urlscan.io logo urlscan.io
SecurityTrails logo

www.casinotopsonline.com Open in urlscan Pro
2606:4700::6812:1853  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://r.mail.askgamblers.com/mk/cl/f/sh/1t6Af4OiGsE8LKOc3FDnTJ9LBR4RaZ/zqXmYy9hsnbt
Effective URL: https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
Submission Tags: urlscan
Submission: On July 12 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6812:1853, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.casinotopsonline.com.
TLS certificate: Issued by GTS CA 1P5 on May 18th 2024. Valid for: 3 months.
This is the only time www.casinotopsonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1.179.112.197 396982 (GOOGLE-CL...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
14 4
Apex Domain
Subdomains		 Transfer
10 casinotopsonline.com
www.casinotopsonline.com
953 KB
1 sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 22784
1 askgamblers.com
r.mail.askgamblers.com
1009 B
0 nordscasino.com Failed
nordscasino.com Failed
0 securely-send.com Failed
securely-send.com Failed
14 5
Domain Requested by
10 www.casinotopsonline.com r.mail.askgamblers.com
www.casinotopsonline.com
1 sibautomation.com r.mail.askgamblers.com
1 r.mail.askgamblers.com
0 nordscasino.com Failed
0 securely-send.com Failed www.casinotopsonline.com
14 5

This site contains links to these domains. Also see Links.

Domain
go.campeonaffiliatesdirect.com
Subject Issuer Validity Valid
r.mail.askgamblers.com
R10		 2024-06-29 -
2024-09-27		 3 months crt.sh
sibautomation.com
WE1		 2024-06-07 -
2024-09-05		 3 months crt.sh
casinotopsonline.com
GTS CA 1P5		 2024-05-18 -
2024-08-16		 3 months crt.sh

This page contains 2 frames:

Frame: https://nordscasino.com/?btag=36445_456385_CTO-ROW-Email-NordsCasino&utm_source=36445&utm_medium=affiliate&utm_campaign=
Frame ID: 5CC472FD072F89B12C3F333020FC7251
Requests: 13 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=7471982
Frame ID: ABB1547F1DA8441FFBB660C6B961CED4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CasinoTopsOnline Go

Page URL History Show full URLs

  1. https://r.mail.askgamblers.com/mk/cl/f/sh/1t6Af4OiGsE8LKOc3FDnTJ9LBR4RaZ/zqXmYy9hsnbt Page URL
  2. https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

14
Requests

86 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

954 kB
Transfer

1068 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://r.mail.askgamblers.com/mk/cl/f/sh/1t6Af4OiGsE8LKOc3FDnTJ9LBR4RaZ/zqXmYy9hsnbt Page URL
  2. https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://go.campeonaffiliatesdirect.com/visit/?bta=36445&brand=nordscasino&afp=CTO-ROW-Email-NordsCasino HTTP 302
  • https://nordscasino.com/?btag=36445_456385_CTO-ROW-Email-NordsCasino&utm_source=36445&utm_medium=affiliate&utm_campaign=

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
zqXmYy9hsnbt
r.mail.askgamblers.com/mk/cl/f/sh/1t6Af4OiGsE8LKOc3FDnTJ9LBR4RaZ/ 		861 B
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r.mail.askgamblers.com/mk/cl/f/sh/1t6Af4OiGsE8LKOc3FDnTJ9LBR4RaZ/zqXmYy9hsnbt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.179.112.197 , France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
9d2784d8c472ca52171766bd75fea755bedd64790b6eac17203c1227abf24453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-length
861
content-type
text/html; charset=utf-8
date
Fri, 12 Jul 2024 06:49:17 GMT
x-content-type-options
nosniff
x-sib-server
gke-public-cluster-v2-1-179-112-170
x-xss-protection
1
cm.html
sibautomation.com/ Frame ABB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?id=7471982
Requested by
Host: r.mail.askgamblers.com
URL: https://r.mail.askgamblers.com/mk/cl/f/sh/1t6Af4OiGsE8LKOc3FDnTJ9LBR4RaZ/zqXmYy9hsnbt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash

Request headers

Referer
https://r.mail.askgamblers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
public, max-age=7200
cf-cache-status
REVALIDATED
cf-ray
8a1f17aafad800d2-CDG
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 12 Jul 2024 06:49:17 GMT
expires
Fri, 12 Jul 2024 08:49:17 GMT
server
cloudflare
vary
Accept-Encoding
x-powered-by
Sails <sailsjs.com>
Primary Request mailer
www.casinotopsonline.com/go/visit-nords_casino/ 		133 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
Requested by
Host: r.mail.askgamblers.com
URL: https://r.mail.askgamblers.com/mk/cl/f/sh/1t6Af4OiGsE8LKOc3FDnTJ9LBR4RaZ/zqXmYy9hsnbt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1853 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ce1f4837a0a0fd621383322fda62984ba298a0253f35e25b1c61551105f0f89
Security Headers
Name Value
Content-Security-Policy default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://r.mail.askgamblers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8a1f17abbfa34596-LHR
content-encoding
gzip
content-security-policy
default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
content-type
text/html; charset=UTF-8
date
Fri, 12 Jul 2024 06:49:17 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
CMRYbr7oOfyRQ7WW8i6Y8PYhCqeGtD2k.js
securely-send.com/storage/ 		0
0
logo.svg
www.casinotopsonline.com/images/rebrand-items/backgrounds/ 		1 KB
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casinotopsonline.com/images/rebrand-items/backgrounds/logo.svg
Requested by
Host: www.casinotopsonline.com
URL: https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1853 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd2ce4cd59f9fab950781004517b52f7be92c4eabb591ec7d5368b857d899e1
Security Headers
Name Value
Content-Security-Policy default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:49:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
cf-cache-status
HIT
age
9671423
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 13:27:24 GMT
server
cloudflare
etag
W/"65fae43c-5ae"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
8a1f17ac48324596-LHR
expires
Sat, 12 Jul 2025 06:49:17 GMT
18.svg
www.casinotopsonline.com/images/rebrand-items/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casinotopsonline.com/images/rebrand-items/18.svg
Requested by
Host: www.casinotopsonline.com
URL: https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1853 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
091260b009599ed799d124351b87b597b76070f5293368b7c99cc9d98ea62e39
Security Headers
Name Value
Content-Security-Policy default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:49:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
content-encoding
gzip
x-permitted-cross-domain-policies
master-only
cf-cache-status
HIT
age
24196
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Jun 2024 12:07:35 GMT
server
cloudflare
etag
W/"667ea787-93a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=31536000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
8a1f17ac48344596-LHR
expires
Sat, 12 Jul 2025 06:49:17 GMT
bg-mobile-redirect.jpg
www.casinotopsonline.com/images/rebrand-items/backgrounds/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casinotopsonline.com/images/rebrand-items/backgrounds/bg-mobile-redirect.jpg
Requested by
Host: www.casinotopsonline.com
URL: https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1853 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da8fba0722241604420b9784bd05d903d85d3db5277db6896dbd9f7edd84c71
Security Headers
Name Value
Content-Security-Policy default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:49:17 GMT
content-security-policy
default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
x-permitted-cross-domain-policies
master-only
age
717043
cf-polished
origSize=107807
content-length
98791
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Fri, 28 Jun 2024 12:07:35 GMT
server
cloudflare
etag
"667ea787-1a51f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
cf-ray
8a1f17ac78534596-LHR
expires
Sat, 12 Jul 2025 06:49:17 GMT
bg-tablet-redirect.jpg
www.casinotopsonline.com/images/rebrand-items/backgrounds/ 		271 KB
272 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casinotopsonline.com/images/rebrand-items/backgrounds/bg-tablet-redirect.jpg
Requested by
Host: www.casinotopsonline.com
URL: https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1853 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
626d815359ffce27e107d047ece4269c2a6de3d5e08795b057dd4e0b59d120c2
Security Headers
Name Value
Content-Security-Policy default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:49:17 GMT
content-security-policy
default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
x-permitted-cross-domain-policies
master-only
age
717043
cf-polished
origSize=296958
content-length
277644
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Fri, 28 Jun 2024 12:07:35 GMT
server
cloudflare
etag
"667ea787-487fe"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
cf-ray
8a1f17ac78564596-LHR
expires
Sat, 12 Jul 2025 06:49:17 GMT
bg-redirect.jpg
www.casinotopsonline.com/images/rebrand-items/backgrounds/ 		431 KB
432 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casinotopsonline.com/images/rebrand-items/backgrounds/bg-redirect.jpg
Requested by
Host: www.casinotopsonline.com
URL: https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1853 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f2a03b438b48d634832f1430b703b090b92174d8be47b7232c7b769557e22a2
Security Headers
Name Value
Content-Security-Policy default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:49:17 GMT
content-security-policy
default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
x-permitted-cross-domain-policies
master-only
age
9823734
cf-polished
origSize=467837
content-length
441371
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Wed, 20 Mar 2024 13:27:24 GMT
server
cloudflare
etag
"65fae43c-7237d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
cf-ray
8a1f17ac78594596-LHR
expires
Sat, 12 Jul 2025 06:49:17 GMT
BeVietnamPro-SemiBold.woff2
www.casinotopsonline.com/fonts/redesign/BeVietnamPro/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.casinotopsonline.com/fonts/redesign/BeVietnamPro/BeVietnamPro-SemiBold.woff2
Requested by
Host: www.casinotopsonline.com
URL: https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1853 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f410de3cb1bdb3ff4bbef4f5a25aebb1e6b46d736c99ed10c545a700be03e0cc
Security Headers
Name Value
Content-Security-Policy default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
Origin
https://www.casinotopsonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:49:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
cf-cache-status
HIT
x-permitted-cross-domain-policies
master-only
age
9824040
content-length
40264
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 13:27:24 GMT
server
cloudflare
etag
"65fae43c-9d48"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=31536000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
cf-ray
8a1f17ad99994596-LHR
expires
Sat, 12 Jul 2025 06:49:17 GMT
BeVietnamPro-Regular.woff2
www.casinotopsonline.com/fonts/redesign/BeVietnamPro/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.casinotopsonline.com/fonts/redesign/BeVietnamPro/BeVietnamPro-Regular.woff2
Requested by
Host: www.casinotopsonline.com
URL: https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1853 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1202fe4d640fbe34950bbeee58a0756bb02c14b4e4ef6cbf52057299d63d2be6
Security Headers
Name Value
Content-Security-Policy default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
Origin
https://www.casinotopsonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:49:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
cf-cache-status
HIT
x-permitted-cross-domain-policies
master-only
age
9677137
content-length
37952
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 13:27:24 GMT
server
cloudflare
etag
"65fae43c-9440"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=31536000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
cf-ray
8a1f17ad999b4596-LHR
expires
Sat, 12 Jul 2025 06:49:17 GMT
BeVietnamPro-Bold.woff2
www.casinotopsonline.com/fonts/redesign/BeVietnamPro/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.casinotopsonline.com/fonts/redesign/BeVietnamPro/BeVietnamPro-Bold.woff2
Requested by
Host: www.casinotopsonline.com
URL: https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1853 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4775e544ef6f21f24e9c06282dca66d14d51e9f20f4ad21601aecdd7a28666f9
Security Headers
Name Value
Content-Security-Policy default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
Origin
https://www.casinotopsonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:49:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
cf-cache-status
HIT
x-permitted-cross-domain-policies
master-only
age
724510
content-length
41216
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Jun 2024 12:07:35 GMT
server
cloudflare
etag
"667ea787-a100"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=31536000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges
bytes
cf-ray
8a1f17ad999c4596-LHR
expires
Sat, 12 Jul 2025 06:49:17 GMT
favicon.ico
www.casinotopsonline.com/ 		15 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.casinotopsonline.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1853 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e76d32cb29c4f0f9dcbd05c56a589ae9bbb297d868c12e76f5d7f4f482de30b
Security Headers
Name Value
Content-Security-Policy default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.casinotopsonline.com/go/visit-nords_casino/mailer?brevo_customer_id=80832&brevo_campaign_id=1069
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 06:49:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * data: *.crazyegg.com 'unsafe-eval' 'unsafe-inline' blob:; font-src 'self' fonts.gstatic.com *.crazyegg.com data:; script-src * *.crazyegg.com 'unsafe-inline' 'unsafe-eval' blob:; connect-src * *.crazyegg.com 'unsafe-inline' data:; img-src * *.crazyegg.com data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
cf-cache-status
HIT
x-permitted-cross-domain-policies
master-only
age
9982853
content-encoding
gzip
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 15 Mar 2024 09:21:50 GMT
server
cloudflare
etag
W/"65f4132e-3aee"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=31536000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
8a1f17ae1a094596-LHR
expires
Sat, 12 Jul 2025 06:49:17 GMT
/
nordscasino.com/
Redirect Chain
  • https://go.campeonaffiliatesdirect.com/visit/?bta=36445&brand=nordscasino&afp=CTO-ROW-Email-NordsCasino
  • https://nordscasino.com/?btag=36445_456385_CTO-ROW-Email-NordsCasino&utm_source=36445&utm_medium=affiliate&utm_campaign=
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securely-send.com
URL
https://securely-send.com/storage/CMRYbr7oOfyRQ7WW8i6Y8PYhCqeGtD2k.js
Domain
nordscasino.com
URL
https://nordscasino.com/?btag=36445_456385_CTO-ROW-Email-NordsCasino&utm_source=36445&utm_medium=affiliate&utm_campaign=

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Domain/Path Name / Value
www.casinotopsonline.com/go/visit-nords_casino Name: Path
Value: /
www.casinotopsonline.com/go/visit-nords_casino Name: XSRF-TOKEN
Value: /
sibautomation.com/ Name: uuid
Value: b0646e28-0f2f-48e7-9fe9-cdc90451e862
www.casinotopsonline.com/ Name: XSRF-TOKEN
Value: wzo4eCPHO2jrXF30nmWcfMXoaP94jDEtprZ9gVSL
www.casinotopsonline.com/ Name: laravel_session
Value: hta1mxEXA8EuIiQshkTz4N0f5pPW57D6FVW3sAFx
.casinotopsonline.com/ Name: __cf_bm
Value: nRgLiEmiivU4tg2JgRcaXEApylvCk0BeENfjonol4AY-1720766957-1.0.1.1-2nPRgc1OMeihxVtPl.ulfM0fwkb2RtUMvXnrGVDxdcQwRrnUVCzdNdSUnDraFgewSOA4TNqA9FmHMWFuHi7Thg
go.campeonaffiliatesdirect.com/ Name: nordscasino-v
Value: 456385

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1