Submitted URL: https://bit.ly/3qXw2jv
Effective URL: https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id...
Submission: On April 05 via api from BE — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 7 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3035::ac43:cb74, located in United States and belongs to CLOUDFLARENET, US. The main domain is spinatvegas.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 11th 2021. Valid for: a year.
This is the only time spinatvegas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 17 2606:4700:303... 13335 (CLOUDFLAR...)
23 4
Apex Domain
Subdomains
Transfer
17 spinatvegas.com
spinatvegas.com
618 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
3 forwarding-to.com
forwarding-to.com
14 KB
1 happywithvegas.com
happywithvegas.com — Cisco Umbrella Rank: 994610
690 B
1 cpafood.com
cpafood.com
697 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
440 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 2814
295 B
23 7
Domain Requested by
17 spinatvegas.com 1 redirects forwarding-to.com
spinatvegas.com
3 www.google-analytics.com forwarding-to.com
www.google-analytics.com
3 forwarding-to.com forwarding-to.com
1 happywithvegas.com 1 redirects
1 cpafood.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 bit.ly 1 redirects
23 7

This site contains links to these domains. Also see Links.

Domain
vvegas-today.com
Subject Issuer Validity Valid
*.forwarding-to.com
E1
2022-03-21 -
2022-06-19
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-10-11 -
2022-10-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
Frame ID: 29699DD763BF2818726B46C7773C114B
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

Vulkan Vegas

Page URL History Show full URLs

  1. https://bit.ly/3qXw2jv HTTP 301
    https://forwarding-to.com/p/W1b5/MKGN/lAV6 Page URL
  2. https://cpafood.com/KBKTSnUL?sub1=mlClick-YsCTNzHk&sub2=81397 HTTP 302
    https://happywithvegas.com/l/5d765ffe28c43f40b9556cfe?click_id=39141d6d-6237-45e1-9857-559fffd7a21e&sub... HTTP 302
    https://spinatvegas.com/landingpages/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-049... HTTP 302
    https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

4
IPs

3
Countries

651 kB
Transfer

784 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3qXw2jv HTTP 301
    https://forwarding-to.com/p/W1b5/MKGN/lAV6 Page URL
  2. https://cpafood.com/KBKTSnUL?sub1=mlClick-YsCTNzHk&sub2=81397 HTTP 302
    https://happywithvegas.com/l/5d765ffe28c43f40b9556cfe?click_id=39141d6d-6237-45e1-9857-559fffd7a21e&sub_id=3a007e8e-0492-48e6-adfb-2dc96dc383e2 HTTP 302
    https://spinatvegas.com/landingpages/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e HTTP 302
    https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3qXw2jv HTTP 301
  • https://forwarding-to.com/p/W1b5/MKGN/lAV6

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
lAV6
forwarding-to.com/p/W1b5/MKGN/
Redirect Chain
  • https://bit.ly/3qXw2jv
  • https://forwarding-to.com/p/W1b5/MKGN/lAV6
2 KB
1 KB
Document
General
Full URL
https://forwarding-to.com/p/W1b5/MKGN/lAV6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b6c202edf18a37c398e283f43bfae50f10c88499c58b3d392cba92131d04ed

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, private
cf-cache-status
DYNAMIC
cf-ray
6f73363aac607344-MRS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 05 Apr 2022 15:10:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwGyPCc3qW4TfOMSHmNorjx75FFpqiFfGqzMuomP8jOBJ3Eb8tkpN5vhtOHKIPC7HZe6hVk8NIQmtJYyP0wABBYOIsXQiD2U%2BjIw5FnOuSjf1%2FsDT%2FqDIUi3WLr8E%2BTkHPUSwt8PDAj1r1f5bGoNAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex, nofollow

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
129
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Tue, 05 Apr 2022 15:10:39 GMT
location
https://forwarding-to.com/p/W1b5/MKGN/lAV6
referrer-policy
unsafe-url
server
nginx
via
1.1 google
app.js
forwarding-to.com/js/
32 KB
12 KB
Script
General
Full URL
https://forwarding-to.com/js/app.js?id=8bd454b4c27f257a9cb1
Requested by
Host: forwarding-to.com
URL: https://forwarding-to.com/p/W1b5/MKGN/lAV6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
404eaf6b5a1c24e8215fc66cdf8426c3207b53986b4e3ffa93a361ecdb733f62

Request headers

device-memory
8
Referer
https://forwarding-to.com/p/W1b5/MKGN/lAV6
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:40 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Feb 2022 12:26:16 GMT
server
cloudflare
etag
W/"620655e8-7ff7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uxpspfs2t7qhq8Pmww0%2FT%2FGIpKULQJ4bHxKdpDJrPwGv06Y58vcI%2B1Nd%2BQAgRkXHEh7hdZWGfY3lt6jOeeDKsoDEQzTl7Zifi8SczYzuAVOIVP9KjkYfITBOWiPlxTSaR%2FJ7yNnc%2Fo2gH%2FyVElh9PA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f73363cc9677344-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: forwarding-to.com
URL: https://forwarding-to.com/p/W1b5/MKGN/lAV6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwarding-to.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3954
date
Tue, 05 Apr 2022 14:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Apr 2022 16:04:46 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=141530220&t=pageview&_s=1&dl=https%3A%2F%2Fforwarding-to.com%2Fp%2FW1b5%2FMKGN%2FlAV6&ul=en-us&de=UTF-8&dt=forwarding-to.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1859024258&gjid=925048227&cid=373917971.1649171440&tid=UA-110090096-2&_gid=735571747.1649171440&_r=1&_slc=1&z=406784528
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forwarding-to.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 15:10:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forwarding-to.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forwarding-to.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 15:10:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://forwarding-to.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
440 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-110090096-2&cid=373917971.1649171440&jid=1859024258&gjid=925048227&_gid=735571747.1649171440&_u=IEBAAEAAAAAAAC~&z=1657330550
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://forwarding-to.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 05 Apr 2022 15:10:40 GMT
content-type
text/plain
access-control-allow-origin
https://forwarding-to.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
finger
forwarding-to.com/
20 B
575 B
XHR
General
Full URL
https://forwarding-to.com/finger
Requested by
Host: forwarding-to.com
URL: https://forwarding-to.com/js/app.js?id=8bd454b4c27f257a9cb1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:c711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

device-memory
8
Referer
https://forwarding-to.com/p/W1b5/MKGN/lAV6
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Apr 2022 15:10:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2xOE98REA86hClCtC5saI0PwNId1mU4crt9XtbD9CydWnjsZTHbppkMAuNVA%2B2BQetMLehJgH%2FQBGPfke5DfAS%2BfwlTnCe8c%2F%2Bvt0Art50gX4QRXsDOZ3HMtwdrIpgmfsJgczogUDb7B54VP25%2BdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
6f73363f88007344-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request index.php
spinatvegas.com/vv014_de/
Redirect Chain
  • https://cpafood.com/KBKTSnUL?sub1=mlClick-YsCTNzHk&sub2=81397
  • https://happywithvegas.com/l/5d765ffe28c43f40b9556cfe?click_id=39141d6d-6237-45e1-9857-559fffd7a21e&sub_id=3a007e8e-0492-48e6-adfb-2dc96dc383e2
  • https://spinatvegas.com/landingpages/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
  • https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
5 KB
2 KB
Document
General
Full URL
https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
Requested by
Host: forwarding-to.com
URL: https://forwarding-to.com/js/app.js?id=8bd454b4c27f257a9cb1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e84f8f76afbecfc2e2e38212620a17c62a9b81a60ba9212829719d05ce54e70
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwarding-to.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
6f733648c91f41fd-MRS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 05 Apr 2022 15:10:42 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4eXJ9L3YrlzmbKaliggEOKNxAC9eP5lUCeO9C787j9qoSbV%2FB5CGEzwpDBZi8DaoTEq0Ere9AkKoE77KEww6tjaozWTAhjcDOnSZdThEtI1XW%2BodjAU2a%2BlRkL9gHY2x5CtDBJV7BvPyF6FrQo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=300; includeSubDomains;
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f733647bdb85a37-MXP
content-type
text/html
date
Tue, 05 Apr 2022 15:10:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xC938fQHjJqAdCkzTO5hhKScFp9W0htDO%2FYL5Ux%2Fcii%2FLTaJp9EsqOvCPJKMVxhZgtBLDFaOtn2VaQuLYr57ciJrKeU49di93tdd8kQpoPh4tTCdGxEI30%2FMV5q8fB%2F1KzCx638BkFOenTTC6o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=300; includeSubDomains;
x-xss-protection
1; mode=block
style.css
spinatvegas.com/vv014_de/css/
23 KB
5 KB
Stylesheet
General
Full URL
https://spinatvegas.com/vv014_de/css/style.css
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fec9a9c7fc078059de78ea695dc0c450ce5fc59cccdced378e185333057efe22
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
W/"615ef879-5a68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWtjUWK0sJ%2FLH%2B9%2FHQLiGAUtZbeOkl6gMFKVLJwpbuL77RswE0r9RMySAAUJUqQIJfSNJ9LZ4PBrd02HXTc%2FcvgJ5T21GBmtQYgx%2BPIWEW4x0k4XOpMKlj%2BB4uh1z4HjcUn15%2FRTD99vPDH%2BDh8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, public, no-cache
cf-ray
6f7336499ace41fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
logo_vv.png
spinatvegas.com/vv014_de/img/
13 KB
14 KB
Image
General
Full URL
https://spinatvegas.com/vv014_de/img/logo_vv.png
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61630f53f1515b0de35a2f93f67c8dfa31da551522b429e7b91b55a5e87506c1
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13292
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
"615ef879-33ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gbdhis1bvKV2SLHdAkUYsVxD93z3gbcWOxkqFO743dhbSk%2Fz%2FQWnCrW7051J3CgPwYMqJpS48md%2FttoCKq4jiB3dnf%2BPm7pXcEEk1m8JlWqRFAiaCHY2YlavLy8q7vh4jNxmXuunhOTa0hGWaQI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, public, no-cache
accept-ranges
bytes
cf-ray
6f7336499ad041fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
gonzo.png
spinatvegas.com/vv014_de/img/
45 KB
46 KB
Image
General
Full URL
https://spinatvegas.com/vv014_de/img/gonzo.png
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d2d98590f2a25919b105a484458d20e03298c4369d5f1be42b03e76799fb61c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46237
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
"615ef879-b49d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j119qh%2F0I0%2BfwDMY%2BU9DvZ9v%2Fy%2F8Wsv1rsEudYKKsE%2Fv%2BI3ZabHHcHW%2Fie78lder7w6tngXn5qsK9rB4OSc0QZLZHt2cBGKJAv2v%2Fdoc4XOc%2BzlV39LkCf3%2FDlj61I7Ue%2F6%2B0srWFnD6cepu0Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, public, no-cache
accept-ranges
bytes
cf-ray
6f7336499ad841fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
wheel-spinner.png
spinatvegas.com/vv014_de/img/
100 KB
101 KB
Image
General
Full URL
https://spinatvegas.com/vv014_de/img/wheel-spinner.png
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
403d42c20913f0c0f4f8b776d0beb4f8941cf3fd2e051ee9e41f0bc421967e08
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
102677
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
"615ef879-19115"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIha5z1uNFN4Ii2rglAr6yy1wQqGIePVrNCzg11Ag%2BhZl5CSNrX2sO0U5kIkbPQLpVnh4I9i0sNMYKEoBrMG6QdgVTt%2BU3mmIT6h6dXPYnsHAVsmJ84iTYY3jLuHa5RawX%2BW6NUjG4SnEJx5C34%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, public, no-cache
accept-ranges
bytes
cf-ray
6f7336499ad941fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
jack.png
spinatvegas.com/vv014_de/img/
26 KB
27 KB
Image
General
Full URL
https://spinatvegas.com/vv014_de/img/jack.png
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a0805ff6c8dfa8a676d3b19684c465469e1265177ee9747ce88a497714fcd5
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26774
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
"615ef879-6896"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vt%2Bz15hevQq11IkPUuarCP1QqXrrsdpIuoxqXp2zqZ64s3NukCeA%2F7sMlZ9WrEI22QVYR6Pj0A6Fb76d2aMi9Mb2LAVnDbLcF6yBMmWoO%2FB4%2Bfcwrqh2QntfKjXHyCs3kB1HNLrbhDqFfFSKt8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, public, no-cache
accept-ranges
bytes
cf-ray
6f7336499adb41fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
money_icon.png
spinatvegas.com/vv014_de/img/
13 KB
14 KB
Image
General
Full URL
https://spinatvegas.com/vv014_de/img/money_icon.png
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea2f092d35c2e705e0018963035cd06b13c9dc20dd892c0c011ee0473a05cd1a
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13376
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
"615ef879-3440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRBo98Oq8kBVWIh2DJzVU%2Bi7jgSSVbVm3DYVpsRHhZblEjfaRAwu7GPGEjHeC%2FHlZ%2FMr%2FgGXNvrO2vbnTzkUJOxm5LoiFPg97m8pQ%2BbOuw7J2Rn40KswxO7iNwBR%2BzBKc9dm0lzjYugUbFHAGrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, public, no-cache
accept-ranges
bytes
cf-ray
6f7336499b2141fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
jquery.min.js
spinatvegas.com/vv014_de/js/
85 KB
31 KB
Script
General
Full URL
https://spinatvegas.com/vv014_de/js/jquery.min.js
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
W/"615ef879-152b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95zRlQ8lUjJ4ACAGFUKL0rE0QeR%2FFeZHgpieN6LHcpKStQYqOd8znoV0F%2FY%2Fvf7xJ888yvWzhPZMzLTU4nKn5mX9Vqbukf7q8dRUIYMt1xn4ZLAkvacdHZb7GGgfAkyzpsba8cx%2FAcJ3G1KJTYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400, public, no-cache
cf-ray
6f7336499ad241fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
clipboard.min.js
spinatvegas.com/vv014_de/js/
10 KB
4 KB
Script
General
Full URL
https://spinatvegas.com/vv014_de/js/clipboard.min.js
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e48b7ccea7c8cfef19c3dc3f6b99265cf62915999fb372cdb9035f109c7f0636
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
W/"615ef879-296d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZVzboZjeKzxQSddHTgL0kW4xxPlmq9Z4WhKqd22RMq42O16QpEeMJLK128YF8EITtwgkp3O2sjKxnYa34xWP5XjZF8fQMAVum6Rw4Ziu9yOtDxbA9QH0NCbX7RjTKAh%2Bld5WxUZQoyRSfEnp6g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400, public, no-cache
cf-ray
6f7336499ad541fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
main.min.js
spinatvegas.com/vv014_de/js/
16 KB
5 KB
Script
General
Full URL
https://spinatvegas.com/vv014_de/js/main.min.js?v5
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b0f5a0bf8a9d1e1f14b110e95e62115aa1fad007566c8fa0224dfc73eb164b
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spinatvegas.com/vv014_de/index.php?ref=vp_w40082c46113l4031gdep253_3a007e8e-0492-48e6-adfb-2dc96dc383e2&click_id=39141d6d-6237-45e1-9857-559fffd7a21e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
W/"615ef879-4143"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGwRPpuhoEJWxSJUGlMrjXGXoMGMGVOd374PKLRUW11HZXH6sPLvqZVNTAhVulTpn9e%2FHxzDmEJjZyV%2Fl%2F6SL6nlHwSEKzHIGeeoy58JvFkAj58P%2F9%2BfvvVizI5nqqjU34qafpKTEeNEBnlWkzE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400, public, no-cache
cf-ray
6f7336499ad741fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
decor_grass.jpg
spinatvegas.com/vv014_de/img/
77 KB
78 KB
Image
General
Full URL
https://spinatvegas.com/vv014_de/img/decor_grass.jpg
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ffcaed509e0d21ab3a480354a2c8153a46887ac60cfdd86f3a20153243edbe9
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spinatvegas.com/vv014_de/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79051
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
"615ef879-134cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qvm6XXWj5kd3zyE5wFynZcn1VJRR%2F1NguOmZ22dT6lVstoiAvtnghEWv7%2FIFg7mGbf7ezc2X3aA%2BG38Zvl2j7dpf%2F8COF%2BCyu4u8hcQ%2FH9pug1hnNcRc6FhZjCPhl1WgsbrbSvlfV7Jh5Sg11Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400, public, no-cache
accept-ranges
bytes
cf-ray
6f73364a7ce241fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
btns.png
spinatvegas.com/vv014_de/img/
7 KB
8 KB
Image
General
Full URL
https://spinatvegas.com/vv014_de/img/btns.png
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c9bcdd3153da3c92abc1b4403b50e4f911dd27f401aff620a717ad1a0d78667
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spinatvegas.com/vv014_de/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7401
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
"615ef879-1ce9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wa%2BpQy7o2dZOcTxbKqM1Ly2tK77wydwwbm19sJ02PRQKlwmcMCtd%2BMnW61Q4T1n4kAX6DahjaTv4TopvU1ZITB296uPH8qI94j8rLxytMg4l5xe94vNum4B1or3TIrGi3kjdXpiVxcvGUcpYm5E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, public, no-cache
accept-ranges
bytes
cf-ray
6f73364a7ce341fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
pointer.png
spinatvegas.com/vv014_de/img/
6 KB
7 KB
Image
General
Full URL
https://spinatvegas.com/vv014_de/img/pointer.png
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1da0f0bfc01d6e5ed9d6dfb1ea07c9afb9100cf1a2be7879672059a7dd35c437
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spinatvegas.com/vv014_de/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6484
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
"615ef879-1954"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHAzMl9ONPHjxswisoEGorYRZk5D9LGV0jpSgYMdN6O3y0RVbQP4w%2FNYibcnss0it%2BqeJwYkDWB2F6LUXQplHCvkSK0fgstrw4L2Nyxm%2FeibnLI%2B3lsVlQpwLrx1EQbdOLYFM6gxJu4CJTnE7P8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, public, no-cache
accept-ranges
bytes
cf-ray
6f73364a7ce641fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
payments-1row.png
spinatvegas.com/vv014_de/img/
75 KB
76 KB
Image
General
Full URL
https://spinatvegas.com/vv014_de/img/payments-1row.png
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea18bede2d858dc8467bdc98c7fc9d751d1e1309476a5d5c81f0db96b66c505d
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spinatvegas.com/vv014_de/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76995
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
"615ef879-12cc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNjmN7oLfr1WLsnRVRr8m8%2BJ7k35ckPmsHcoYEmIMLoT3lTK3M9C9ZTwdw6XCVIMdzXcP%2FsGgtrfOQy29nFa%2Fkotp1BYqpiA2EvxIu%2B5MR5QBtIq1yYwnDgB82QRqIczArIVp6%2FynYxpiRfiWZw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, public, no-cache
accept-ranges
bytes
cf-ray
6f73364a7ce741fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
KelsonSans-BoldRU.otf
spinatvegas.com/vv014_de/fonts/
98 KB
99 KB
Font
General
Full URL
https://spinatvegas.com/vv014_de/fonts/KelsonSans-BoldRU.otf
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83c2bb6dde093df547c94812a30d54a4d17afe20b00edae173f353b9cc21acb
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://spinatvegas.com/vv014_de/css/style.css
Origin
https://spinatvegas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
100840
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
"615ef879-189e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALDBXV5JvbjzdQhNHANnZ1k86LFwCjn4JnAREauqPXOct3gQZXliDDg5JgHYPS4Zu8hnV35zyMpVw7WHkELLnfMbAZR1MctGHD6Rwe4PgaIZIA%2BP9kOgeaFcGm4RGvgc%2F1KubLfhI7QFNsXAq%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=86400, public, no-cache
accept-ranges
bytes
cf-ray
6f73364a7ce841fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT
KelsonSans-RegularRU.otf
spinatvegas.com/vv014_de/fonts/
101 KB
102 KB
Font
General
Full URL
https://spinatvegas.com/vv014_de/fonts/KelsonSans-RegularRU.otf
Requested by
Host: spinatvegas.com
URL: https://spinatvegas.com/vv014_de/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cb74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c92922e453aee01dbf66e3295f43c30bfa13a5f1ec7ba4654ff7c462397e1b8
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://spinatvegas.com/vv014_de/css/style.css
Origin
https://spinatvegas.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 15:10:42 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
103396
x-xss-protection
1; mode=block
last-modified
Thu, 07 Oct 2021 13:39:05 GMT
server
cloudflare
etag
"615ef879-193e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubDomains;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5I0mEgiuM7Jzrpm6oQPXhYXpqoor5XjmOUgl%2FisSms87W3iCh%2FmJQaD316lgTOMg6UqvRlZEwnGP4n6g2yS%2F1%2B0VrH8k7Yzn8K2YfAlll9XvxDLK6YeCXIG3jC0On%2BZINv1ESF9JqRXnUA5vlgA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=86400, public, no-cache
accept-ranges
bytes
cf-ray
6f73364a7ceb41fd-MRS
expires
Wed, 06 Apr 2022 15:10:42 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery function| FewModal object| domBody string| pathToAudio function| WheelGame boolean| IE object| Wilq32

7 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m35faD-374efc644bf4855b66-00m
forwarding-to.com/ Name: f1304fc6c30821c0c7c03569db70f592
Value: f1304fc6c30821c0c7c03569db70f592
.forwarding-to.com/ Name: _ga
Value: GA1.2.373917971.1649171440
.forwarding-to.com/ Name: _gid
Value: GA1.2.735571747.1649171440
.forwarding-to.com/ Name: _gat
Value: 1
.cpafood.com/ Name: userid
Value: 272ce934-da1d-40d0-b3cf-bc0a6f4ea00a
spinatvegas.com/ Name: mongo_sess
Value: 6c659d1e5be6c0e098df4adc391f91c6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
cpafood.com
forwarding-to.com
happywithvegas.com
spinatvegas.com
stats.g.doubleclick.net
www.google-analytics.com
2606:4700:3032::ac43:cb69
2606:4700:3034::ac43:c711
2606:4700:3035::ac43:cb74
2a00:1450:4001:82a::200e
2a00:1450:400c:c07::9a
2a06:98c1:3121::7
67.199.248.11
08b0f5a0bf8a9d1e1f14b110e95e62115aa1fad007566c8fa0224dfc73eb164b
0c92922e453aee01dbf66e3295f43c30bfa13a5f1ec7ba4654ff7c462397e1b8
0e84f8f76afbecfc2e2e38212620a17c62a9b81a60ba9212829719d05ce54e70
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
1da0f0bfc01d6e5ed9d6dfb1ea07c9afb9100cf1a2be7879672059a7dd35c437
2c9bcdd3153da3c92abc1b4403b50e4f911dd27f401aff620a717ad1a0d78667
403d42c20913f0c0f4f8b776d0beb4f8941cf3fd2e051ee9e41f0bc421967e08
404eaf6b5a1c24e8215fc66cdf8426c3207b53986b4e3ffa93a361ecdb733f62
5d2d98590f2a25919b105a484458d20e03298c4369d5f1be42b03e76799fb61c
61630f53f1515b0de35a2f93f67c8dfa31da551522b429e7b91b55a5e87506c1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ffcaed509e0d21ab3a480354a2c8153a46887ac60cfdd86f3a20153243edbe9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a83c2bb6dde093df547c94812a30d54a4d17afe20b00edae173f353b9cc21acb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0b6c202edf18a37c398e283f43bfae50f10c88499c58b3d392cba92131d04ed
d9a0805ff6c8dfa8a676d3b19684c465469e1265177ee9747ce88a497714fcd5
e48b7ccea7c8cfef19c3dc3f6b99265cf62915999fb372cdb9035f109c7f0636
ea18bede2d858dc8467bdc98c7fc9d751d1e1309476a5d5c81f0db96b66c505d
ea2f092d35c2e705e0018963035cd06b13c9dc20dd892c0c011ee0473a05cd1a
fec9a9c7fc078059de78ea695dc0c450ce5fc59cccdced378e185333057efe22