spinwithvegas.com Open in urlscan Pro
2606:4700:3030::6815:1567 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://yougreatjob.com/vQBvrzrOY5xd9Bywak1UMmB3msXG8oFo8a9a5a2db8kb0n6jq3AK1MQq9k
Effective URL:
https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general...
Submission: On April 20 via manual (April 20th 2021, 11:23:49 am UTC) from GB

Summary HTTP 34 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3030::6815:1567, located in United States and belongs to CLOUDFLARENET, US. The main domain is spinwithvegas.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 29th 2020. Valid for: a year.

This is the only time spinwithvegas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.162.243.158 192.162.243.158	16262 (DATACHEAP...) (DATACHEAP-LLC-AS)
4	23.250.115.112 23.250.115.112	36352 (AS-COLOCR...) (AS-COLOCROSSING)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:4a00:10:b308:84c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.224.102.100 13.224.102.100	16509 (AMAZON-02) (AMAZON-02)
2	54.166.108.68 54.166.108.68	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:303... 2606:4700:3035::ac43:c19a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::6815:4a86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	216.189.51.90 216.189.51.90	6921 (ARACHNITEC) (ARACHNITEC)
1 13	2606:4700:303... 2606:4700:3030::6815:1567	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
34	11

1 192.162.243.158 (Russian Federation) 1 redirects

ASN16262 (DATACHEAP-LLC-AS, RU)
PTR: indigoquel.com

yougreatjob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.250.115.112 (Los Angeles, United States)

ASN36352 (AS-COLOCROSSING, US)

pangeafresh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:4a00:10:b308:84c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.bouncepilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.102.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-100.zrh50.r.cloudfront.net

static.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.166.108.68 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-108-68.compute-1.amazonaws.com

api.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:c19a (United States)

ASN13335 (CLOUDFLARENET, US)

offer-notavailable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:4a86 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rapid-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.189.51.90 (United States) 1 redirects

ASN6921 (ARACHNITEC, US)
PTR: 216-189-51-90.for-global-telecom.com

go.yonyelinta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3030::6815:1567 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spinwithvegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	spinwithvegas.com 1 redirects spinwithvegas.com	471 KB
4	gstatic.com fonts.gstatic.com	59 KB
4	traversedlp.com static.traversedlp.com api.traversedlp.com Failed	8 KB
4	pangeafresh.com pangeafresh.com	13 KB
2	yonyelinta.com 1 redirects go.yonyelinta.com	815 B
2	offer-notavailable.com offer-notavailable.com	94 KB
2	bouncepilot.com static.bouncepilot.com	67 KB
2	googletagmanager.com www.googletagmanager.com	61 KB
1	googleapis.com fonts.googleapis.com	784 B
1	rapid-cdn.com 1 redirects rapid-cdn.com	2 KB
1	yougreatjob.com 1 redirects yougreatjob.com	423 B
34	11

	Domain	Requested by
13	spinwithvegas.com	1 redirects go.yonyelinta.com spinwithvegas.com
4	fonts.gstatic.com	fonts.googleapis.com
4	pangeafresh.com	pangeafresh.com
2	go.yonyelinta.com	1 redirects offer-notavailable.com
2	offer-notavailable.com	pangeafresh.com offer-notavailable.com
2	api.traversedlp.com	static.traversedlp.com
2	static.traversedlp.com	www.googletagmanager.com
2	static.bouncepilot.com	pangeafresh.com
2	www.googletagmanager.com	pangeafresh.com
1	fonts.googleapis.com	spinwithvegas.com
1	rapid-cdn.com	1 redirects
1	yougreatjob.com	1 redirects
34	12

This site contains links to these domains. Also see Links.

Domain
vegas-redirect.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.bouncepilot.com Amazon	`2020-07-21` - `2021-08-21`	a year	crt.sh
*.traversedlp.com Go Daddy Secure Certificate Authority - G2	`2020-12-29` - `2022-01-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
Frame ID: DA2D1D56E861EDAD5D955526E83C5CB3
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://yougreatjob.com/vQBvrzrOY5xd9Bywak1UMmB3msXG8oFo8a9a5a2db8kb0n6jq3AK1MQq9k HTTP 302
http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_... Page URL
http://pangeafresh.com/a6a9921a58a645a298f6274238b76c089/?newcid=4740&sid1=39482_4632900_13&sid2=17... Page URL
https://offer-notavailable.com/bettercontent/?utm_source=107518&utm_medium=27&utm_campaign=239&utm_content=206 Page URL
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107518&vert=&cid= HTTP 307
http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=12191... Page URL
http://go.yonyelinta.com/match-6633/42429/109977769/1618917814/mf_85dd207f-d95e-44dd-aab0-3773b7a7da3... HTTP 302
https://spinwithvegas.com/l/5fe1f360d4834f1e526b194c?click_id={click_id}&sub_id=ts464-internationalema... HTTP 302
https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-intern... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

34
Requests

79 %
HTTPS

58 %
IPv6

11
Domains

12
Subdomains

11
IPs

3
Countries

773 kB
Transfer

953 kB
Size

2
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://vegas-redirect.com/?s=54&ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D&from=aHR0cDovL2dvLnlvbnllbGludGEuY29tLw%3D%3D&encoded_url=P2NsaWNrX2lkPSU3QmNsaWNrX2lkJTdE

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://yougreatjob.com/vQBvrzrOY5xd9Bywak1UMmB3msXG8oFo8a9a5a2db8kb0n6jq3AK1MQq9k HTTP 302
http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55 Page URL
http://pangeafresh.com/a6a9921a58a645a298f6274238b76c089/?newcid=4740&sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55&sid4=&dev_click= Page URL
https://offer-notavailable.com/bettercontent/?utm_source=107518&utm_medium=27&utm_campaign=239&utm_content=206 Page URL
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107518&vert=&cid= HTTP 307
http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1219136221084246907 Page URL
http://go.yonyelinta.com/match-6633/42429/109977769/1618917814/mf_85dd207f-d95e-44dd-aab0-3773b7a7da3e/dHM0NjQtaW50ZXJuYXRpb25hbGVtYWlsLWdlbmVyYWw=/?flux_txid=475075720557923304&flux_hid=1219136221084246907 HTTP 302
https://spinwithvegas.com/l/5fe1f360d4834f1e526b194c?click_id={click_id}&sub_id=ts464-internationalemail-general HTTP 302
https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://yougreatjob.com/vQBvrzrOY5xd9Bywak1UMmB3msXG8oFo8a9a5a2db8kb0n6jq3AK1MQq9k HTTP 302
http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55

Request Chain 16

http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107518&vert=&cid= HTTP 307
http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1219136221084246907

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
pangeafresh.com//a6a9921a58a645a298f6274238b76c089/
Redirect Chain

http://yougreatjob.com/vQBvrzrOY5xd9Bywak1UMmB3msXG8oFo8a9a5a2db8kb0n6jq3AK1MQq9k
http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55

6 KB
6 KB

383ms
357ms

Document
text/html

23.250.115.112
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55
Protocol: HTTP/1.1
Server: 23.250.115.112 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash: eb791344b9642308a99187cecef58ec5129e335a7ff9384a39e07e1cc43b822e

Request headers

Host: pangeafresh.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Tue, 20 Apr 2021 11:17:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.26

Redirect headers

Date: Tue, 20 Apr 2021 11:23:28 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
location: http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 78 KB
31 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW

Requested by

Host: pangeafresh.com
URL: http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c84d2ba4651e6a2ed5e1af4feb3f8e4d47deac0aa30410733d68277377b7468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://pangeafresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31331
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Apr 2021 11:23:29 GMT

POST
H/1.1 200
OK fp.php
pangeafresh.com/ 301 B
502 B 323ms
322ms XHR
text/html 23.250.115.112
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: http://pangeafresh.com/fp.php
Requested by: Host: pangeafresh.com
URL: http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55
Protocol: HTTP/1.1
Server: 23.250.115.112 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash

Request headers

Pragma: no-cache
Origin: http://pangeafresh.com
Accept-Encoding: gzip, deflate
Host: pangeafresh.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55
Connection: keep-alive
Content-Length: 880
Referer: http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 20 Apr 2021 11:17:16 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.26
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 29a38865-21e1-485f-8a85-c343bbbe30fb.js Show response
static.bouncepilot.com/ 33 KB
33 KB 46ms
6ms Script
application/javascript 2600:9000:211e:4a00:10:b308:84c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by: Host: pangeafresh.com
URL: http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4a00:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 990496c62d75c59da1df0eff05e9bec618c45cb59eab0e0864594c9251eba89c

Request headers

Referer: http://pangeafresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 13:50:30 GMT
via: 1.1 daa2f44af77ac5ed09ff4b0024dfcd5d.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 13:46:34 GMT
server: AmazonS3
age: 77580
etag: "4e6941c0a0a55b2fb8d6aab28cda7689"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 33917
x-amz-cf-id: v-EypPy5o_gkMpeyDcOt7qbNGfrId-hqkxcmCa80KhnKD2Ct4_Q2Ow==

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 215ms
70ms Script
application/javascript 13.224.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-100.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6883197c20c58a0804b6ad6da9c06c9daff14267d65fe286666a1c08a61ba1e1

Request headers

Referer: http://pangeafresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z_rPBOpsutVE9bhWkpsIEjsEvYBS2ueX
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 19 Mar 2021 19:00:16 GMT
Server: AmazonS3
Age: 4511
ETag: W/"7d385c3008e7fc836888faf91fc98116"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Tue, 20 Apr 2021 10:59:49 GMT
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: LiAyEyFKjGC3JUeZkMIBxrXf0TZYJjJdzj9o73b97wqP8pf2Ebu4mQ==

GET cookie
api.traversedlp.com/retargeting/v1/ 0
0

GET
H/1.1 200
OK / Show response
pangeafresh.com/a6a9921a58a645a298f6274238b76c089/ 6 KB
6 KB 192ms
192ms Document
text/html 23.250.115.112
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: http://pangeafresh.com/a6a9921a58a645a298f6274238b76c089/?newcid=4740&sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55&sid4=&dev_click=
Requested by: Host: pangeafresh.com
URL: http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55
Protocol: HTTP/1.1
Server: 23.250.115.112 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash: e8c26b148f601019297d5cd2a364a7f49d080875635d181566cae28005c911ff

Request headers

Host: pangeafresh.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: clkcheck28001=1c8ef5220d6956be2515cf7e21800ed7_107518
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55

Response headers

Server: nginx
Date: Tue, 20 Apr 2021 11:17:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.26

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 78 KB
31 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW

Requested by

Host: pangeafresh.com
URL: http://pangeafresh.com/a6a9921a58a645a298f6274238b76c089/?newcid=4740&sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55&sid4=&dev_click=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1258f3034e9b6571d4b5acf1ee3901ae9343a8c10b6b6814bb8c1c232467e5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://pangeafresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31333
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Apr 2021 11:23:30 GMT

POST
H/1.1 200
OK fp.php
pangeafresh.com/ 233 B
433 B 337ms
337ms XHR
text/html 23.250.115.112
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: http://pangeafresh.com/fp.php
Requested by: Host: pangeafresh.com
URL: http://pangeafresh.com/a6a9921a58a645a298f6274238b76c089/?newcid=4740&sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55&sid4=&dev_click=
Protocol: HTTP/1.1
Server: 23.250.115.112 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash

Request headers

Pragma: no-cache
Origin: http://pangeafresh.com
Accept-Encoding: gzip, deflate
Host: pangeafresh.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://pangeafresh.com/a6a9921a58a645a298f6274238b76c089/?newcid=4740&sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55&sid4=&dev_click=
Cookie: clkcheck28001=1c8ef5220d6956be2515cf7e21800ed7_107518
Connection: keep-alive
Content-Length: 921
Referer: http://pangeafresh.com/a6a9921a58a645a298f6274238b76c089/?newcid=4740&sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55&sid4=&dev_click=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 20 Apr 2021 11:17:16 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.26
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 29a38865-21e1-485f-8a85-c343bbbe30fb.js Show response
static.bouncepilot.com/ 33 KB
33 KB 7ms
7ms Script
application/javascript 2600:9000:211e:4a00:10:b308:84c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by: Host: pangeafresh.com
URL: http://pangeafresh.com//a6a9921a58a645a298f6274238b76c089/?sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4a00:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 990496c62d75c59da1df0eff05e9bec618c45cb59eab0e0864594c9251eba89c

Request headers

Referer: http://pangeafresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 13:50:30 GMT
via: 1.1 daa2f44af77ac5ed09ff4b0024dfcd5d.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 13:46:34 GMT
server: AmazonS3
age: 77581
etag: "4e6941c0a0a55b2fb8d6aab28cda7689"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 33917
x-amz-cf-id: Ca0C98ZIDQB5RxLW4X7guWvS0_lZbKOd7WgralINxl-HBnKM3WBj5Q==

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 73ms
73ms Script
application/javascript 13.224.102.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-100.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6883197c20c58a0804b6ad6da9c06c9daff14267d65fe286666a1c08a61ba1e1

Request headers

Referer: http://pangeafresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z_rPBOpsutVE9bhWkpsIEjsEvYBS2ueX
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 19 Mar 2021 19:00:16 GMT
Server: AmazonS3
Age: 4512
ETag: W/"7d385c3008e7fc836888faf91fc98116"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Tue, 20 Apr 2021 10:59:49 GMT
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: 0cy6loofLlIJ21fFznDKMBx3LHMn1c2VGh7bVRFt2aK-Daf30bY4rA==

GET
H2 200 cookie Show response
api.traversedlp.com/retargeting/v1/ 18 B
404 B 135ms
134ms XHR
application/json 54.166.108.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.108.68 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-166-108-68.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce

Request headers

Referer: http://pangeafresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:30 GMT
server: nginx/1.18.0
etag: W/"12-86d81FY+WDtP4sdiTK7DKw"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://pangeafresh.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 18

POST enqueue
api.traversedlp.com/retargetinginclusion/ 0
0

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ 0
0 414ms
135ms Preflight
text/html 54.166.108.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Server: 54.166.108.68 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-166-108-68.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://pangeafresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 20 Apr 2021 11:23:30 GMT
content-type: text/html; charset=utf-8
content-length: 228
server: nginx/1.18.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://pangeafresh.com
access-control-allow-credentials: true
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: content-type,authorization
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary: Accept-Encoding

GET
H2 200 / Show response
offer-notavailable.com/bettercontent/ 3 KB
2 KB 301ms
275ms Document
text/html 2606:4700:3035::ac43:c19a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer-notavailable.com/bettercontent/?utm_source=107518&utm_medium=27&utm_campaign=239&utm_content=206
Requested by: Host: pangeafresh.com
URL: http://pangeafresh.com/a6a9921a58a645a298f6274238b76c089/?newcid=4740&sid1=39482_4632900_13&sid2=179_73176923_0_0_0_3830886_55_1898_45486_4632900_10_841&sid3=55&sid4=&dev_click=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c19a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcfe6c6838dfd145569c8cd6524558a837d6c2f9efcb73d9dd20f4bcc484782a

Request headers

:method: GET
:authority: offer-notavailable.com
:scheme: https
:path: /bettercontent/?utm_source=107518&utm_medium=27&utm_campaign=239&utm_content=206
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://pangeafresh.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://pangeafresh.com/

Response headers

date: Tue, 20 Apr 2021 11:23:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da63f66b24ce736b1c50e2844d88647201618917810; expires=Thu, 20-May-21 11:23:30 GMT; path=/; domain=.offer-notavailable.com; HttpOnly; SameSite=Lax; Secure
cf-cache-status: DYNAMIC
cf-request-id: 09909e79af00002bd6c4877000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vsIZoWlZFt953mo%2FqjhYRJZTlkjuzVLI%2F%2FKfh%2FTp4SnUqo8HoffjW6zuvN%2FdpXUwJKENbVp9WEotV8Lmv4NDi1ruoYl2eatX95ohkuNTBUyuEyBgYAdtEn%2F4Z0zZpt1fH6uX"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 642e003c4abb2bd6-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 desktop.png
offer-notavailable.com/bettercontent/images/ 92 KB
93 KB 45ms
25ms Image
image/png 2606:4700:3035::ac43:c19a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer-notavailable.com/bettercontent/images/desktop.png
Requested by: Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=107518&utm_medium=27&utm_campaign=239&utm_content=206
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c19a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864

Request headers

:path: /bettercontent/images/desktop.png
pragma: no-cache
cookie: __cfduid=da63f66b24ce736b1c50e2844d88647201618917810
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: offer-notavailable.com
referer: https://offer-notavailable.com/bettercontent/?utm_source=107518&utm_medium=27&utm_campaign=239&utm_content=206
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://offer-notavailable.com/bettercontent/?utm_source=107518&utm_medium=27&utm_campaign=239&utm_content=206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 101243
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94237
cf-request-id: 09909e7aee000063d139857000000001
last-modified: Wed, 06 Nov 2019 23:26:55 GMT
server: cloudflare
etag: "5dc356bf-1701d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5fXys8IyNwxXTs721T4gtI0dG%2BrCPgfQpu7oBWy0C5gRLxnBDHh0Phr3EiWw9vGETE1Dbng8dDqYqXZRPDkzPt%2FRXFUmL9OgfkhHiFk7hxYFKvw%2F1VFvrcN%2FQ3851xVQ7z5l"}]}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 642e003e4a1063d1-FRA
expires: Wed, 19 May 2021 07:16:07 GMT

GET
H/1.1

200
OK

ts464-internationalemail-general
go.yonyelinta.com/
Redirect Chain

http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107518&vert=&cid=
http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1219136221084246907

496 B
563 B

494ms
468ms

Document
text/html

216.189.51.90
ARACHNITEC

General

Check archive.org

Show headers Download Go to

Full URL: http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1219136221084246907
Requested by: Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=107518&utm_medium=27&utm_campaign=239&utm_content=206
Protocol: HTTP/1.1
Server: 216.189.51.90 , United States, ASN6921 (ARACHNITEC, US),
Reverse DNS: 216-189-51-90.for-global-telecom.com
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: go.yonyelinta.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://offer-notavailable.com/bettercontent/?utm_source=107518&utm_medium=27&utm_campaign=239&utm_content=206

Response headers

Server: nginx/1.14.2
Date: Tue, 20 Apr 2021 11:23:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip

Redirect headers

Date: Tue, 20 Apr 2021 11:23:34 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d1c260f49ac55eda868cca0a6bc3d8c851618917813; expires=Thu, 20-May-21 11:23:33 GMT; path=/; domain=.rapid-cdn.com; HttpOnly; SameSite=Lax PHPSESSID=999af12fb4548cc1a91e6e9a4a4672a2; expires=Tue, 27-Apr-2021 11:23:34 GMT; Max-Age=604800; path=/; secure; SameSite=None csid3=999af12fb4548cc1a91e6e9a4a4672a2; expires=Wed, 20-Apr-2022 11:23:34 GMT; Max-Age=31536000; path=/; secure; SameSite=None PHPSESSID=999af12fb4548cc1a91e6e9a4a4672a2; expires=Wed, 21-Apr-2021 11:23:34 GMT; Max-Age=86400; path=/; secure; SameSite=None
X-Powered-By: PHP/7.3.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Robots-Tag: noindex, noarchive, nofollow
P3P: CP="This is not a P3P policy"
Location: http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1219136221084246907
CF-Cache-Status: DYNAMIC
cf-request-id: 09909e86d400004dfab38b2000000001
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xlBM059vwYwpZulMyz7gwYKU6a7HAo6%2Fd%2Bq5j4NXDROjs1vTIroLw%2F4oekD9%2Bfm29g8RW1xZmmSanmhAt8pVP7Jqi3Ls7Wjd%2FLPDckKUukVEkitSQdm981MS"}]}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 642e00515c924dfa-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29

200

Primary Request index.php Show response
spinwithvegas.com/landingpages/vv045_ny/
Redirect Chain

http://go.yonyelinta.com/match-6633/42429/109977769/1618917814/mf_85dd207f-d95e-44dd-aab0-3773b7a7da3e/dHM0NjQtaW50ZXJuYXRpb25hbGVtYWlsLWdlbmVyYWw=/?flux_txid=475075720557923304&flux_hid=1219136221...
https://spinwithvegas.com/l/5fe1f360d4834f1e526b194c?click_id={click_id}&sub_id=ts464-internationalemail-general
https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D

8 KB
2 KB

87ms
76ms

Document
text/html

2606:4700:3030::6815:1567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D

Requested by

Host: go.yonyelinta.com
URL: http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1219136221084246907

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1567 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c552a415dabd5376d06f2427356f44ef8426fb038da69ece256677022d3c465

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: spinwithvegas.com
:scheme: https
:path: /landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://go.yonyelinta.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dbf1ba6dbb63a212c701b18481976751d1618917815
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1219136221084246907

Response headers

date: Tue, 20 Apr 2021 11:23:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: mongo_sess=8da58e309216a4b8ca1a26f8f4b57d54; expires=Wed, 21-Apr-2021 11:23:35 GMT; Max-Age=86400; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
cf-request-id: 09909e8c100000535dfa291000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EaLcbA587o9wcjBWrUmutUUDdAOHV27JLOdnSWfx4DE0C4aqpRovZD7ZycoNi5qFpKhsgV1HDRx9I%2BgB2ZWajE691b3vfbzkrePII8PNpit7sqdBhw6cs1fkly4hjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 642e0059ba6d535d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 20 Apr 2021 11:23:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbf1ba6dbb63a212c701b18481976751d1618917815; expires=Thu, 20-May-21 11:23:35 GMT; path=/; domain=.spinwithvegas.com; HttpOnly; SameSite=Lax
location: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
cf-request-id: 09909e8bbf00002c52a5157000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AJpETNe1pkhJPo%2F5HgCXqqxrV4JCBg%2BgI7X7d0sxX%2Fw7mW0K4dMJ1cPtYO%2FI4a%2F7q0hyDS8t7m6wMZy9OLIok5JEgD7eDaCWRXePe1xOYNeLukAE9tXOA42%2BeRlGaw%3D%3D"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 642e00593da22c52-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 css2
fonts.googleapis.com/ 9 KB
784 B 25ms
22ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700;800&family=Roboto&display=swap

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a74e5c0a95f46ec0c8e39fa58f93928842502724fff5d8432e47c3eb451f6282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://spinwithvegas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 11:23:35 GMT
server: ESF
date: Tue, 20 Apr 2021 11:23:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Apr 2021 11:23:35 GMT

GET
H3-29 200 style.css
spinwithvegas.com/landingpages/vv045_ny/css/ 10 KB
3 KB 49ms
44ms Stylesheet
text/css 2606:4700:3030::6815:1567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spinwithvegas.com/landingpages/vv045_ny/css/style.css

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1567 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d18166f68dcd0f68576c8798c01d17eac495848247f737d4fb02c83f5478ff40

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

:path: /landingpages/vv045_ny/css/style.css
pragma: no-cache
cookie: __cfduid=dbf1ba6dbb63a212c701b18481976751d1618917815; mongo_sess=8da58e309216a4b8ca1a26f8f4b57d54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: spinwithvegas.com
referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09909e8c620000535d18344000000001
last-modified: Thu, 17 Dec 2020 17:16:58 GMT
server: cloudflare
etag: W/"5fdb928a-2615"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UI8ut%2FV7TXu2ps3f36eLzgTI5fPOgACsRmfSrVWwfaS%2BnVgXmqRFyoR5AH4UPxMp7nphDQ78kBRSdBwfcop6eba%2FuHJWfqJ7KqsLyI3KHpWS%2FDYqqKMUJpjXbXjDlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-ray: 642e005a3b90535d-FRA
expires: Wed, 21 Apr 2021 11:23:35 GMT

GET
H3-29 200 preloader.svg
spinwithvegas.com/landingpages/vv045_ny/img/ 626 B
957 B 53ms
51ms Image
image/svg+xml 2606:4700:3030::6815:1567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv045_ny/img/preloader.svg

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1567 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3485068c605242a0853e4e9dd60705ecbdd0128902b182792c196aaf63e96513

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

:path: /landingpages/vv045_ny/img/preloader.svg
pragma: no-cache
cookie: __cfduid=dbf1ba6dbb63a212c701b18481976751d1618917815; mongo_sess=8da58e309216a4b8ca1a26f8f4b57d54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: spinwithvegas.com
referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09909e8c630000535df81cc000000001
last-modified: Tue, 03 Nov 2020 16:12:34 GMT
server: cloudflare
etag: W/"5fa18172-272"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=27IxeGPr40bwwxzK4sOK9P0GTAMVuI8bDcTtZbu5sdZ5%2BO7PreGZrQR78dg6ZFLdtWSF1znCQZ2bUGtfpn8teEqOC%2B02uzIM%2F4JgHR1f1tnfQEblVb8mwrMGT0lkcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 642e005a3b9a535d-FRA

GET
H3-29 200 logo.png
spinwithvegas.com/landingpages/vv045_ny/img/ 71 KB
72 KB 45ms
44ms Image
image/png 2606:4700:3030::6815:1567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv045_ny/img/logo.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1567 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b6ba2c51f0445367411b95457811094c44e7082199ff1d6723ec9ef5c44bea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

:path: /landingpages/vv045_ny/img/logo.png
pragma: no-cache
cookie: __cfduid=dbf1ba6dbb63a212c701b18481976751d1618917815; mongo_sess=8da58e309216a4b8ca1a26f8f4b57d54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: spinwithvegas.com
referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:35 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72838
cf-request-id: 09909e8c630000535d40b84000000001
last-modified: Thu, 17 Dec 2020 08:47:08 GMT
server: cloudflare
etag: "5fdb1b0c-11c86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aMip2Vo4%2BK0LfkrY19xWwTr40%2FD3xPhN%2FjL42udVnxPjU5QViw6ZlVHfXeYJ%2B7J6OijczF1rX23EumeL%2Fe8zSQE0BLfyIblcbMrRaFvuPZ8Xp94QbJjzqEqBx75n4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 642e005a3b9d535d-FRA
expires: Wed, 21 Apr 2021 11:23:35 GMT

GET
H3-29 200 parters-pay-desk.png
spinwithvegas.com/landingpages/vv045_ny/img/ 22 KB
23 KB 38ms
37ms Image
image/png 2606:4700:3030::6815:1567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv045_ny/img/parters-pay-desk.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1567 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7336654fb6e8cbdb1e42d0500d517bb676b6ec378163d2f1fba36f4f71dead28

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

:path: /landingpages/vv045_ny/img/parters-pay-desk.png
pragma: no-cache
cookie: __cfduid=dbf1ba6dbb63a212c701b18481976751d1618917815; mongo_sess=8da58e309216a4b8ca1a26f8f4b57d54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: spinwithvegas.com
referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:35 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22484
cf-request-id: 09909e8c630000535d3097f000000001
last-modified: Thu, 17 Dec 2020 08:25:52 GMT
server: cloudflare
etag: "5fdb1610-57d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yrBXaDKcEGWD0Us4SDa7Jg7QNAdDgF0WEyUEZBs0Doc0j5VA4RVm6DdCmxEiE8asqma88VEfqOP4R4nZAmoGEojzGkfpZVAOWsVkc1onXEgYR0Q5Thsskh0Cmwuhsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 642e005a3b9e535d-FRA
expires: Wed, 21 Apr 2021 11:23:35 GMT

GET
H3-29 200 parters-pay-mob.png
spinwithvegas.com/landingpages/vv045_ny/img/ 21 KB
21 KB 59ms
58ms Image
image/png 2606:4700:3030::6815:1567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv045_ny/img/parters-pay-mob.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1567 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be769e2f0de448635109d6602a95c421ff9bf881e17c863371ee2f864fd20db2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

:path: /landingpages/vv045_ny/img/parters-pay-mob.png
pragma: no-cache
cookie: __cfduid=dbf1ba6dbb63a212c701b18481976751d1618917815; mongo_sess=8da58e309216a4b8ca1a26f8f4b57d54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: spinwithvegas.com
referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:35 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21019
cf-request-id: 09909e8c630000535dfa879000000001
last-modified: Thu, 17 Dec 2020 08:25:52 GMT
server: cloudflare
etag: "5fdb1610-521b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5bogGHP8Tv3yvxLcx6yiWqxFIQ8ESwWCCczK%2FndN9TPsqDggFwiwVsjJVebBvN1TI%2BTqrqZ9tJsXIEONRaBE%2F9zFmz%2BzSW8D8voU%2BnNGETFHt2xgQ5GS4PXG%2F%2Buj%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 642e005a3ba0535d-FRA
expires: Wed, 21 Apr 2021 11:23:35 GMT

GET
H3-29 200 jquery-3.2.1.min.js Show response
spinwithvegas.com/landingpages/vv045_ny/js/ 85 KB
29 KB 54ms
50ms Script
application/javascript 2606:4700:3030::6815:1567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spinwithvegas.com/landingpages/vv045_ny/js/jquery-3.2.1.min.js

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1567 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

:path: /landingpages/vv045_ny/js/jquery-3.2.1.min.js
pragma: no-cache
cookie: __cfduid=dbf1ba6dbb63a212c701b18481976751d1618917815; mongo_sess=8da58e309216a4b8ca1a26f8f4b57d54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: spinwithvegas.com
referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09909e8c620000535d6bab2000000001
last-modified: Mon, 10 Sep 2018 10:48:44 GMT
server: cloudflare
etag: W/"5b964c0c-15287"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rcT25b8724JYGbBVzCtAZGm8szDnRhzbD5mU2sbQXqLUA7kUSPcqOpbnLjWSSMtt2IKmbb69EqtiC3nlhQKtFyfu5RlKqaCUCO9sBCwFI9ufBjTDXEywEt8aWW1gqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-ray: 642e005a3b95535d-FRA
expires: Wed, 21 Apr 2021 11:23:35 GMT

GET
H3-29 200 main.js Show response
spinwithvegas.com/landingpages/vv045_ny/js/ 3 KB
1 KB 53ms
51ms Script
application/javascript 2606:4700:3030::6815:1567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spinwithvegas.com/landingpages/vv045_ny/js/main.js

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1567 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d201e5a3fe0d50a3855f87d60a4dd66ef8c91aa7796c0cd97bdaecb16f0cfe3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

:path: /landingpages/vv045_ny/js/main.js
pragma: no-cache
cookie: __cfduid=dbf1ba6dbb63a212c701b18481976751d1618917815; mongo_sess=8da58e309216a4b8ca1a26f8f4b57d54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: spinwithvegas.com
referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://spinwithvegas.com/landingpages/vv045_ny/index.php?ref=vp_w88865c69773l7534gdep167_ts464-internationalemail-general&click_id=%7Bclick_id%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09909e8c620000535d1c1ef000000001
last-modified: Thu, 17 Dec 2020 13:41:30 GMT
server: cloudflare
etag: W/"5fdb600a-a16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IoyEgOEafOjjfuqn4e2NVoIBIkSZoVUGriI9UW0pNa%2FcvlDsx8zS%2BpgGha%2Bwdb9JaUuy%2B9n%2BjDqLFOZime0I8SxFCYX3wUJJeZOiYvjmMdOAlUelTV5AzcRN%2F%2FvvGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-ray: 642e005a3b98535d-FRA
expires: Wed, 21 Apr 2021 11:23:35 GMT

GET
H3-29 200 bg-desk.jpg
spinwithvegas.com/landingpages/vv045_ny/img/ 266 KB
266 KB 35ms
34ms Image
image/jpeg 2606:4700:3030::6815:1567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv045_ny/img/bg-desk.jpg

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv045_ny/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1567 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

863d73671fbd18cf7f99a3ca0cf68adf879c43d3ba1bdbf67fe4beb68b49ddd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

:path: /landingpages/vv045_ny/img/bg-desk.jpg
pragma: no-cache
cookie: __cfduid=dbf1ba6dbb63a212c701b18481976751d1618917815; mongo_sess=8da58e309216a4b8ca1a26f8f4b57d54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: spinwithvegas.com
referer: https://spinwithvegas.com/landingpages/vv045_ny/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://spinwithvegas.com/landingpages/vv045_ny/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:35 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 272048
cf-request-id: 09909e8c920000535d6bab5000000001
last-modified: Thu, 17 Dec 2020 12:04:20 GMT
server: cloudflare
etag: "5fdb4944-426b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pOZk0xmSGjzafP7Gl4CabxEIsXo5lJWV2dVBxiS7GIIdTFPzsWcFDqdfvZ3WlB9ALdVueKMFliDepNILV%2BwxnBIrX1xjOw%2BCPGdKsP6P0zka5X8w63JvnlNSSOYNnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 642e005a8c53535d-FRA
expires: Wed, 21 Apr 2021 11:23:35 GMT

GET
H3-29 200 lang-arr.png
spinwithvegas.com/landingpages/vv045_ny/img/ 1 KB
2 KB 47ms
47ms Image
image/png 2606:4700:3030::6815:1567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv045_ny/img/lang-arr.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv045_ny/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1567 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f58b65b14d6339c11b682e7debd706acb89858294a4dc589c2d31538acc94a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

:path: /landingpages/vv045_ny/img/lang-arr.png
pragma: no-cache
cookie: __cfduid=dbf1ba6dbb63a212c701b18481976751d1618917815; mongo_sess=8da58e309216a4b8ca1a26f8f4b57d54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: spinwithvegas.com
referer: https://spinwithvegas.com/landingpages/vv045_ny/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://spinwithvegas.com/landingpages/vv045_ny/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:35 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1064
cf-request-id: 09909e8c920000535d5eb1c000000001
last-modified: Mon, 21 Sep 2020 14:25:42 GMT
server: cloudflare
etag: "5f68b7e6-428"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kUNcBuaIp%2BVDweBGhrcsfLgcGloQzWUUfUZiYj0WY1XiXNIuXQG%2FQq9Abnebmsq%2Bi11qqy48lQdupV5z4PJww6c0d%2FQR6qktIGts5IT%2FA8L5YyOM1aBqHcn1AsattA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 642e005a8c57535d-FRA
expires: Wed, 21 Apr 2021 11:23:35 GMT

GET
H3-29 200 logo-light-1.png
spinwithvegas.com/landingpages/vv045_ny/img/ 26 KB
27 KB 32ms
31ms Image
image/png 2606:4700:3030::6815:1567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv045_ny/img/logo-light-1.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv045_ny/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1567 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

656ef62960b826072d6ef9775270694165cf09882b085fb7fb6134fb76885f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

:path: /landingpages/vv045_ny/img/logo-light-1.png
pragma: no-cache
cookie: __cfduid=dbf1ba6dbb63a212c701b18481976751d1618917815; mongo_sess=8da58e309216a4b8ca1a26f8f4b57d54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: spinwithvegas.com
referer: https://spinwithvegas.com/landingpages/vv045_ny/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://spinwithvegas.com/landingpages/vv045_ny/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:35 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26509
cf-request-id: 09909e8c920000535ded80f000000001
last-modified: Thu, 17 Dec 2020 08:47:08 GMT
server: cloudflare
etag: "5fdb1b0c-678d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=88lLc%2BpLCJ%2FKSELTA1tOw61RaXE50hXqIwLd7LeB8Nn7BFqAXzlKESQckcEhL47qeviLHofYKsmYlLjB7zJeFzKR2PKGpKsqsutUy6f4llTC7E30xHlrv14hI5qWvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 642e005a8c5a535d-FRA
expires: Wed, 21 Apr 2021 11:23:35 GMT

GET
H3-29 200 logo-light-2.png
spinwithvegas.com/landingpages/vv045_ny/img/ 23 KB
24 KB 14ms
14ms Image
image/png 2606:4700:3030::6815:1567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv045_ny/img/logo-light-2.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv045_ny/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1567 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92126e01e710beca2472d4ea728f0e7b432a7e0bb8c64d41b5bf0f9a177ce709

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

:path: /landingpages/vv045_ny/img/logo-light-2.png
pragma: no-cache
cookie: __cfduid=dbf1ba6dbb63a212c701b18481976751d1618917815; mongo_sess=8da58e309216a4b8ca1a26f8f4b57d54
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: spinwithvegas.com
referer: https://spinwithvegas.com/landingpages/vv045_ny/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://spinwithvegas.com/landingpages/vv045_ny/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 11:23:35 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 74651
strict-transport-security: max-age=300; includeSubDomains;
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23427
cf-request-id: 09909e8c920000535d1c1f5000000001
last-modified: Thu, 17 Dec 2020 08:47:08 GMT
server: cloudflare
etag: "5fdb1b0c-5b83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FRN09FJ17RdFHj3ZarBPJsHyfVTEBXUEertuVVVMIFt8S%2FU0DFRR4QEAukZzhdX5UopdVrG%2FawjfHmPu49xC9EMt4ulh6oHy6MfIiHK9EK0ERSSvkIYiDge6BzxNYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 642e005a8c5b535d-FRA
expires: Tue, 20 Apr 2021 14:39:24 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700;800&family=Roboto&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://spinwithvegas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 50867
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:48 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700;800&family=Roboto&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75db69592337280529fdc6448185b1cb88a50dbe9b498718f45ba52907e8aba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://spinwithvegas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:38 GMT
server: sffe
age: 177597
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15088
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700;800&family=Roboto&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://spinwithvegas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 177597
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700;800&family=Roboto&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://spinwithvegas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 34378
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 20 Apr 2022 01:50:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.traversedlp.com
URL: https://api.traversedlp.com/retargeting/v1/cookie

Domain: api.traversedlp.com
URL: https://api.traversedlp.com/retargetinginclusion/enqueue

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			spinwithvegas.com/	1970-01-19 17:43:24	Name: mongo_sess Value: 8da58e309216a4b8ca1a26f8f4b57d54
			.spinwithvegas.com/	1970-01-19 18:25:09	Name: __cfduid Value: dbf1ba6dbb63a212c701b18481976751d1618917815

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.traversedlp.com
fonts.googleapis.com
fonts.gstatic.com
go.yonyelinta.com
offer-notavailable.com
pangeafresh.com
rapid-cdn.com
spinwithvegas.com
static.bouncepilot.com
static.traversedlp.com
www.googletagmanager.com
yougreatjob.com
api.traversedlp.com
13.224.102.100
192.162.243.158
216.189.51.90
23.250.115.112
2600:9000:211e:4a00:10:b308:84c0:93a1
2606:4700:3030::6815:1567
2606:4700:3031::6815:4a86
2606:4700:3035::ac43:c19a
2a00:1450:4001:801::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:828::2003
54.166.108.68
0c552a415dabd5376d06f2427356f44ef8426fb038da69ece256677022d3c465
1258f3034e9b6571d4b5acf1ee3901ae9343a8c10b6b6814bb8c1c232467e5e8
1b6ba2c51f0445367411b95457811094c44e7082199ff1d6723ec9ef5c44bea6
306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce
3485068c605242a0853e4e9dd60705ecbdd0128902b182792c196aaf63e96513
656ef62960b826072d6ef9775270694165cf09882b085fb7fb6134fb76885f32
6883197c20c58a0804b6ad6da9c06c9daff14267d65fe286666a1c08a61ba1e1
7336654fb6e8cbdb1e42d0500d517bb676b6ec378163d2f1fba36f4f71dead28
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
75db69592337280529fdc6448185b1cb88a50dbe9b498718f45ba52907e8aba3
863d73671fbd18cf7f99a3ca0cf68adf879c43d3ba1bdbf67fe4beb68b49ddd2
8c84d2ba4651e6a2ed5e1af4feb3f8e4d47deac0aa30410733d68277377b7468
92126e01e710beca2472d4ea728f0e7b432a7e0bb8c64d41b5bf0f9a177ce709
990496c62d75c59da1df0eff05e9bec618c45cb59eab0e0864594c9251eba89c
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a74e5c0a95f46ec0c8e39fa58f93928842502724fff5d8432e47c3eb451f6282
be769e2f0de448635109d6602a95c421ff9bf881e17c863371ee2f864fd20db2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d18166f68dcd0f68576c8798c01d17eac495848247f737d4fb02c83f5478ff40
d201e5a3fe0d50a3855f87d60a4dd66ef8c91aa7796c0cd97bdaecb16f0cfe3b
dcfe6c6838dfd145569c8cd6524558a837d6c2f9efcb73d9dd20f4bcc484782a
e8c26b148f601019297d5cd2a364a7f49d080875635d181566cae28005c911ff
eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864
eb791344b9642308a99187cecef58ec5129e335a7ff9384a39e07e1cc43b822e
f58b65b14d6339c11b682e7debd706acb89858294a4dc589c2d31538acc94a68

spinwithvegas.com Open in urlscan Pro 2606:4700:3030::6815:1567 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

79 %HTTPS

58 %IPv6

11 Domains

12 Subdomains

11 IPs

3 Countries

773 kBTransfer

953 kBSize

2 Cookies

10 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

spinwithvegas.com Open in urlscan Pro
2606:4700:3030::6815:1567 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

79 %
HTTPS

58 %
IPv6

11
Domains

12
Subdomains

11
IPs

3
Countries

773 kB
Transfer

953 kB
Size

2
Cookies

34 HTTP transactions
0 data transactions