auto-deploy.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2f77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://iterscasiri.click/4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAruZxtUr32lq_AWCXi66a8q...
Effective URL:
https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_sou...
Submission: On October 31 via manual (October 31st 2024, 4:26:37 pm UTC) from CA — Scanned from CA

Summary HTTP 43 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 11 domains to perform 43 HTTP transactions. The main IP is 2606:4700:310c::ac42:2f77, located in United States and belongs to CLOUDFLARENET, US. The main domain is auto-deploy.pages.dev. The Cisco Umbrella rank of the primary domain is 397565.
TLS certificate: Issued by WE1 on October 28th 2024. Valid for: 3 months.

This is the only time auto-deploy.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	173.0.146.170 173.0.146.170	7979 (SERVERS-COM) (SERVERS-COM)
1 1	52.55.41.13 52.55.41.13	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:303... 2606:4700:3037::ac43:b84d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:303... 2606:4700:3037::ac43:aef0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 36	2606:4700:310... 2606:4700:310c::ac42:2f77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:d15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c09::5f	15169 (GOOGLE) (GOOGLE)
1	104.198.50.50 104.198.50.50	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c07::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:8334	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	9

1 173.0.146.170 (United States)

ASN7979 (SERVERS-COM, US)

iterscasiri.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.41.13 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-41-13.compute-1.amazonaws.com

rno2p.bemobtrcks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:b84d (United States)

ASN13335 (CLOUDFLARENET, US)

dexpredict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:aef0 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

junkyadexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:310c::ac42:2f77 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auto-deploy.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:d15 (United States)

ASN13335 (CLOUDFLARENET, US)

rigill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c09::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.50.50 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 50.50.198.104.bc.googleusercontent.com

ntwkbc21.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c07::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:8334 (United States)

ASN13335 (CLOUDFLARENET, US)

quesid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	pages.dev 1 redirects auto-deploy.pages.dev — Cisco Umbrella Rank: 397565	494 KB
2	junkyadexchange.com 2 redirects junkyadexchange.com — Cisco Umbrella Rank: 141945	2 KB
1	quesid.com quesid.com — Cisco Umbrella Rank: 392796	542 B
1	gstatic.com fonts.gstatic.com	18 KB
1	ntwkbc21.com ntwkbc21.com — Cisco Umbrella Rank: 404245	254 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	rigill.com rigill.com — Cisco Umbrella Rank: 411812
1	dexpredict.com dexpredict.com — Cisco Umbrella Rank: 154512	4 KB
1	bemobtrcks.com 1 redirects rno2p.bemobtrcks.com — Cisco Umbrella Rank: 293888	988 B
1	iterscasiri.click iterscasiri.click — Cisco Umbrella Rank: 62113	2 KB
0	ntwkbc42.com Failed ntwkbc42.com Failed
43	11

	Domain	Requested by
36	auto-deploy.pages.dev	1 redirects dexpredict.com auto-deploy.pages.dev
2	junkyadexchange.com	2 redirects
1	quesid.com	rigill.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ntwkbc21.com	rigill.com
1	fonts.googleapis.com	auto-deploy.pages.dev
1	rigill.com
1	dexpredict.com	iterscasiri.click
1	rno2p.bemobtrcks.com	1 redirects
1	iterscasiri.click
0	ntwkbc42.com Failed	rigill.com
43	11

This site contains links to these domains. Also see Links.

Domain
quesid.com
media.playamopartners.com

Subject Issuer	Validity	Valid
iterscasiri.click R11	`2024-10-18` - `2025-01-16`	3 months	crt.sh
dexpredict.com WE1	`2024-10-16` - `2025-01-14`	3 months	crt.sh
auto-deploy.pages.dev WE1	`2024-10-28` - `2025-01-26`	3 months	crt.sh
rigill.com WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
ntwkbc21.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-17` - `2025-01-17`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
quesid.com WE1	`2024-10-24` - `2025-01-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino
Frame ID: 5916D17FD3B4C334E860250AF7B27DBF
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

National Casino

Page URL History Show full URLs

http://iterscasiri.click/4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAru... HTTP 307
https://iterscasiri.click/4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAru... Page URL
https://rno2p.bemobtrcks.com/go/e9890044-77ce-48a1-9f56-db0fecd9814b?cost=2.1987E-5&click_id=DFF937F0-97A... HTTP 302
https://dexpredict.com/jump/next.php?r=6808846&sub1=326194&sub2=437071 Page URL
https://junkyadexchange.com/jump/next.php?stamat=m%257C%252CkYhK-NjYrB1dAN0dEdHP3xP.4fe%252C7H0PozvLiGV-... HTTP 302
https://junkyadexchange.com/script/i.php?t=1&c=23818284&stamat=m%257C%252C%252Cg2PqY3FitGU3BJ-GH0dEdHP3x... HTTP 302
https://auto-deploy.pages.dev/natcasino/ca/259/index.html?cid=173039198710000TCATV62001R4958R1420R151RR221... HTTP 308
https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&ne... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

43
Requests

98 %
HTTPS

70 %
IPv6

11
Domains

11
Subdomains

9
IPs

1
Countries

520 kB
Transfer

1049 kB
Size

9
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://quesid.com/ut/aft.php?dbv=1&pid=rCTt98CAbmQ0rT6gQeedFAAIgrg1&ths=6
Title: here

Search URL Search Domain Scan URL

URL: https://quesid.com/al/visit.php?al=11,13,1

Search URL Search Domain Scan URL

URL: https://media.playamopartners.com/redirect.aspx?pid=249043&bid=2036&lpid=609&subid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e

Search URL Search Domain Scan URL

URL: https://quesid.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://iterscasiri.click/4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAruZxtUr32lq_AWCXi66a8q9DPKhDiPpd0GYsN_akYOT2Hgkl*RspAS6bMGMLhDs4uuTv1JDRfXpSs1eb0TSNTAfldD0ea70b3C2ZhN4FL35c8YEYuF_QgxopBpqCqrD HTTP 307
https://iterscasiri.click/4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAruZxtUr32lq_AWCXi66a8q9DPKhDiPpd0GYsN_akYOT2Hgkl*RspAS6bMGMLhDs4uuTv1JDRfXpSs1eb0TSNTAfldD0ea70b3C2ZhN4FL35c8YEYuF_QgxopBpqCqrD Page URL
https://rno2p.bemobtrcks.com/go/e9890044-77ce-48a1-9f56-db0fecd9814b?cost=2.1987E-5&click_id=DFF937F0-97A4-11EF-A53E-1F10A475CDD2&zoneid=326194&geo=CA&cid=437071 HTTP 302
https://dexpredict.com/jump/next.php?r=6808846&sub1=326194&sub2=437071 Page URL
https://junkyadexchange.com/jump/next.php?stamat=m%257C%252CkYhK-NjYrB1dAN0dEdHP3xP.4fe%252C7H0PozvLiGV-YkDx825CHiC84QaqtxGYR2uiJ8odLuZRGo-5KyERPKon_DyKo13RC4lO3fAxPDQ2Q6f1RE4avxH3Ss4JIGDZvq4vyD2DUmI%252C&cbpage=https://dexpredict.com/jump/next.php?r=6808846&sub1=326194&sub2=437071&cbur=0.6331684409062455&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fiterscasiri.click%2F&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200420en-CA84824%20bits HTTP 302
https://junkyadexchange.com/script/i.php?t=1&c=23818284&stamat=m%257C%252C%252Cg2PqY3FitGU3BJ-GH0dEdHP3xP.cb0%252CLVSQavIhWsrZzKK97prxhV0COZgkknF4kuQAPoewa6bbHXR2WcUQnVB8diezT0i8spYYpDa41j2SZ7RBw6pzfG-yRDLAM4nCDYlBrc7zvHEmGtwQV7TtWUQjKVu9xs4PwGLdkQsSWccPC9Le9cgVjiDsvrJkICMq1uMSANrAU4AI9ICGIQJVSlYEnmzINCvhYxVi1yS1Ar4zne7R4l6H48VgyiwG3ZWvYhPQTmNAzOdgO9R_Odmz-7Vj9lr2QDNyOp36VHkCPJBIoyGK6noTG96O12iGOREAg3OQQa5K2wTYgMNNNy4Ie69B3S3w73pPUGAZ5ndM5o64xjIXmzO6AhY1wFXib83uHRGnSBaQOozIwvOolx17GYpymVboVnq4JSHpb6yruJCIhJZwiw7uA1SbQ4siaZ-AlfjG7gVI4DwghG3g0MqAI7zNdwPNnZ77OHAj4sPdHNZ1L08fWoFEpv0t62Ogea0zP9xu1ZnXKpUGsclyBCtrzASQzqYqQP2M8f5zfo15WolMnL5oYL6iMZ3xrZ5qmxZT3E-QVVU_AiMTG9BqhjDFMikDJevN8-beqnheNpSRd-gH5mVDXgOLj_aDitvjMdUvtNsuWSuTH_xXwCfpSrjdtt2CXW-vKntxmT6bbg-lhT-JIceE6Lph0g%252C%252C HTTP 302
https://auto-deploy.pages.dev/natcasino/ca/259/index.html?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino HTTP 308
https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://iterscasiri.click/4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAruZxtUr32lq_AWCXi66a8q9DPKhDiPpd0GYsN_akYOT2Hgkl*RspAS6bMGMLhDs4uuTv1JDRfXpSs1eb0TSNTAfldD0ea70b3C2ZhN4FL35c8YEYuF_QgxopBpqCqrD HTTP 307
https://iterscasiri.click/4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAruZxtUr32lq_AWCXi66a8q9DPKhDiPpd0GYsN_akYOT2Hgkl*RspAS6bMGMLhDs4uuTv1JDRfXpSs1eb0TSNTAfldD0ea70b3C2ZhN4FL35c8YEYuF_QgxopBpqCqrD

Request Chain 1

https://rno2p.bemobtrcks.com/go/e9890044-77ce-48a1-9f56-db0fecd9814b?cost=2.1987E-5&click_id=DFF937F0-97A4-11EF-A53E-1F10A475CDD2&zoneid=326194&geo=CA&cid=437071 HTTP 302
https://dexpredict.com/jump/next.php?r=6808846&sub1=326194&sub2=437071

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAruZxtUr32lq_AWCXi66a8q9DPKhDiPpd0GYsN_akYOT2Hgkl*RspAS6bMGMLhDs4uuTv1JDRfXpSs1eb0TSNTAfldD0ea70b3C2ZhN4FL35c8YEYuF_QgxopBpq...
iterscasiri.click/
Redirect Chain

http://iterscasiri.click/4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAruZxtUr32lq_AWCXi66a8q9DPKhDiPpd0GYsN_akYOT2Hgkl*RspAS6bMGMLhDs4uuTv1JDRfXpSs1eb0TSNTAfldD0ea70b3C...
https://iterscasiri.click/4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAruZxtUr32lq_AWCXi66a8q9DPKhDiPpd0GYsN_akYOT2Hgkl*RspAS6bMGMLhDs4uuTv1JDRfXpSs1eb0TSNTAfldD0ea70b3...

572 B
2 KB

633ms
158ms

Document
text/html

173.0.146.170
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://iterscasiri.click/4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAruZxtUr32lq_AWCXi66a8q9DPKhDiPpd0GYsN_akYOT2Hgkl*RspAS6bMGMLhDs4uuTv1JDRfXpSs1eb0TSNTAfldD0ea70b3C2ZhN4FL35c8YEYuF_QgxopBpqCqrD

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

173.0.146.170 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 31 Oct 2024 16:26:25 GMT
Keep-Alive: timeout=20
Server: nginx
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

Redirect headers

Location: https://iterscasiri.click/4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAruZxtUr32lq_AWCXi66a8q9DPKhDiPpd0GYsN_akYOT2Hgkl*RspAS6bMGMLhDs4uuTv1JDRfXpSs1eb0TSNTAfldD0ea70b3C2ZhN4FL35c8YEYuF_QgxopBpqCqrD
Non-Authoritative-Reason: HttpsUpgrades

GET
H3

200

next.php
dexpredict.com/jump/
Redirect Chain

https://rno2p.bemobtrcks.com/go/e9890044-77ce-48a1-9f56-db0fecd9814b?cost=2.1987E-5&click_id=DFF937F0-97A4-11EF-A53E-1F10A475CDD2&zoneid=326194&geo=CA&cid=437071
https://dexpredict.com/jump/next.php?r=6808846&sub1=326194&sub2=437071

10 KB
4 KB

318ms
100ms

Document
text/html

2606:4700:3037::ac43:b84d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dexpredict.com/jump/next.php?r=6808846&sub1=326194&sub2=437071
Requested by: Host: iterscasiri.click
URL: https://iterscasiri.click/4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAruZxtUr32lq_AWCXi66a8q9DPKhDiPpd0GYsN_akYOT2Hgkl*RspAS6bMGMLhDs4uuTv1JDRfXpSs1eb0TSNTAfldD0ea70b3C2ZhN4FL35c8YEYuF_QgxopBpqCqrD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b84d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://iterscasiri.click/4U2ivWJWv0ZC0oidoItz9lsZdNjCwH3wDxdMGTbcHvuvW5SwM7DvikG5xOqnxWRLXOfFY3GuPAruZxtUr32lq_AWCXi66a8q9DPKhDiPpd0GYsN_akYOT2Hgkl*RspAS6bMGMLhDs4uuTv1JDRfXpSs1eb0TSNTAfldD0ea70b3C2ZhN4FL35c8YEYuF_QgxopBpqCqrD
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8db501bfcab443d9-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 31 Oct 2024 16:26:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9hNe6ilKNORb9XzSKyu3NLgnJh1mOLP9eBDDoBhptyX1KqeEfUo8PdDS0fst0jw9pB6uFLJLnOFJBOpmeAaqrRkrLpYoAk8gnyafJ3e8Hf697U3kXS33C1FMq2Sj7d3sbV4Wu0JSHbO9Nuwh1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=45589&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4180&recv_bytes=4427&delivery_rate=13028&cwnd=12000&unsent_bytes=0&cid=8d25bf1b838ab8bf&ts=133&x=1" cfExtPri cfHdrFlush;dur=0
vary: accept-encoding
via: 1.1 google

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
cache-control: no-cache
content-length: 200
content-type: text/html; charset=utf-8
date: Thu, 31 Oct 2024 16:26:26 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://dexpredict.com/jump/next.php?r=6808846&sub1=326194&sub2=437071
server: openresty
vary: Accept
x-response-time: 12.282ms

GET
H3

200

Primary Request / Show response
auto-deploy.pages.dev/natcasino/ca/259/
Redirect Chain

https://junkyadexchange.com/jump/next.php?stamat=m%257C%252CkYhK-NjYrB1dAN0dEdHP3xP.4fe%252C7H0PozvLiGV-YkDx825CHiC84QaqtxGYR2uiJ8odLuZRGo-5KyERPKon_DyKo13RC4lO3fAxPDQ2Q6f1RE4avxH3Ss4JIGDZvq4vyD2DU...
https://junkyadexchange.com/script/i.php?t=1&c=23818284&stamat=m%257C%252C%252Cg2PqY3FitGU3BJ-GH0dEdHP3xP.cb0%252CLVSQavIhWsrZzKK97prxhV0COZgkknF4kuQAPoewa6bbHXR2WcUQnVB8diezT0i8spYYpDa41j2SZ7RBw6p...
https://auto-deploy.pages.dev/natcasino/ca/259/index.html?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=2381...
https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&forma...

5 KB
2 KB

74ms
73ms

Document
text/html

2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Requested by

Host: dexpredict.com
URL: https://dexpredict.com/jump/next.php?r=6808846&sub1=326194&sub2=437071

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f374f8e2392cad2618f92459fec1518c36716c12bfc4ae8ff61c30e99abb102e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dexpredict.com/jump/next.php?r=6808846&sub1=326194&sub2=437071
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8db501c7a9ce43d5-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 31 Oct 2024 16:26:28 GMT
link: <https://fonts.googleapis.com>; rel="preconnect", <./static/media/main-bg.jpg>; rel="preload"; as=image, <./edit/content.js>; rel="preload"; as=script, <./static/js/main.js>; rel="preload"; as=script, <https://rigill.com/script/at.js>; rel="preload"; as=script, <./static/media/wheel-fg.png>; rel="preload"; as=image, <./static/media/floating-image-right.png>; rel="preload"; as=image, <./static/media/floating-image-left.png>; rel="preload"; as=image
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lGjeh5kAv3XNCtp6YkcBfgV4uYv6KlGtTRQuMWeYaRC7PpfSQ4Pl4TbArBokXZErPr2WJ1hEuUuiX8QU8kGRXeyNA9jLwkYZieL3s1BZnLrBEn1Etb%2FVGgBVh9mAcUQa6bYjUEs7aSJsLQgEWSJqduZgx0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=47487&sent=15&recv=10&lost=0&retrans=0&sent_bytes=5380&recv_bytes=5033&delivery_rate=30773&cwnd=12000&unsent_bytes=0&cid=8877c2d41a017475&ts=146&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 8db501c7394043d5-EWR
content-length: 0
date: Thu, 31 Oct 2024 16:26:28 GMT
location: /natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Q5z1F0B%2BLI6mdrFhjf9Ypc7Opf3oXapK%2FK2Q32n1UWlIFVXlaozf8bqekrWxHr4gg1o%2FXkE2D5utV1oRGDWZJFaRsi%2BmEIaClwnCGt5kS2ZzyCdlbBSuOaMVWp92RrgKn1gncQTohaAukhvUihuuBlWJjU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=44978&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4142&recv_bytes=4424&delivery_rate=65977&cwnd=12000&unsent_bytes=0&cid=8877c2d41a017475&ts=73&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 200 main-bg.jpg
auto-deploy.pages.dev/natcasino/ca/259/static/media/ 191 KB
628 B 229ms
94ms Image
image/jpeg 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/main-bg.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6872f9697ea2490d07158914595cdc8bc56b3f3071688fd872999778fa10ebc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

etag: "1b299ecdca45c39a07eb16e8179b5ca1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2B2sEGpS%2FHf09xD6w97JA5HQMcoqXCJDchrEcS7yeDrrWA%2BJ2H6Un1CrZAH4LmQuiJmldN06aBBwuk9ChXJxu5bhykGEX3BNe2AsATAFGdNVOwfx7IqCNF720EHEeIOEXJ35cjCO9q8QoJY9NFjgzYKv0UA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=56036&sent=103&recv=44&lost=0&retrans=0&sent_bytes=91712&recv_bytes=12804&delivery_rate=232197&cwnd=48000&unsent_bytes=0&cid=8877c2d41a017475&ts=352&x=1", cfExtPri, cfHdrFlush;dur=32
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/jpeg
vary: Accept-Encoding
priority: u=3,i
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501c90bc443d5-EWR
access-control-allow-origin: *
content-length: 195491
server: cloudflare

GET
H3 200 content.js Show response
auto-deploy.pages.dev/natcasino/ca/259/edit/ 2 KB
630 B 178ms
90ms Script
application/javascript 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/edit/content.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9829d72cc8d4ce5dca953dc5db50c3c9ba90c4b3628eb968451ebbccf8d8a0f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"747b3d9f988e3d519dbe23235f10be01"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BOII7XUbi7OUDdUnsXghlsxswqT4b43dOtfi6MZPSeU%2Bp1BgcILNpiQLhbzftqAvrE%2B5C3m2pue6sNUTraH7f0np1Rcmm3r8LGURTyK5uSiVYmzvp04uMhI%2BSqG7EZDUMLBEs69OrPwzlGPXoqVfHW5U290%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=80839&sent=57&recv=28&lost=0&retrans=0&sent_bytes=43688&recv_bytes=10716&delivery_rate=116224&cwnd=24000&unsent_bytes=0&cid=8877c2d41a017475&ts=305&x=1", cfExtPri, cfHdrFlush;dur=34
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=1,i=?0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501c8bb5243d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 main.js Show response
auto-deploy.pages.dev/natcasino/ca/259/static/js/ 6 KB
639 B 224ms
89ms Script
application/javascript 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81e51a3d91017d001a1fb33c59f05079352371e1082d669a325bfe686167d86a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"b9336192915d5e6c81dc2648ca25c068"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2BMgyGgHfTh69Rf2RONFWh%2Fz1WbL04PQ70wAHVSjFLz3zFV5XS5bExN18%2BaM2VYWONjtztEmEYgpjx%2FrYUMO8%2FhNTQiRaXhM5EPuVwuFkYejolGb%2FiuAB%2Bn0n%2B2jJYu4kuL41ZpbfnzFNnqrryEE7kDJxa4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=56036&sent=103&recv=44&lost=0&retrans=0&sent_bytes=91712&recv_bytes=12804&delivery_rate=232197&cwnd=48000&unsent_bytes=0&cid=8877c2d41a017475&ts=353&x=1", cfExtPri, cfHdrFlush;dur=31
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=1,i=?0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501c90bc543d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 at.js Show response
rigill.com/script/ 66 KB
0 263ms
263ms Script
text/javascript 2606:4700:3033::6815:d15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rigill.com/script/at.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:d15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce0f676ebc2242b18430ad4dc8e4553d063b9a711ccd20f20e6bad8e6b91e36a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/

Response headers

x-goog-metageneration: 2
x-goog-hash: crc32c=h82VzQ==, md5=ZfZTEIkK1YDBL4oCENnc6g==
cf-cache-status: HIT
etag: W/"65f65310890ad580c12f8a0210d9dcea"
age: 3186
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKQqK6gGqrv1mKesm%2BHySKflkwVCaR%2FXsWDHzkZbOSYWx4yhnyeeM59kvRPmipOtcUOP3ZhVlantwArOF%2FSE%2FED0UrHhuxSnro99%2BGhE2nHxD2RUkmDbnS4wgLq4be5BanVCaI0TBlXA"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Thu, 31 Oct 2024 16:09:07 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 67555
server-timing: cfL4;desc="?proto=QUIC&rtt=46614&sent=10&recv=8&lost=0&retrans=0&sent_bytes=4111&recv_bytes=4261&delivery_rate=68525&cwnd=12000&unsent_bytes=0&cid=04a74c59ec0ca73f&ts=75&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 11:33:52 GMT
vary: Accept-Encoding
priority: u=1,i
x-guploader-uploadid: AHmUCY2U_78rPCsnE8FqN2NR5yCjW5onevaUoQ5-DBmA8CHSHImZlroa40FlpNiJPMTMZND-gImCQ9rhjA
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8db501c96c5042a7-EWR
access-control-allow-origin: *
x-goog-generation: 1728560032769908
server: cloudflare

GET
H3 200 wheel-fg.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/ 116 KB
630 B 90ms
89ms Image
image/png 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/wheel-fg.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2de0ecbd0edf5f4b0c00fe93e6ee9926ec34306dc909f121fd994b05acbfcfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

etag: "4d1cc89d0eff7211139c7920bc67385e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XW1DcSZC%2FJ%2F89fwmo7f23IIlfEFtF8XXeVUmKAbj95sUi1iLVlz2pDdrvfqN3dxEBYQEqSMinjFtlJ0sTBW1HmXfYuFQK2dEx1QknlyRR%2B%2FaWIyL8yYfiMZts8uzrtOchi32bBEWRN%2BXUfIT30XbLtQsy0A%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=56036&sent=103&recv=44&lost=0&retrans=0&sent_bytes=91712&recv_bytes=12804&delivery_rate=232197&cwnd=48000&unsent_bytes=0&cid=8877c2d41a017475&ts=356&x=1", cfExtPri, cfHdrFlush;dur=28
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=3,i
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501c90bcd43d5-EWR
access-control-allow-origin: *
content-length: 118633
server: cloudflare

GET
H3 200 floating-image-right.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/ 47 KB
631 B 250ms
249ms Image
image/png 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/floating-image-right.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

750e47efae13a96b77ffb991103bf83e2092fc3272f2e74d7132b6ee76bd0b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

etag: "a7db8c41e417fcb1da3c3314fe320ce3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dUSHBTWyyM3TptTcZvNmE%2FfzcnBgd8rmHOUHaq3Zn09DI3nD7wOwBwI77IIsEOM46yLQ1%2BPKEvz2qgwJ6jJh7WhXj6MI0hMWsnTj26W2Y2U7Wup1iYh3QNrLWNq5KxjxNulsPqJMqPmi8OcSkcuGWDch8Bk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=59191&sent=521&recv=113&lost=0&retrans=0&sent_bytes=561148&recv_bytes=24675&delivery_rate=2849019&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=544&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=3,i
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca3d2343d5-EWR
access-control-allow-origin: *
content-length: 48395
server: cloudflare

GET
H3 200 floating-image-left.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/ 76 KB
630 B 250ms
250ms Image
image/png 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/floating-image-left.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0480d50e8e894b23266e4f7ecad323772c932c8ae7321a6ff3303abcf714296

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

etag: "3385204925eeb9c41fd3a52ff3e751ac"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6ZR91FeDpR48uVL72eBREKHLSpjm%2BtqqDKpYGuc%2BZi7ZAcLw5FVpg2Rlf415xDMlTRr8Sx%2B60HNausjX1jEhoJgiXdmuDywcGqGtJE0B4yetx6o6wSYlef4rAGhsqYMNRIY7u6sxIPTpH77nYOCC5u7IhI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=58463&sent=523&recv=115&lost=0&retrans=0&sent_bytes=561827&recv_bytes=25471&delivery_rate=3161949&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=546&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=3,i
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca3d2943d5-EWR
access-control-allow-origin: *
content-length: 77823
server: cloudflare

GET
H3 200 vars.css
auto-deploy.pages.dev/natcasino/ca/259/edit/ 2 KB
1 KB 136ms
135ms Stylesheet
text/css 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/edit/vars.css

Requested by

Host: auto-deploy.pages.dev
URL: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e69fd9529d8dc6f84d3ab93d1b86fdf7d2506d67cb44fa9bbe4a4f533f321405

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"99ce1cf7dca8616383ba8418c2a0dcb4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQV3d5b9pE7zPhOb219F3iCf1QTb0QmrQZdI1GK5bKsF2tjSVCOy7na91Gyf5hRXIYkx0eJzVt7Z72NcuGNvk1BTdxUb8KzbVv147nY5nrTtIgpq4NDZpFVx7iZI5OFbcKuwahlG6xPaHoOWlWPyRsPFtms%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=50852&sent=31&recv=22&lost=0&retrans=0&sent_bytes=19688&recv_bytes=10021&delivery_rate=49731&cwnd=12000&unsent_bytes=0&cid=8877c2d41a017475&ts=227&x=1", cfExtPri, cfHdrFlush;dur=67
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501c82a8843d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 main.css
auto-deploy.pages.dev/natcasino/ca/259/static/css/ 18 KB
4 KB 137ms
136ms Stylesheet
text/css 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/css/main.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a440db7446b01860d6303234207016f9cff7c4b299b4c6ea2ea7289f7b7a44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"3c5bc1f6b447085b0d336160a75e2713"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9K3WrIY%2FrpL0DLZPtTbThBIKdOV9nzoYHDwg7mWinf6RRUr8t%2BUcInWoZ15TIhuTq57LBhwjNmfOop5U9gRAr%2Fa560oZ5qJxNp0S6YKuIMG3tF8ixSZ29%2FOyYti7FkxetHTMpO%2B4QZQZz0t8dk2TZqyNJtY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=50852&sent=31&recv=22&lost=0&retrans=0&sent_bytes=19688&recv_bytes=10021&delivery_rate=49731&cwnd=12000&unsent_bytes=0&cid=8877c2d41a017475&ts=236&x=1", cfExtPri, cfHdrFlush;dur=58
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501c82a8d43d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 299ms
103ms Stylesheet
text/css 2607:f8b0:400d:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 31 Oct 2024 16:26:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 31 Oct 2024 14:46:35 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 logo.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/ 36 KB
37 KB 137ms
137ms Image
image/png 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1fc57dafaaad10c0fd2c953dec5a3f35b60c1b6c3860967dd1c486640cf417a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

etag: "da83b6dd6823999ce8d3c3f1c1f4fcb0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NdlZVh0OPE9zcIscHB6b7Qwx%2FxUHg2yMJh8VdYieHnMHo44Mpp7MYmc%2BdwvTb%2B%2Fubh3DZrWvjgI4IHayOB6aWghLpNVoUH2iW1BSGjymu46LvTx6QdQk8r0lubiZWsSUyaf4Z0wgW35WrqD22W5xDhjDbDk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=50852&sent=31&recv=22&lost=0&retrans=0&sent_bytes=19688&recv_bytes=10021&delivery_rate=49731&cwnd=12000&unsent_bytes=0&cid=8877c2d41a017475&ts=230&x=1", cfExtPri, cfHdrFlush;dur=64
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501c82a8f43d5-EWR
access-control-allow-origin: *
content-length: 36818
server: cloudflare

GET
H3 404 stopper-mount.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/ 0
633 B 138ms
137ms Image
text/plain 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auto-deploy.pages.dev/natcasino/ca/259/static/media/stopper-mount.png
Requested by: Host: auto-deploy.pages.dev
URL: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3vCTdZlkyUSfneHE2e2sbZ%2FF77MNeDh5bQI3t4kLyrMmAKK6OgQVXisp39sWRpbCgZ8VVVfLGDFwTptkYWl%2B9UEUQQ7jl5as%2BKi46Y2p8%2FI%2BnZqdgCUx8%2BXMSWNynLFR8kdImiLH8ciBqE7rTpj6EchPaM%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501c82a9043d5-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=50852&sent=31&recv=22&lost=0&retrans=0&sent_bytes=19688&recv_bytes=10021&delivery_rate=49731&cwnd=12000&unsent_bytes=0&cid=8877c2d41a017475&ts=238&x=1", cfExtPri, cfHdrFlush;dur=56
date: Thu, 31 Oct 2024 16:26:28 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=2,i

GET
H3 200 stopper.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/ 4 KB
5 KB 83ms
83ms Image
image/png 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/stopper.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c301352ddc82b5d9819e3631efa0f0c8e5ca7421c8c85d05731d3106d3d99e79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

etag: "ae766353e3cbeac471ead129fac90e31"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eRywDykAJ6Dra9J%2BZoUxLacT4yhv%2B80y0s5hIy9nawAuZg%2BibQNDv7JikCjJHydPx%2FoFSHdYmL5hhZvlBYL5WNRQOwXkfOe4x%2BwdpDlUCEmXOE9YSVQakrKi95bXI3WKn50j1vD7ReYuXWZjY04QhSH2dBM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=53668&sent=188&recv=67&lost=0&retrans=0&sent_bytes=187712&recv_bytes=14287&delivery_rate=986083&cwnd=96000&unsent_bytes=0&cid=8877c2d41a017475&ts=416&x=1", cfExtPri, cfHdrFlush;dur=15
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501c95c2443d5-EWR
access-control-allow-origin: *
content-length: 3916
server: cloudflare

GET
H3 200 crown.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/ 40 KB
41 KB 273ms
273ms Image
image/png 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/crown.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

914b13432f93fe777b3d5357de1cf356eea2f59dff1cd7f8b82b57461812ed98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

etag: "306e29364e65bc9801a65e463f1401dd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QjNQvag1n0%2FLKH6M%2B7De9%2FBjhUuzj7QL%2B3bg21bQw8ndZw5H3rMotAM8IipWKs8qhNtFgL0Pu0ON%2BWR829iN9NwXdHcqbCfWa7rY1tJij%2BgE40SW310xYO4mVAYHcMLa4BTcu7vAUMGs%2Fgl9JUDj%2FJUDXXU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60961&sent=472&recv=92&lost=0&retrans=0&sent_bytes=517768&recv_bytes=15883&delivery_rate=2748838&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=508&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501c9fcde43d5-EWR
access-control-allow-origin: *
content-length: 41413
server: cloudflare

GET
H3 200 sparks.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/ 20 KB
20 KB 251ms
251ms Image
image/png 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/sparks.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47fc00309a6af71a145bf391ba6550c47f8949b61270aaab441dddcb9e6be7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

etag: "3d5b9f9bae1b69ddabed329de49f218b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=psI1TCV0r17hwYaWJNukRNxWNia9bvf7VCHld5%2BC7cWp2lZGZmXqckw4UeYSz8gdHGRuFLSqLdbuQWwolXh25Ji5y9vXxgrVrRO2GeBNWLfB1jOyfkqvm4fDV9DQA2jBDlujGSVbCbi4IHv1IyyUtvY58EE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=59633&sent=525&recv=118&lost=0&retrans=0&sent_bytes=562505&recv_bytes=26845&delivery_rate=3232825&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=562&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca3d2543d5-EWR
access-control-allow-origin: *
content-length: 20132
server: cloudflare

GET
H/1.1 200
OK ip Show response
ntwkbc21.com/ 14 B
254 B 505ms
158ms Fetch
text/plain 104.198.50.50
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ntwkbc21.com/ip
Requested by: Host: rigill.com
URL: https://rigill.com/script/at.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.198.50.50 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 50.50.198.104.bc.googleusercontent.com
Software: openresty /
Resource Hash: 3c94fe44e3a50aba91c5c2c32ef0cffe483d9281e0863583b83d88d8d86fe674

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/

Response headers

Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Thu, 31 Oct 2024 16:26:29 GMT
Content-Type: text/plain
Server: openresty
Connection: keep-alive

GET ip
ntwkbc42.com/ 0
0

GET
H3 200 payment-visa.svg
auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/ 3 KB
2 KB 254ms
253ms Image
image/svg+xml 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/payment-visa.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24c9bdca5814668fad0f9035f42c2aaaf5431f3469ba3a489ce68224f747b790

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"d55b6ce85037416a49753c76f41f8917"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKQ%2FSxKJg72ic8D2xvwAaw6LD3WxS94lN1yLCzsT6qWbfSHnOD%2BgNyOSGnVeqe9fQcmnB3JKbcT9t647HnHQFycBTxUbxz2uqjUYKx%2FyyIO%2B3KRRmGtqNHJYuCXu%2FFd7%2BMB36ONWBhvFIXdTT4NcI074o9s%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=553&recv=119&lost=0&retrans=0&sent_bytes=595794&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=574&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca3d2c43d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 payment-mastercard.svg
auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/ 9 KB
4 KB 254ms
252ms Image
image/svg+xml 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/payment-mastercard.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4338379e7b31e9b19a8b02f639e9732423b59f33591a42c8aa483ed7aa16fa2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"92f3b1bbe51d8e6cf196dbb8fbf55f52"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PtpFmyaZrbJOzdanmuxVcP5fgZ7rYLGDYFpREaoNepUWzKapOuYybUji7CQNDmE%2BzYo%2FXUueF9ouh3VJ3sw8eAmRBQ08eDqmof7l36FUYIAy39lW76TJIIVjvsT029BvMRrrvE3nWLr8BrW5QC1O929%2BI3M%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=553&recv=119&lost=0&retrans=0&sent_bytes=595794&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=574&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca3d2e43d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 payment-ecopayz.svg
auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/ 3 KB
2 KB 259ms
256ms Image
image/svg+xml 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/payment-ecopayz.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69512a854c196d68ab36d0a5940cfcccfc792605d5c8b138492f106cbf66c774

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"fb2c14cc33a205687bd1d28e39fb6c8f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OpMSafC6YYFjxxEdMj3kmlbbK1Y26zCJGd%2BcZ1jPHD9gkBaU09dceZKZhek7oM7y8b9f%2B2o2AKI0chJZZOU34mz2k3suH6t%2FFGrnBL1%2Ffo1bO%2BX88X5%2FAPnLqnHzBsJuglmYUT4QMbqshhFYqxxYIyl0seg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=559&recv=119&lost=0&retrans=0&sent_bytes=602064&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=575&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca3d2f43d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 payment-interac.svg
auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/ 4 KB
2 KB 263ms
260ms Image
image/svg+xml 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/payment-interac.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53787df8df64c63fab708770cf2c2ccab61b5c748a5caaf318a740ea352a8769

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"00169197d1046a5858537b29b37b3bfa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAly%2BVY9pYRGRV6dwnbyqa7TkXvLBbv0QrRoQ%2B%2F2ssg4nsUwz9jZqTbPwidXLYiIfDKG1eyLq12O3Ur%2BYMBs2Apih636ztuIBdg9lhlMJnxTmpY5b4RqFf5b6kjvrO6mcWnPi%2F5CYY1kj4RtUoOwhzGEBaI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=604&recv=119&lost=0&retrans=0&sent_bytes=653136&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=591&x=1", cfExtPri, cfHdrFlush;dur=16
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca3d3043d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 payment-jeton.svg
auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/ 5 KB
3 KB 264ms
262ms Image
image/svg+xml 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/payment-jeton.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb9b221c2394440397feddd9b9c7eed5dfee923fec102c1dae2f6bf3852bf8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"aace124c5f8e72d4071d3002f32d2779"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJ1cnhPZfnp54btGEpznlSB9q6Y7BxxZ6lS63urV6L8Pz7vMToZ5KGDkAyBGLe7m%2BWYHZB%2FGmFcNY7P5AljoJkL4jQZMIDpOZvkVAeersUlnVJEbwxat0vkRm4bxYK0crE4xslgFhuNEbiNrJ5Ylgzl6Hlk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=604&recv=119&lost=0&retrans=0&sent_bytes=653136&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=590&x=1", cfExtPri, cfHdrFlush;dur=18
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca3d3243d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 payment-neteller.svg
auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/ 1 KB
1 KB 252ms
250ms Image
image/svg+xml 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/payment-neteller.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40daec142f0d45cfea04f49f21e047f732da0be3b72f08d5c6c1b562f8221429

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"d076770c08b78a5fa13f1b91b0202dda"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2ibPK259IFTNICyGKihJzZbAsljsQX45acD7z80G5IKR%2BHRrWDfXBGZ7vB6eI4xLTPi1aTS1kK0ff5SwGeq1MAAxlc%2Ba6SCkz0JT%2BZHcNbUtQfINlC33kIi%2BWiSS1z7tci1kWCp9BkjJ0eKGH%2BJz0zTX7M%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=553&recv=119&lost=0&retrans=0&sent_bytes=595794&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=574&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca3d3343d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 payment-perfectmoney.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/ 5 KB
6 KB 264ms
262ms Image
image/png 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/payment-perfectmoney.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f54d3bba9b54c0fef19fba9b43e99c3ac5a1fe8054cfd41070e4ae6987d88f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

etag: "f7708efac56baef7b843efb8bb0c1478"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LHW4%2F%2FFEWdw9bRA9fiT2CbXMHzm7uWcwPycy9Zpg0puG91RC6VkPyFr7fr8%2FGANRjkQHUXVZoebZrUFICYoWOhOjF5WWAThSiU1IpwbZqd23O2KU%2FneD4bz5taP9VSwJb7PTNeu3tUzJjZ2ZOD5sp7l%2BUHM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=604&recv=119&lost=0&retrans=0&sent_bytes=653136&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=598&x=1", cfExtPri, cfHdrFlush;dur=42
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca3d3543d5-EWR
access-control-allow-origin: *
content-length: 4927
server: cloudflare

GET
H3 200 payment-skrill.svg
auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/ 2 KB
2 KB 266ms
264ms Image
image/svg+xml 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/payment-skrill.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc32db89be7d4a4c9153467cf83aa1bfffb0173dda6354d3acce398fff0af29f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"52084a28eaddc458cb3556e3705bb4c9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sHcgk4d4qWl4bDkx88UfO7yBmP62zXVDyeExBZuhTLDsCGEeE6CziTCJGsVP5KZlrZppjd2Oy52ILrOeJIffM9DY2Q5vpzQLHX6Z%2BX4atHx6ws5E3KaFr8PoJCxs4fVqjBxCNDRxgMmF44PYMwVko6XWE6I%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=604&recv=119&lost=0&retrans=0&sent_bytes=653136&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=604&x=1", cfExtPri, cfHdrFlush;dur=57
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca4d3643d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 payment-bitcoin.svg
auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/ 2 KB
2 KB 265ms
263ms Image
image/svg+xml 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/payment-bitcoin.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

150dc526008d8e025cb63d6fd9a5272c6308297b8d75a69d7af307022be8c4da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"4ddbc2388de0b74790c9aab6e853ea54"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cqAGmWce%2BwMwLl8z6dyx11UHOkGDys0x%2FOcNZaLstIjYKv%2Bi1VzcPrEnjfbEwaM2i1Q6%2BIAs6ExaiV0lhYrOB%2Fcn4K8QGdKKE8mTt4%2Bk5HnnwI9a6G1hRambW0SdQIb2j0UH9O2uTwtF7mpH9dXmVgBgL4o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=604&recv=119&lost=0&retrans=0&sent_bytes=653136&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=599&x=1", cfExtPri, cfHdrFlush;dur=62
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca4d3b43d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 payment-ethereum.svg
auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/ 2 KB
1 KB 268ms
266ms Image
image/svg+xml 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/payment/payment-ethereum.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93d1390693ff80d919b5ad2b83c30445528668eaa618910c384a973e5a1ec8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"bc852e6a7e2ec2bba5b9474b0904fe57"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Obh3G1MPIhuxnqpcVQatsrDQmwDZTsT7HGIMcstvSAZstk97Z0I5WSx3MkFEq06GnkJ6tYfJrZOaxDQdR03ZeLSigCrDI%2BhrUmbbh1HOpS87nYO%2BkODwQ9138gBUkH%2BHNPGn9JWFp6SDskfRqqE9cr7K%2FuI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=604&recv=119&lost=0&retrans=0&sent_bytes=653136&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=592&x=1", cfExtPri, cfHdrFlush;dur=83
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca4d3d43d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 safe.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/footer/ 5 KB
5 KB 267ms
265ms Image
image/png 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/footer/safe.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b48cd35122c1e245c1b14a6e74a3c5372dba3a9d655ef7ee679840aa7826a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

etag: "e72c950903e1f148938e414e4ed7cfd2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aUeQuPRBBz5LgDxwVOWJqKCtHwePBrnzuQp0NCVmuXuyI1AWc%2F%2F2D7sLy6IgZLCG%2BDmK88H4XETYgoy037jMWMq1a0WJ30J2d7G2uKwRiK7nH8ht%2BcuTVCHV6yGSMCx8JHtbtx12EmsNKFhLc8tQuXzDNAc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=604&recv=119&lost=0&retrans=0&sent_bytes=653136&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=602&x=1", cfExtPri, cfHdrFlush;dur=73
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca4d3e43d5-EWR
access-control-allow-origin: *
content-length: 4917
server: cloudflare

GET
H3 200 responsible.svg
auto-deploy.pages.dev/natcasino/ca/259/static/media/footer/ 3 KB
2 KB 277ms
275ms Image
image/svg+xml 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/footer/responsible.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12052812d4e481278022bb294aa379da01a13264c096329ac32f0d6ebbb8ab7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

content-encoding: br
etag: W/"2b0d669a00ca8b4411739ad8301cb2b9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EgQDk94iwj8tAa%2BNHUtaXihoyxjNTmJjeoBwrejPtnKKkSn%2F27xRfXJOZAbaxUuFy4L%2BYS%2F3xOxIFm%2FDY%2FIAWcnZZGIIla1axNfCfbu3xTWfVvfDjMTkZPKiVo4inPlhX8aeE58p7hnrcwg89JpvLEsWbl8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=604&recv=119&lost=0&retrans=0&sent_bytes=653136&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=596&x=1", cfExtPri, cfHdrFlush;dur=94
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/svg+xml
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca4d4343d5-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 18.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/footer/ 3 KB
3 KB 281ms
280ms Image
image/png 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/footer/18.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0467576b0fad150f832219a35b1955628d4b01167a1ff0b65dbd6056d28b67af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

etag: "8ee4c7a1b64add73975e01e0936e4306"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=48RrcS0JQo%2FcjU5F3wsBeXbrJHkd9rDL1jNjyFcoNT7CbirxSmGEGOIgQrbF2O2iAGAFQF%2BhReCtDWUEmE1TBLsLwshOvRu1HsXsf%2FCLriw92Mi%2F40hNTrjSG6IfYsMccEMpMpAyKVUpARDZiiibG3s%2BstM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=604&recv=119&lost=0&retrans=0&sent_bytes=653136&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=606&x=1", cfExtPri, cfHdrFlush;dur=98
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca4d4543d5-EWR
access-control-allow-origin: *
content-length: 2598
server: cloudflare

GET
H3 404 wheel-border.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/ 0
643 B 257ms
256ms Image
text/plain 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auto-deploy.pages.dev/natcasino/ca/259/static/media/wheel-border.png
Requested by: Host: auto-deploy.pages.dev
URL: https://auto-deploy.pages.dev/natcasino/ca/259/static/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/static/css/main.css

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7EOMVwrdC%2FDP5x8NfHgX5hn8Q4Cjak%2FOvO9BtcW%2BuYtcgZrS%2BjNiq5n9tDbfnyyk5j5%2FwMeOO83uZ3cdZIJmKAL%2F2EA68WqfgUoTgZRZo3VQoDPJd0tYaW9%2BLbqf0lXmRyx%2B4Zy7Y9%2FM0pVZ0L%2FqPmnkr60%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca4d4643d5-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=566&recv=119&lost=0&retrans=0&sent_bytes=608577&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=578&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:28 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i

GET
H3 404 wheel-bg-light.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/ 0
638 B 281ms
280ms Image
text/plain 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auto-deploy.pages.dev/natcasino/ca/259/static/media/wheel-bg-light.png
Requested by: Host: auto-deploy.pages.dev
URL: https://auto-deploy.pages.dev/natcasino/ca/259/static/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/static/css/main.css

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mj5MrH4OiqB17jf%2BnvAdOI9bIFxSApfUuuEy46%2FKqfnJLXS83j0nKhY5MQpRK4PDJbg6J8NaOG4u3URuDksZh83A1%2BAxaP4lPqu7Nt%2BNyp1pjv3r%2FSTQQwQ8SmviL9aifD00OkRq2%2B461ZaffGpMw7Gzc24%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca4d4b43d5-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=604&recv=119&lost=0&retrans=0&sent_bytes=653136&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=580&x=1", cfExtPri, cfHdrFlush;dur=124
date: Thu, 31 Oct 2024 16:26:28 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i

GET
H3 200 spin-button.png
auto-deploy.pages.dev/natcasino/ca/259/static/media/ 14 KB
15 KB 246ms
245ms Image
image/png 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/spin-button.png

Requested by

Host: auto-deploy.pages.dev
URL: https://auto-deploy.pages.dev/natcasino/ca/259/static/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

857c8a7c2add82ff808fc5a106041ee967a11114d37adfc11c0889a3edc2b43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/static/css/main.css

Response headers

etag: "430044bcb5becc67ad73f414fc3ab203"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2F3A%2ByKznLWwafV8LM6orBd%2F%2FyGeJm9Z7CM2hsyCLITVBskYTCoRbxY8Ta8RC6%2F8AKULhUyi2tj2Y4MR%2B0mJV3O2KVj%2ByCfUS%2BmLJ3NxOKvatOmgesFoOIpcS3FIvENxm50VS8Ud2jNVo%2BfzPYLRDjmeJKE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=543&recv=119&lost=0&retrans=0&sent_bytes=583794&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=574&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca4d4e43d5-EWR
access-control-allow-origin: *
content-length: 14217
server: cloudflare

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 506ms
136ms Font
font/woff2 2607:f8b0:400d:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://auto-deploy.pages.dev
Referer: https://fonts.googleapis.com/

Response headers

age: 37155
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 31 Oct 2025 06:07:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 06:07:14 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 wheel.mp3
auto-deploy.pages.dev/natcasino/ca/259/static/media/audio/ 123 KB
124 KB 272ms
271ms Media
audio/mpeg 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/audio/wheel.mp3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fd75847fcb250dd04d637286da58286cf472482af2840f9aabbf5845bb941ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "da8cfed121fb2261f4ba0f1d3d9a2b5a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FJVlq6W9erABsORjp7FxVB9ganDv3GGa6r%2FeMZR1eGed%2BBvSccgj8y5fyItV0mnY7qLs%2FkaktzkypmryrkBPJBWDCstYqeSYrZ8gMCT4CnrgJ8dPBnirw4iQFHt6tKjRvU1CqZBt6MQgeD0AfhHrxQLefek%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca5d6343d5-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 126084
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=604&recv=119&lost=0&retrans=0&sent_bytes=653136&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=606&x=1", cfExtPri, cfHdrFlush;dur=98
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: audio/mpeg
vary: Accept-Encoding
server: cloudflare
priority: u=3,i

GET
H3 200 fanfare-1.mp3
auto-deploy.pages.dev/natcasino/ca/259/static/media/audio/ 99 KB
99 KB 243ms
243ms Media
audio/mpeg 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/audio/fanfare-1.mp3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae6d928ca56dcdb0635db0cfad425de2edeafb27fa4053eb8e9f30d07ee787c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "d76ffd2bb6cd6b6acec3ccdbe723fedd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1kY7UsyfE2XM168%2BHczu3ydAWZUZIk4eQiUcT3qwCTiOuXYtgfBr22Q51%2Bp7UKtvBEtL6h8I67jO2cdhsKkWvRX0YDP6yFk48GqGeNWoWMV%2BivfFfXJtGXA3PTecXfZapU6ZWFW9GsVLbZ0ZhlGbhwSXV0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca5d6543d5-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 101007
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=567&recv=119&lost=0&retrans=0&sent_bytes=609244&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=578&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: audio/mpeg
vary: Accept-Encoding
server: cloudflare
priority: u=3,i

GET
H3 200 fanfare-2.mp3
auto-deploy.pages.dev/natcasino/ca/259/static/media/audio/ 99 KB
99 KB 310ms
309ms Media
audio/mpeg 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/static/media/audio/fanfare-2.mp3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1210732e4a4fa21a700492498829f6370b9d2a3343bfd5382af9f42b1158d4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "bcdb9f5a127b3aecb24b2140a2cf42f3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wvx9tTw5a5%2B8nKSfiFAkd4Ys72ZDyt8C5uUfqoD14768XLsKInwU8VO7e0qTSzvy%2Bv03NXE14uWj2715COchLO%2FaPeNOjC4ZVwRIYXVQzzDzNwOHx5ecTmkOi2WFn%2FpcIYs6GUwlmQEzDnMBmg3OyUz9Ot8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ca5d6743d5-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 101007
server-timing: cfL4;desc="?proto=QUIC&rtt=60747&sent=604&recv=119&lost=0&retrans=0&sent_bytes=653136&recv_bytes=26891&delivery_rate=2462710&cwnd=266400&unsent_bytes=0&cid=8877c2d41a017475&ts=590&x=1", cfExtPri, cfHdrFlush;dur=118
date: Thu, 31 Oct 2024 16:26:28 GMT
content-type: audio/mpeg
vary: Accept-Encoding
server: cloudflare
priority: u=3,i

POST
H2 204 aft.php
quesid.com/ut/ 0
542 B 725ms
129ms Ping
text/plain 2606:4700:3032::ac43:8334
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quesid.com/ut/aft.php?cab=0.82009980380384181730391988913prCTt98CAbmQ0rT6gQeedFAAIgrg1adcash
Requested by: Host: rigill.com
URL: https://rigill.com/script/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8334 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8
Referer: https://auto-deploy.pages.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3EhPwbfl3dUnPSqBt2KzxOmPjnNGNBBPOYzWT3bvfD6xeQEHbcN4ThjhTWlEvMaRibyvU9hSKlIEA9HEXnC0Yx2fO4QtojPOfSViYEVSumTHy9RZp63BQ8yeXrig1qExKzjGHPJlZObd"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 8db501ce9ab7c463-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16471&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3936&recv_bytes=3592&delivery_rate=255799&cwnd=255&unsent_bytes=0&cid=384bb375c2db802b&ts=129&x=0"
date: Thu, 31 Oct 2024 16:26:29 GMT
server: cloudflare

GET
H3 200 favicon.png
auto-deploy.pages.dev/natcasino/ca/259/ 4 KB
5 KB 95ms
94ms Other
image/png 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7af2e29f09d332de7e4bf2a3294ac23ac6badd6fcf639828e72bd6ad5226fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

etag: "fb857d79d6062a10d72b0c93b9ba68e2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWLpO4FUh96iUUtESStZ2NsXbBL%2BpHfflhMTswyeGgiP0BGfq%2F5J4gU1hmJsmMit9wFjYS3fPeoNCULdt7GQChZQhqpHybE%2F13wXZF3eL1Qw5CEPWsg6%2B4512FG4ofGdq2sTp9MgXwXtBATY1KCEJdPhR5M%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=210611&sent=897&recv=183&lost=0&retrans=0&sent_bytes=975731&recv_bytes=30750&delivery_rate=1385614&cwnd=336600&unsent_bytes=0&cid=8877c2d41a017475&ts=1115&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:29 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=1,i
cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501cdb98a43d5-EWR
access-control-allow-origin: *
content-length: 4120
server: cloudflare

GET
H3 200 favicon.png
auto-deploy.pages.dev/natcasino/ca/259/ 4 KB
635 B 124ms
123ms Other
image/png 2606:4700:310c::ac42:2f77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auto-deploy.pages.dev/natcasino/ca/259/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7af2e29f09d332de7e4bf2a3294ac23ac6badd6fcf639828e72bd6ad5226fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://auto-deploy.pages.dev/natcasino/ca/259/?cid=173039198710000TCATV62001R4958R1420R151RR2216Vcf24e&network=adcash&utm_source=6808846-924085907-1088857032&camp=397746420&creative=23818284&format=pop&offer=natcasino

Response headers

etag: "fb857d79d6062a10d72b0c93b9ba68e2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bjTQZkMfjHLwkNLAtN9baA%2BqDY9khsK9j9n5ZCkhVU1a%2FoVGHZLdEh%2F8qadX5xCsQQWcWPw1fq0tobv96kjWZiV%2BEbkwwBifFUs2mjCYfwYcbvrpx3MTIdOMQdTnlWD8Ah%2FrOlQkHTTW5o6RVAoZFm0KrQI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=193971&sent=903&recv=184&lost=0&retrans=0&sent_bytes=980701&recv_bytes=31287&delivery_rate=50407&cwnd=336600&unsent_bytes=0&cid=8877c2d41a017475&ts=1210&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 16:26:29 GMT
content-type: image/png
vary: Accept-Encoding
priority: u=1,i
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8db501ce5a7e43d5-EWR
access-control-allow-origin: *
content-length: 4120
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ntwkbc42.com
URL: https://ntwkbc42.com/ip

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
iterscasiri.click/	1970-01-21 00:41:18	Name: GL_UI4 Value: eJw9jVtugzAQRSFgkrSBdiQW0CVAns1nld%2FuwTLjgbgBT2Qc0u6%2BbqX26z50dG8URbPyCeIpW0JyUzt4oUOF1f74ut8S1kjUHnbrDa4Rj822blHD0ozSq6Ynn8JiHJTz0k8prDqy5AxKZE05PAfqr7lYvtsUROOU1TmIIRB9DvPG8X0kVyaQWjUQZKez46BiUB%2FsIKk3VfDGBh9XMOOxTIoHEO%2FG3j6LVRYVRRbB47VXvmU3SKNDFJ1TmiB%2BgwUqTx27L5hrGi%2BerwDca%2FnP%2F36K%2FmcNMk2TwRDZn8l9Ayg%2FTvw%3D
iterscasiri.click/	1970-01-21 00:41:18	Name: GL_GI10 Value: eJwtykEKwjAQBdDMIFFRFx97AE%2BQtgG717jURfEEaTpIIaQlrZ5fF24fTynFxR48TDjUTWMqY6uzsbYGvcDuAg4J2vnkew%2FK4NaB84%2Fat3QSQAGbx5iWLD6CBuyuEuPp%2FznN2DrfRSlvzzto0gq8jOsVeO4LBfro4xe4jhva
iterscasiri.click/	1970-01-21 02:06:15	Name: cvn1 Value: CwaAAAAAAhQBCgAXTmsGAQM%3D
iterscasiri.click/	1970-01-21 00:41:18	Name: GL_BC Value: eJxjYGBgEmEU5EyKNzQ1MjcxMBZh5EpXXr%2BRjREALG4EaQ%3D%3D
iterscasiri.click/	1970-01-21 00:41:18	Name: GL_CA_108320 Value: eJxjYGBgEmHkYhDl7BdhEmRMZmMUZCzhSldevxEAHCQD2w%3D%3D
iterscasiri.click/	1970-01-21 00:41:18	Name: GL_OC Value: eJxjYGBgEmEUZMmPNzUQYeRKV16%2FkY0RABoJA3A%3D
.rno2p.bemobtrcks.com/	1970-01-21 09:25:27	Name: bemob-viewer-id Value: f805b407-26fc-4b8c-aea7-37e5578e40cc
.rno2p.bemobtrcks.com/	1970-01-21 00:41:18	Name: bemob-uniq-visit:e9890044-77ce-48a1-9f56-db0fecd9814b Value: 1
.rno2p.bemobtrcks.com/	1970-01-21 01:23:03	Name: bemob-click-id Value: UiiNpBV9fvXy1hqR37cxgr

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auto-deploy.pages.dev/natcasino/ca/259/static/media/stopper-mount.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://auto-deploy.pages.dev/natcasino/ca/259/static/media/wheel-border.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://auto-deploy.pages.dev/natcasino/ca/259/static/media/wheel-bg-light.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auto-deploy.pages.dev
dexpredict.com
fonts.googleapis.com
fonts.gstatic.com
iterscasiri.click
junkyadexchange.com
ntwkbc21.com
ntwkbc42.com
quesid.com
rigill.com
rno2p.bemobtrcks.com
ntwkbc42.com
104.198.50.50
173.0.146.170
2606:4700:3032::ac43:8334
2606:4700:3033::6815:d15
2606:4700:3037::ac43:aef0
2606:4700:3037::ac43:b84d
2606:4700:310c::ac42:2f77
2607:f8b0:400d:c07::5e
2607:f8b0:400d:c09::5f
52.55.41.13
0467576b0fad150f832219a35b1955628d4b01167a1ff0b65dbd6056d28b67af
12052812d4e481278022bb294aa379da01a13264c096329ac32f0d6ebbb8ab7d
1210732e4a4fa21a700492498829f6370b9d2a3343bfd5382af9f42b1158d4e3
150dc526008d8e025cb63d6fd9a5272c6308297b8d75a69d7af307022be8c4da
24c9bdca5814668fad0f9035f42c2aaaf5431f3469ba3a489ce68224f747b790
3c94fe44e3a50aba91c5c2c32ef0cffe483d9281e0863583b83d88d8d86fe674
40daec142f0d45cfea04f49f21e047f732da0be3b72f08d5c6c1b562f8221429
4338379e7b31e9b19a8b02f639e9732423b59f33591a42c8aa483ed7aa16fa2a
53787df8df64c63fab708770cf2c2ccab61b5c748a5caaf318a740ea352a8769
6872f9697ea2490d07158914595cdc8bc56b3f3071688fd872999778fa10ebc3
69512a854c196d68ab36d0a5940cfcccfc792605d5c8b138492f106cbf66c774
6fd75847fcb250dd04d637286da58286cf472482af2840f9aabbf5845bb941ca
750e47efae13a96b77ffb991103bf83e2092fc3272f2e74d7132b6ee76bd0b6c
7b48cd35122c1e245c1b14a6e74a3c5372dba3a9d655ef7ee679840aa7826a2c
81e51a3d91017d001a1fb33c59f05079352371e1082d669a325bfe686167d86a
857c8a7c2add82ff808fc5a106041ee967a11114d37adfc11c0889a3edc2b43a
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
914b13432f93fe777b3d5357de1cf356eea2f59dff1cd7f8b82b57461812ed98
93d1390693ff80d919b5ad2b83c30445528668eaa618910c384a973e5a1ec8ff
9829d72cc8d4ce5dca953dc5db50c3c9ba90c4b3628eb968451ebbccf8d8a0f5
ae6d928ca56dcdb0635db0cfad425de2edeafb27fa4053eb8e9f30d07ee787c5
b1fc57dafaaad10c0fd2c953dec5a3f35b60c1b6c3860967dd1c486640cf417a
b2de0ecbd0edf5f4b0c00fe93e6ee9926ec34306dc909f121fd994b05acbfcfd
b3a440db7446b01860d6303234207016f9cff7c4b299b4c6ea2ea7289f7b7a44
c0480d50e8e894b23266e4f7ecad323772c932c8ae7321a6ff3303abcf714296
c301352ddc82b5d9819e3631efa0f0c8e5ca7421c8c85d05731d3106d3d99e79
c3e3d7e0bce6022ae66381d04eb4742252d577ba15c5f9cceb49cb14c9eb90b1
cb9b221c2394440397feddd9b9c7eed5dfee923fec102c1dae2f6bf3852bf8c6
ce0f676ebc2242b18430ad4dc8e4553d063b9a711ccd20f20e6bad8e6b91e36a
d7af2e29f09d332de7e4bf2a3294ac23ac6badd6fcf639828e72bd6ad5226fcc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69fd9529d8dc6f84d3ab93d1b86fdf7d2506d67cb44fa9bbe4a4f533f321405
f374f8e2392cad2618f92459fec1518c36716c12bfc4ae8ff61c30e99abb102e
f47fc00309a6af71a145bf391ba6550c47f8949b61270aaab441dddcb9e6be7b
f54d3bba9b54c0fef19fba9b43e99c3ac5a1fe8054cfd41070e4ae6987d88f83
fc32db89be7d4a4c9153467cf83aa1bfffb0173dda6354d3acce398fff0af29f

auto-deploy.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2f77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

70 %IPv6

11 Domains

11 Subdomains

9 IPs

1 Countries

520 kBTransfer

1049 kBSize

9 Cookies

4 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

auto-deploy.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2f77 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

70 %
IPv6

11
Domains

11
Subdomains

9
IPs

1
Countries

520 kB
Transfer

1049 kB
Size

9
Cookies

43 HTTP transactions
0 data transactions