![](/screenshots/fb286fa9-a5b1-4d83-a6c1-5c6275ae0aeb.png)
nitrobetcasino.com
Open in
urlscan Pro
104.21.71.108
Public Scan
Submission Tags: phishingrod
Submission: On May 23 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on May 23rd 2024. Valid for: 3 months.
This is the only time nitrobetcasino.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 104.21.71.108 104.21.71.108 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:311... 2606:4700:3110::6812:35ed | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 104.18.70.113 104.18.70.113 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 104.16.51.111 104.16.51.111 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 7 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2248 ekr.zdassets.com — Cisco Umbrella Rank: 2556 |
150 KB |
3 |
zendesk.com
nitrobet.zendesk.com |
977 B |
3 |
nitrobetcasino.com
nitrobetcasino.com |
554 KB |
1 |
gstatic.com
fonts.gstatic.com |
34 KB |
1 |
polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2982 |
385 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
872 B |
13 | 6 |
Domain | Requested by | |
---|---|---|
3 | nitrobet.zendesk.com |
static.zdassets.com
|
3 | static.zdassets.com |
nitrobetcasino.com
static.zdassets.com |
3 | nitrobetcasino.com |
nitrobetcasino.com
|
1 | ekr.zdassets.com |
static.zdassets.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdn.polyfill.io |
nitrobetcasino.com
|
1 | fonts.googleapis.com |
nitrobetcasino.com
|
13 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nitrobetcasino.com GTS CA 1P5 |
2024-05-23 - 2024-08-21 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.polyfill.io Sectigo RSA Domain Validation Secure Server CA |
2024-02-20 - 2025-02-19 |
a year | crt.sh |
zdassets.com E1 |
2024-05-01 - 2024-07-30 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
nitrobet.zendesk.com E1 |
2024-04-07 - 2024-07-06 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://nitrobetcasino.com/
Frame ID: 3B13F47AED10E6D1B43E7EBF3C4573DF
Requests: 11 HTTP requests in this frame
Frame:
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-fd3e127.js
Frame ID: 14D0288C29AEA5BD3AF0A748A25C7A0B
Requests: 4 HTTP requests in this frame
Screenshot
![](/screenshots/fb286fa9-a5b1-4d83-a6c1-5c6275ae0aeb.png)
Page Title
nitrobetcasinoDetected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Detected patterns
- /polyfill\.min\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
nitrobetcasino.com/ |
403 KB 276 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
3 KB 872 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
137 KB 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
52 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
109 KB 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
nitrobetcasino.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
cdn.polyfill.io/v2/ |
103 B 385 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
snippet.js
static.zdassets.com/ekr/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8vIH7w4qzmVxm2BL9A.woff2
fonts.gstatic.com/s/syne/v22/ |
34 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3a622c02-b226-4cfc-993f-fc3664b02a5d
ekr.zdassets.com/compose/ |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
nitrobetcasino.com/ |
403 KB 276 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-widget-main-fd3e127.js
static.zdassets.com/web_widget/messenger/latest/ Frame 14D0 |
456 KB 140 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us-json-fd3e127.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 14D0 |
19 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
pv
nitrobet.zendesk.com/frontendevents/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pv
nitrobet.zendesk.com/frontendevents/ Frame 14D0 |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
nitrobet.zendesk.com/embeddable/ Frame 14D0 |
734 B 977 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| zEWebpackACJsonp function| zE function| zEmbed function| getQueryVariable boolean| zEACLoaded0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.polyfill.io
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
nitrobet.zendesk.com
nitrobetcasino.com
static.zdassets.com
104.16.51.111
104.18.70.113
104.21.71.108
2606:4700:3110::6812:35ed
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
1ec91c497613b77f8f4e446393cd26d793bf9fb6f2cae7e04deda9bae2f09e8b
20be5bb6c6dfcad4e026b44339ab331eff925d58c62aa0dc116f74f028a64391
21e58c4aea0222f256c8d0dea5cec3823e726ffc49d4ebe5c9a74bc4734acf74
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
604943a2083c007252673fce50a5f3ecfa594194e3eecbf3d34a720c7da92e74
7c11046f5cf371469a6ee77a3142f700e44c7b98d5df55165b5fdfb9d064777c
81746256fb46f3e30b18f94ed16be38cba87bb92852db40eb0cc45eb210edbb6
856d12321ff907fc960211f4b11663dbc6fa4de1df4529757a0905dd22499738
9229ab12d7aa296f54276f883c0447e7c77205a25e250d6dba499c49b759e829
a47b0db1a69c08f4b2335a8e9113495e8a58d95847be71a02f382957049f0ed5
ab5ed400531644f073967a4a5bb77f8f28e3b36974f0c878b7681d9b33f1685e
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
cf71676c73eb85ea96536dbe53027aeea017f99c376c75dcd619eaa7ace59b73