.com/NitroCasino/dcs/tagController/tagData/3b78db34ae68
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.197.94 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-197-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 06:51:22 GMT
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.nitrocasino.ca
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Mon, 07 Nov 2022 06:51:22 GMT
js
pixel.mathtag.com/event/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1492091&mt_adid=239849&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by
Host: zz.connextra.com
URL: https://zz.connextra.com/dcs/tagController/tag/3b78db34ae68/homepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.211 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-211.deploy.static.akamaitechnologies.com
Software
MT3 4629 97bee97 master iad-pixel-x7 config:1.0.0 /
Resource Hash
e31a2d1f565de5be9f1a6d96ae83da3e1408bb7031121c0dfc9d98cc91f73065

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 06:51:22 GMT
Server
MT3 4629 97bee97 master iad-pixel-x7 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1493
Expires
Mon, 07 Nov 2022 06:51:21 GMT
seg
secure.adnxs.com/ Frame 3996 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=23280880&t=2
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Newark, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 06:51:22 GMT
AN-X-Request-Uuid
556e29ad-2176-4b6f-9d3a-a6f32edad3de
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
aaa06368-aaea-4f00-a708-ed5bcef86647
zz.connextra.com/sync/data/uid/6c883bd680/ Frame C289
Redirect Chain
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
  • https://zz.connextra.com/sync/data/uid/6c883bd680/aaa06368-aaea-4f00-a708-ed5bcef86647
43 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zz.connextra.com/sync/data/uid/6c883bd680/aaa06368-aaea-4f00-a708-ed5bcef86647
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Server
23.0.197.94 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-197-94.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 06:51:22 GMT
content-encoding
gzip
server
istio-envoy
vary
accept-encoding
content-type
image/gif
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
cache-control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
1
content-length
64
expires
Mon, 07 Nov 2022 06:51:22 GMT

Redirect headers

Date
Mon, 07 Nov 2022 06:51:22 GMT
Server
MT3 4629 97bee97 master iad-pixel-x1 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://zz.connextra.com/sync/data/uid/6c883bd680/aaa06368-aaea-4f00-a708-ed5bcef86647
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 07 Nov 2022 06:51:21 GMT
3964086563855495067
zz.connextra.com/sync/data/uid/3bc1d7fd2e/ Frame 1C88
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
  • https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/3964086563855495067
43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/3964086563855495067
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Server
23.0.197.94 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-197-94.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 06:51:22 GMT
content-encoding
gzip
server
istio-envoy
vary
accept-encoding
content-type
image/gif
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
cache-control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
1
content-length
64
expires
Mon, 07 Nov 2022 06:51:22 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Nov 2022 06:51:22 GMT
AN-X-Request-Uuid
bc67b7d6-9d03-4f20-bfc7-7843a5c7861b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/3964086563855495067
Connection
keep-alive
X-Proxy-Origin
149.56.153.184; 149.56.153.184; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
associate-segment
segment.prod.bidr.io/ Frame 558E
Redirect Chain
  • https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-539&value=
  • https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-539&value=&_bee_ppp=1
43 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-539&value=&_bee_ppp=1
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
HTTP/1.1
Server
54.165.211.179 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-211-179.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 07 Nov 2022 06:51:22 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-539&value=&_bee_ppp=1
Date
Mon, 07 Nov 2022 06:51:22 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
AAAu8k7G0VYAACCSBFNv3g
zz.connextra.com/sync/data/uid/508a5e2dd5/ Frame 1D22
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/geniussports
  • https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
  • https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAAu8k7G0VYAACCSBFNv3g
43 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAAu8k7G0VYAACCSBFNv3g
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/en
Protocol
H2
Server
23.0.197.94 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-197-94.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Nov 2022 06:51:22 GMT
content-encoding
gzip
server
istio-envoy
vary
accept-encoding
content-type
image/gif
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
cache-control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
1
content-length
64
expires
Mon, 07 Nov 2022 06:51:22 GMT

Redirect headers

location
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAAu8k7G0VYAACCSBFNv3g
Date
Mon, 07 Nov 2022 06:51:22 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
100118008
api.paymentiq.io/paymentiq/api/viq/jscardencrypter/ 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.paymentiq.io/paymentiq/api/viq/jscardencrypter/100118008
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/main.6daca8c20bc17744f0fe.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.78.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a919daa9564471cec.awsglobalaccelerator.com
Software
/
Resource Hash
0734697543bd694d6f0e1fb7c141866fcb21d2a0514b48c215c9eec2c6e8dfc8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 06:51:22 GMT
content-encoding
gzip
Connection
keep-alive
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript;charset=utf-8
countryBlock
service.nitrocasino.ca/ajax/country/ 		394 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.nitrocasino.ca/ajax/country/countryBlock
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56ec713489b8a8c4cd1a3a75e920a7a359e43445cb2c5e78de812b84f9523b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.nitrocasino.ca
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
766423d75b72c46b-EWR
access-control-allow-headers
X-Request-ID,X-REQ-ID
expires
Thu, 19 Nov 1981 08:52:00 GMT
status
service.nitrocasino.ca/ajax/login/ 		394 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.nitrocasino.ca/ajax/login/status
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56ec713489b8a8c4cd1a3a75e920a7a359e43445cb2c5e78de812b84f9523b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.nitrocasino.ca
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
766423d75b77c46b-EWR
access-control-allow-headers
X-Request-ID,X-REQ-ID
expires
Thu, 19 Nov 1981 08:52:00 GMT
getPage
service.nitrocasino.ca/ajax/staticPage/ 		394 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.nitrocasino.ca/ajax/staticPage/getPage?language=en&urlPath=footer&languageId=en
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56ec713489b8a8c4cd1a3a75e920a7a359e43445cb2c5e78de812b84f9523b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.nitrocasino.ca
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
766423d75b7cc46b-EWR
access-control-allow-headers
X-Request-ID,X-REQ-ID
expires
Thu, 19 Nov 1981 08:52:00 GMT
getCountryDetails
service.nitrocasino.ca/ajax/profile/ 		394 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.nitrocasino.ca/ajax/profile/getCountryDetails
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56ec713489b8a8c4cd1a3a75e920a7a359e43445cb2c5e78de812b84f9523b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.nitrocasino.ca
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
766423d76b85c46b-EWR
access-control-allow-headers
X-Request-ID,X-REQ-ID
expires
Thu, 19 Nov 1981 08:52:00 GMT
igaming-logo.png
service.nitrocasino.ca/uploads/media/NCA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://service.nitrocasino.ca/uploads/media/NCA/igaming-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5775fa90c7ed288c202a744374fb22b29e1a86a5ecbd815eee9825c8a2abf50a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
age
1405
content-length
1617
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Wed, 10 Aug 2022 14:28:56 GMT
server
cloudflare
etag
"62f3c0a8-651"
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
766423d77b9ac46b-EWR
getLobbyGameGroupGames
service.nitrocasino.ca/ajax/game/ 		394 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.nitrocasino.ca/ajax/game/getLobbyGameGroupGames?language=en
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56ec713489b8a8c4cd1a3a75e920a7a359e43445cb2c5e78de812b84f9523b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.nitrocasino.ca
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
766423d79ba4c46b-EWR
access-control-allow-headers
X-Request-ID,X-REQ-ID
expires
Thu, 19 Nov 1981 08:52:00 GMT
nitrocasino-logo.png
www.nitrocasino.ca/assets/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nitrocasino.ca/assets/img/nitrocasino-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d524bc20fb2fa52db8097e3f7650e15bd2b231501be79b09dbb527255a587258
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Mon, 31 Oct 2022 05:49:57 GMT
server
cloudflare
etag
"635f6205-425f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
766423d79baec46b-EWR
content-length
16991
x-xss-protection
1; mode=block
iframe
pixel.mathtag.com/sync/ Frame B506 		713 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=6a5d6368-aaea-4500-b4a5-fe05d9bd5671&no_iframe=1&mt_adid=239849&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1492091&mt_adid=239849&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.211 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-211.deploy.static.akamaitechnologies.com
Software
MT3 4629 97bee97 master iad-pixel-x5 config:1.0.0 /
Resource Hash
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da

Request headers

Referer
https://www.nitrocasino.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
713
Content-Type
text/html
Date
Mon, 07 Nov 2022 06:51:22 GMT
Expires
Mon, 07 Nov 2022 06:51:21 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4629 97bee97 master iad-pixel-x5 config:1.0.0
frame-modern.aa3fc0a2.js
js.intercomcdn.com/ Frame 524C 		446 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.aa3fc0a2.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/cskb295h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.33.60.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-4.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39905accb489681852b8e38f48df08d72244a6a68b232ee25568701d5c64b06a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
via
1.1 d4cdd862c8bc0148f37b685614031cf4.cloudfront.net (CloudFront)
x-amz-version-id
61tjFF5s6hMiUOnLyqHb0OExPzqv9jZh
date
Mon, 07 Nov 2022 05:13:01 GMT
x-amz-cf-pop
EWR52-C1
age
5902
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
124403
last-modified
Fri, 04 Nov 2022 17:11:25 GMT
server
AmazonS3
etag
"eda1b9baf1fe31ef86c766181ba7507e"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
NfKuRhHvokmp5e5NEPLJ2SC66AJw8UUOsljIjnF3ZiM23SIgyZeaEA==
vendor-modern.89e225e9.js
js.intercomcdn.com/ Frame 524C 		236 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.89e225e9.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/cskb295h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.33.60.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-4.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fbd91f54cbcf754eb07aedda60473dc7924e388479cb24284613b5fccf2e15e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
via
1.1 d4cdd862c8bc0148f37b685614031cf4.cloudfront.net (CloudFront)
x-amz-version-id
rWthdkK3D73Pp6T1ddA5OwH_NDUx57Af
date
Mon, 07 Nov 2022 06:13:12 GMT
x-amz-cf-pop
EWR52-C1
age
2291
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
74257
last-modified
Fri, 04 Nov 2022 17:11:25 GMT
server
AmazonS3
etag
"a05f63df8461cf4480503d375a8242db"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
FJpvjLmkFH9rFV3NvzwjkRL9UCcRuyODg9fX1G0s4Popkuhr24Ur_g==
img
pixel.mathtag.com/comp/ 		0
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.211 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-211.deploy.static.akamaitechnologies.com
Software
MT3 4629 97bee97 master iad-pixel-x19 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 06:51:22 GMT
Server
MT3 4629 97bee97 master iad-pixel-x19 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 07 Nov 2022 06:51:21 GMT
img
pixel.mathtag.com/comp/ Frame B506 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=6a5d6368-aaea-4500-b4a5-fe05d9bd5671&no_iframe=1&mt_adid=239849&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.211 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-211.deploy.static.akamaitechnologies.com
Software
MT3 4629 97bee97 master iad-pixel-x3 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=6a5d6368-aaea-4500-b4a5-fe05d9bd5671&no_iframe=1&mt_adid=239849&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 06:51:22 GMT
Server
MT3 4629 97bee97 master iad-pixel-x3 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 07 Nov 2022 06:51:21 GMT
visit-data
in.hotjar.com/api/v2/client/sites/3170631/ 		147 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/3170631/visit-data?sv=6
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.106.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-106-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
23084b00ffe368652957dcb8afc244c1c432069472e90048b07634fccd27440b

Request headers

Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 06:51:22 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
ping
api-iam.eu.intercom.io/messenger/web/ Frame 524C 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.eu.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.aa3fc0a2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.125.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-125-240.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
92fe51c69b68c6765e5572003a9b7fb6dfc2c54dd5c036ebccae1eb81ca1c4a7
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 07 Nov 2022 06:51:22 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-01c59014bbec44eaa
status
200 OK
x-xss-protection
1; mode=block
x-request-id
001rptl1d0dplsjcn7pg
x-runtime
0.237659
server
nginx
etag
W/"92fe51c69b68c6765e5572003a9b7fb6"
x-ratelimit-remaining
13332
vary
Accept,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nitrocasino.ca
x-intercom-version
d8a7e8959e007ceaac585b7b3c11c34882226b79
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1667803890
x-ratelimit-limit
13333
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
getBanners
service.nitrocasino.ca/ajax/banner/ 		394 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.nitrocasino.ca/ajax/banner/getBanners?zoneId=8&affiliateId=0&languageId=en&language=en
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56ec713489b8a8c4cd1a3a75e920a7a359e43445cb2c5e78de812b84f9523b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.nitrocasino.ca
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
766423dd8b1ac46b-EWR
access-control-allow-headers
X-Request-ID,X-REQ-ID
expires
Thu, 19 Nov 1981 08:52:00 GMT
getBanners
service.nitrocasino.ca/ajax/banner/ 		394 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.nitrocasino.ca/ajax/banner/getBanners?zoneId=1&affiliateId=0&languageId=en&language=en
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56ec713489b8a8c4cd1a3a75e920a7a359e43445cb2c5e78de812b84f9523b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.nitrocasino.ca
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
766423dd8b21c46b-EWR
access-control-allow-headers
X-Request-ID,X-REQ-ID
expires
Thu, 19 Nov 1981 08:52:00 GMT
getLobbyListWithGameGroups
service.nitrocasino.ca/ajax/game/ 		0
0
chat-icon.png
www.nitrocasino.ca/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nitrocasino.ca/assets/img/chat-icon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a2546cd866b9d8406d7c98f1dc6d3da19bb60c1f1c64ae38c46bbab4cee8c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Mon, 31 Oct 2022 05:49:57 GMT
server
cloudflare
etag
"635f6205-8bd"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
766423dd9b2bc46b-EWR
content-length
2237
x-xss-protection
1; mode=block
payment-CA.png
service.nitrocasino.ca/uploads/media/NCA/homepage-banners/new-ui-banners/payment-providers/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://service.nitrocasino.ca/uploads/media/NCA/homepage-banners/new-ui-banners/payment-providers/payment-CA.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.nitrocasino.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v21/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nitrocasino.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 31 Oct 2022 21:14:25 GMT
x-content-type-options
nosniff
age
553018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33580
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 21:14:25 GMT
status
service.nitrocasino.ca/ajax/login/ 		394 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.nitrocasino.ca/ajax/login/status
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56ec713489b8a8c4cd1a3a75e920a7a359e43445cb2c5e78de812b84f9523b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.nitrocasino.ca
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
766423ddbb4bc46b-EWR
access-control-allow-headers
X-Request-ID,X-REQ-ID
expires
Thu, 19 Nov 1981 08:52:00 GMT
getPage
service.nitrocasino.ca/ajax/staticPage/ 		394 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.nitrocasino.ca/ajax/staticPage/getPage?language=en&urlPath=footer&languageId=en
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.220 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56ec713489b8a8c4cd1a3a75e920a7a359e43445cb2c5e78de812b84f9523b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 06:51:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.nitrocasino.ca
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
766423ddbb4fc46b-EWR
access-control-allow-headers
X-Request-ID,X-REQ-ID
expires
Thu, 19 Nov 1981 08:52:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/3170631/ 		147 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/3170631/visit-data?sv=6
Requested by
Host: www.nitrocasino.ca
URL: https://www.nitrocasino.ca/polyfills.3129774a1216ec64e566.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.106.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-106-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
23084b00ffe368652957dcb8afc244c1c432069472e90048b07634fccd27440b

Request headers

Referer
https://www.nitrocasino.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 07 Nov 2022 06:51:23 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
service.nitrocasino.ca
URL
https://service.nitrocasino.ca/ajax/game/getLobbyListWithGameGroups?languageId=en

Verdicts & Comments Add Verdict or Comment

280 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| global object| Buffer object| process function| _0x24d3 function| _0x293b function| PPFullscreenComponent object| fs object| google_tag_manager object| google_tag_data object| __insp object| GlobalAdalyserNamespace function| adalyserTracker function| hj object| _hjSettings object| intercomSettings function| Intercom number| __inspld object| canvas object| ctx number| x number| y number| radius number| angleStart number| angleEnd object| gradient object| _0xc49e function| _0xe54c function| postBack function| gotErrorWrap function| gotPositionWrap function| lshtml5 function| stopWatch string| GoogleAnalyticsObject function| ga function| _rfi object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| webpackJsonp object| gaplugins object| gaGlobal object| gaData function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP object| __core-js_shared__ object| core object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__setImmediate function| __zone_symbol__clearImmediate function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| __zone_symbol__legacyPatch object| _0x3564 function| _0x1e91 function| _0x4afa31 object| lsdp function| tmx_profiling_complete function| jQuery function| $ function| moment object| __zone_symbol__beforeunloadfalse object| __zone_symbol__loadfalse function| _PaymentIQCashier function| _PaymentIQCashierReset object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| __zone_symbol__ON_PROPERTYmessage object| __zone_symbol__messagefalse object| cxt_conf object| cxt_mod_shared_scope function| cxtdcs function| cxtdcs_pt object| Base64i function| $i function| __insp_ object| __inspcr object| __inspm object| __inspq object| __zone_symbol__messagetrue function| setZeroTimeout object| __inspels function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse function| adalyserModules function| trackerCore function| rng object| _rnds8 undefined| _rnds function| parse function| unparse function| v1 function| v4 object| _byteToHex object| _hexToByte object| _seedBytes object| _nodeId number| _clockseq number| _lastMSecs number| _lastNSecs function| uuid string| queueName function| queue object| mutState object| AdalyserTracker object| __zone_symbol__resizefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__orientationchangefalse object| __zone_symbol__scrollfalse boolean| prerenderReady function| MtBts function| metric function| __intercomAssignLocation function| encryptData object| JSEncryptExports function| JSEncrypt object| __zone_symbol__mousemovefalse object| KJUR object| Hex object| Base64 function| ASN1 function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

56 Cookies

Domain/Path Name / Value
.nitrocasino.ca/ Name: _ga
Value: GA1.2.1018384978.1667803882
.nitrocasino.ca/ Name: _gid
Value: GA1.2.690173413.1667803882
.nitrocasino.ca/ Name: _gat_UA-157166516-1
Value: 1
.nitrocasino.ca/ Name: _hjSessionUser_3170631
Value: eyJpZCI6IjkyMzM4OWFkLTc3ZDQtNWEyYi04MjEzLWJlMTE3ZDY0YWEzMyIsImNyZWF0ZWQiOjE2Njc4MDM4ODE4MzQsImV4aXN0aW5nIjpmYWxzZX0=
.nitrocasino.ca/ Name: _hjFirstSeen
Value: 1
www.nitrocasino.ca/ Name: _hjIncludedInSessionSample
Value: 0
.nitrocasino.ca/ Name: _hjSession_3170631
Value: eyJpZCI6IjUxY2ZiZmI3LTJiNDQtNDQ3Yy1iNDExLWU5NjU4MTdkMTM0MiIsImNyZWF0ZWQiOjE2Njc4MDM4ODE4NTIsImluU2FtcGxlIjpmYWxzZX0=
www.nitrocasino.ca/ Name: _hjIncludedInPageviewSample
Value: 1
.nitrocasino.ca/ Name: _hjAbsoluteSessionInProgress
Value: 0
.nitrocasino.ca/ Name: __insp_wid
Value: 264295737
.nitrocasino.ca/ Name: __insp_slim
Value: 1667803881878
.nitrocasino.ca/ Name: __insp_nv
Value: true
.nitrocasino.ca/ Name: __insp_targlpu
Value: aHR0cHM6Ly93d3cubml0cm9jYXNpbm8uY2EvZW4%3D
.nitrocasino.ca/ Name: __insp_targlpt
Value: Tml0cm9DYXNpbm8uY2E%3D
.nitrocasino.ca/ Name: __adal_ses
Value: *
.nitrocasino.ca/ Name: __adal_id
Value: c22f9659-1750-425f-a6be-fb335432450c.1667803882.1.1667803882.1667803882.03f27047-0e49-4e61-8769-0534460ee9ea
.nitrocasino.ca/ Name: __adal_ca
Value: so%3Ddirect%26me%3Dnone%26ca%3Ddirect%26co%3D%28not%2520set%29%26ke%3D%28not%2520set%29%26cg%3DDirect
.nitrocasino.ca/ Name: __adal_cw
Value: 1667803881888
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE0MDc2MjU0NzM0F-Iz1HUsjvQozUtOy0w2zAIA9zRjGiQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE0MDc2MjU0NzM0F-Iz1HUsjvQozUtOy0w2zAIA9zRjGiQAAAA
.nitrocasino.ca/ Name: __insp_norec_sess
Value: true
.adnxs.com/ Name: uuid2
Value: 3964086563855495067
.casalemedia.com/ Name: CMID
Value: Y2iq6seBdEMs.JBX5v2OLQAA
.casalemedia.com/ Name: CMPS
Value: 1262
.casalemedia.com/ Name: CMPRO
Value: 1262
.media.net/ Name: visitor-id
Value: 3108054821455269000V10
.media.net/ Name: data-rk
Value: 978477410732517617~~3
.demdex.net/ Name: demdex
Value: 05361872700819577250791739616744780680
.rubiconproject.com/ Name: khaos
Value: LA6FDBGF-1L-EY15
.rubiconproject.com/ Name: audit
Value: 1|nvV97e9IbwTEZsE9nV+O3u3JZRKTRtCF5JXJ8oSCiDceECEUBMheihMse4Mx+QAkn4KqZmiF1+MwHTRO1/p4iHtpUhum9g902C0P9eFnaL7WsSZQ5MMh+bBBH7L8T5gjzGdAtk7a1yFHmZ36iwrcj30Dfo43Aqo9
.adnxs.com/ Name: anj
Value: dTM7k!M4/8D>6NRF']wIg2E>5u!MZA!fss0=Ir4A3KL9D3I?-rR]Rn/
.dpm.demdex.net/ Name: dpm
Value: 05361872700819577250791739616744780680
.rezync.com/ Name: zync-uuid
Value: 1ca0a358-8c20-4293-b24b-9cb7d11ff700:1667803882.049698
live.rezync.com/ Name: sd-session-id
Value: .eJwNykEOgyAQAMC_7FnMLiC78BkDiAlppY3YS41_1-Mkc8L8LfsWW2kHhGP_lQHyuz7qEE7o9b-VFwTwLJbZErLRE7EjhmuAXnqvnzbX5SmUI0YziZKsUVntjUraJuVz4oVoXRkxkHMsaET0iNY7L3DdY8YlCw.Y2iq6g.ZxMEQj27ddCULaK3v3tdWbrSRps
.connextra.com/ Name: CxtId
Value: 900af0d9-e193-4155-bf8c-658e451812b3
.connextra.com/ Name: NitroCasino
Value: P%7Chomepage%7C1%7C202211070651
.mathtag.com/ Name: uuid
Value: aaa06368-aaea-4f00-a708-ed5bcef86647
.doubleclick.net/ Name: IDE
Value: AHWqTUmP_21G8HdFvFnkmHvMuwyWYBFhn2KrCpNeEVb0jXGAWZ6BkIgyP5atj2usMvs
.eyeota.net/ Name: mako_uid
Value: 18450dba282-4eba0000010a5d7f
.eyeota.net/ Name: SERVERID
Value: 23935~DM
.rlcdn.com/ Name: rlas3
Value: K/+69N82mtq2m8bIM5cKATV5s2O7hib0zSM7Li0Brcc=
.spotxchange.com/ Name: audience
Value: 9700d0ed-5e68-11ed-8452-13f2d9420403
.bidr.io/ Name: bitoIsSecure
Value: ok
.krxd.net/ Name: _kuid_
Value: PLyFUU-e
.bidr.io/ Name: bito
Value: AAFu3U7G0VYAAB_GWh1wcw
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y2iq6gAGKi6cFgAr
.bidswitch.net/ Name: tuuid
Value: bf6d464f-db69-4e53-aec6-bb840d1f6b8a
.bidswitch.net/ Name: c
Value: 1667803882
.bidswitch.net/ Name: tuuid_lu
Value: 1667803882
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.rlcdn.com/ Name: pxrc
Value: COrVopsGEgYIuuoBEAA=
.nitrocasino.ca/ Name: intercom-id-cskb295h
Value: abcb98d3-1b38-4b31-b36e-cc27fca289df
.nitrocasino.ca/ Name: intercom-session-cskb295h
Value:
service.nitrocasino.ca/ Name: ci_session
Value: 5ce84g9di8tt3inbrnken7ib30n8e4m8
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dXNOrQoITHcMNnL1tMhNLIzIr_QItQAADB8aRh4AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dXNOrQoITHcMNnL1tMhNLIzIr_QItQjiNTQzM7cwMLawMDYyMJjFiOAbWhqarULjn0Ljv0Lj_0LjT2JC5c9C4y9C469C429C4-9CV8-Cyr-Fwrc02sSKpp8bzb1o_EXCqPxHaHwAdkgShk0BAAA

1 Console Messages

Source Level URL
Text
network error URL: https://service.nitrocasino.ca/uploads/media/NCA/homepage-banners/new-ui-banners/payment-providers/payment-CA.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20838089p.rfihub.com
a.rfihub.com
aa.agkn.com
api-iam.eu.intercom.io
api.paymentiq.io
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
c5.adalyser.com
cdn.inspectlet.com
client.pragmaticplaylive.net
cm.g.doubleclick.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
hn.inspectlet.com
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
intlsblntrca.nitrocasino.ca
js.intercomcdn.com
live.rezync.com
match.prod.bidr.io
nitrocasino.ca
p.rfihub.com
partners.tremorhub.com
pixel.mathtag.com
pixel.rubiconproject.com
ps.eyeota.net
script.hotjar.com
secure.adnxs.com
segment.prod.bidr.io
service.nitrocasino.ca
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
vars.hotjar.com
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
www.nitrocasino.ca
x.bidswitch.net
x.dlx.addthis.com
zz.connextra.com
service.nitrocasino.ca
104.22.69.220
108.138.106.101
108.138.106.17
108.138.128.57
108.138.128.58
13.225.214.90
13.226.39.20
13.33.60.4
142.251.40.194
151.101.2.49
18.164.96.90
192.35.249.138
192.40.39.223
199.38.167.131
23.0.197.94
23.205.56.183
23.41.168.211
23.41.168.23
2600:1f18:612b:4232:6c23:5a2c:6d97:91e
2600:9000:24f1:fc00:1:76cf:fe80:93a1
2606:4700:10::ac43:aac
2607:f8b0:4004:c09::9d
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:821::2008
3.217.8.50
3.222.206.229
35.190.60.146
35.211.178.172
50.16.174.192
52.203.222.38
52.209.125.240
52.55.72.99
52.7.103.185
54.165.211.179
54.72.94.180
54.89.37.176
63.34.106.143
68.67.160.24
68.67.179.166
74.121.140.14
76.223.78.13
8.43.72.97
021180e29cc92285037d179cdfc5afb5d6bb9cf90068d228556e5714b38dbf62
0734697543bd694d6f0e1fb7c141866fcb21d2a0514b48c215c9eec2c6e8dfc8
1523633a252b8730c2e92a04fd8244ab45847f6145f349eb64c2127b1f17c5d9
1bf42094bd9a856755c18109acf000feb75038f6f6311a65398d41c2318a81bf
23084b00ffe368652957dcb8afc244c1c432069472e90048b07634fccd27440b
38e49fbc7f65ec614292367d8f2c58edfc2be9538404d54dbce38e3fb549c71b
39905accb489681852b8e38f48df08d72244a6a68b232ee25568701d5c64b06a
3be3bbff46e01281a1711efdecd2575c593c6f0756c21d7d2151d4bd97b352a7
3d8cd5ee55fc85bae04e9b3b44d24f572891095134a1dc87eb956a1bf42e9fe9
442aa09567fb82891ead2ee7334974050a4e57f11f4f5f1ad824ef80ec1f57ad
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5775fa90c7ed288c202a744374fb22b29e1a86a5ecbd815eee9825c8a2abf50a
5d554121551df68e414c85920b6541d2e92251a189ff19a4b1f8dffe97ce1cb5
5fbd91f54cbcf754eb07aedda60473dc7924e388479cb24284613b5fccf2e15e
6630b6cfaf586e37b98dfe0986446c593762961c8407c5da7a997b5a23988a82
69c6c7826eeae57a0d3533bf29dd0a56b7edab56bdebda56684bcae32e44ec07
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7fbff53b1aa8d8a4ed1596a5a61ea65f10e4efb20203aa768c33795326d547b2
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
81adcc68b11f88130bb6ffa14a8203ba37e104af136598acc2b74980bbbb9563
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
83844b1cdcc798ae0e9838fc02d4cb31b4dfdd094f23d39eeba5918a228dd167
89fd74503d8e87828edc54150f0650dddef91f7d45d740422edc0cac7035911a
8f8d0dae16465d107bb632f64ec82de6380208eda4d5f641098151ec9b51cab7
92fe51c69b68c6765e5572003a9b7fb6dfc2c54dd5c036ebccae1eb81ca1c4a7
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bd411c282a41f2967f5db7ec0b4c9d8ea6eb6b95b26b5507f2889c8c37fd8043
bf8dea3cedd37d0a5b7ddd9d66208d2075ec0f282b6f1b17a267ad3216ef55b4
c8a2546cd866b9d8406d7c98f1dc6d3da19bb60c1f1c64ae38c46bbab4cee8c8
ccc94f4adba7d444d99b8715c744d5d710e291f527ee632b542b6633f22687d0
d0b1cb1455ecf8ab5a7eb203460cc7ff790df097c5907eb3d27ff7344282517e
d2575d4fa3632580aafcbcdf6978b3b57e144b90cf5bd9c2c98194f28b869704
d524bc20fb2fa52db8097e3f7650e15bd2b231501be79b09dbb527255a587258
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e31a2d1f565de5be9f1a6d96ae83da3e1408bb7031121c0dfc9d98cc91f73065
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56ec713489b8a8c4cd1a3a75e920a7a359e43445cb2c5e78de812b84f9523b0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff490369a02c37a4ed3df0cdac988319092ee8f6f905855b9af507735ca40a28
ff96aff83ec7f9a4d67cd4c2aa0e29987ebb18a9c60e82ab9193da458523bec3