spinwithvegas.com Open in urlscan Pro
2606:4700:3032::ac43:c5f1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://str.migraine-follow.us/electrophoresed/GSTuPkbDLyKWhexGmk8O4HFiQVAVVZ2RzjvVijQd80f1lR6ElMCxfI9hfGuu8Sz8buoHfWY4IMaBn-Gh...
Effective URL:
https://spinwithvegas.com/landingpages/vv046_ny/index.php
Submission: On March 15 via api (March 15th 2021, 9:25:56 am UTC) from BE

Summary HTTP 38 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3032::ac43:c5f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is spinwithvegas.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 29th 2020. Valid for: a year.

This is the only time spinwithvegas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.74.244.176 188.74.244.176	60901 (BFF-MEDIA) (BFF-MEDIA)
1	168.235.82.148 168.235.82.148	3842 (RAMNODE) (RAMNODE)
4	23.250.22.58 23.250.22.58	55286 (SERVER-MANIA) (SERVER-MANIA)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:1600:10:b308:84c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.226.159.99 13.226.159.99	16509 (AMAZON-02) (AMAZON-02)
2	52.86.198.209 52.86.198.209	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:303... 2606:4700:3035::ac43:c19a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::6815:4a86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	216.189.51.90 216.189.51.90	6921 (ARACHNITEC) (ARACHNITEC)
2 18	2606:4700:303... 2606:4700:3032::ac43:c5f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
38	12

1 188.74.244.176 (Romania) 1 redirects

ASN60901 (BFF-MEDIA, RO)

str.migraine-follow.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.235.82.148 (United States)

ASN3842 (RAMNODE, US)

www.yilopeet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.250.22.58 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)

sunflowerfresh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:1600:10:b308:84c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.bouncepilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-99.dus51.r.cloudfront.net

static.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.198.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-198-209.compute-1.amazonaws.com

api.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:c19a (United States)

ASN13335 (CLOUDFLARENET, US)

offer-notavailable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:4a86 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rapid-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.189.51.90 (United States) 1 redirects

ASN6921 (ARACHNITEC, US)

go.yonyelinta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3032::ac43:c5f1 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

spinwithvegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	spinwithvegas.com 2 redirects spinwithvegas.com	827 KB
4	traversedlp.com static.traversedlp.com api.traversedlp.com Failed	9 KB
4	sunflowerfresh.com sunflowerfresh.com	12 KB
3	gstatic.com fonts.gstatic.com	45 KB
2	yonyelinta.com 1 redirects go.yonyelinta.com	796 B
2	offer-notavailable.com offer-notavailable.com	94 KB
2	bouncepilot.com static.bouncepilot.com	62 KB
2	googletagmanager.com www.googletagmanager.com	60 KB
1	googleapis.com fonts.googleapis.com	874 B
1	rapid-cdn.com 1 redirects rapid-cdn.com	2 KB
1	yilopeet.com www.yilopeet.com	549 B
1	migraine-follow.us 1 redirects str.migraine-follow.us	369 B
38	12

	Domain	Requested by
18	spinwithvegas.com	2 redirects go.yonyelinta.com spinwithvegas.com
4	sunflowerfresh.com	www.yilopeet.com sunflowerfresh.com
3	fonts.gstatic.com	fonts.googleapis.com
2	go.yonyelinta.com	1 redirects offer-notavailable.com
2	offer-notavailable.com	sunflowerfresh.com offer-notavailable.com
2	api.traversedlp.com	static.traversedlp.com
2	static.traversedlp.com	www.googletagmanager.com
2	static.bouncepilot.com	www.yilopeet.com
2	www.googletagmanager.com	sunflowerfresh.com
1	fonts.googleapis.com	spinwithvegas.com
1	rapid-cdn.com	1 redirects
1	www.yilopeet.com
1	str.migraine-follow.us	1 redirects
38	13

This site contains links to these domains. Also see Links.

Domain
vegas-redirect.com

Subject Issuer	Validity	Valid
yilopeet.com R3	`2021-02-16` - `2021-05-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.bouncepilot.com Amazon	`2020-07-21` - `2021-08-21`	a year	crt.sh
*.traversedlp.com Go Daddy Secure Certificate Authority - G2	`2020-12-29` - `2022-01-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://spinwithvegas.com/landingpages/vv046_ny/index.php
Frame ID: 15A196407FF19D5F39B2D09BF1067020
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://str.migraine-follow.us/electrophoresed/GSTuPkbDLyKWhexGmk8O4HFiQVAVVZ2RzjvVijQd80f1lR6ElMCxfI9hfGuu... HTTP 302
https://www.yilopeet.com/9Z_A1o43fpNSV9MAztRJFclEzt0G64XCj2uyeU9iWybucTgmHDduGiqBQwAPFaRzetV8Mn6Js3DN... Page URL
http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?sid1=160007&sid2=591848786&sid3=758088 Page URL
http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?newcid=4740&sid1=160007&sid2=591848786&si... Page URL
https://offer-notavailable.com/bettercontent/?utm_source=102058&utm_medium=27&utm_campaign=248&utm_content=170 Page URL
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=102058&vert=&cid= HTTP 307
http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=11879... Page URL
http://go.yonyelinta.com/match-6633/42429/109977769/1615800340/mf_c95c05da-f73b-431b-af5b-340d27909f0... HTTP 302
https://spinwithvegas.com/l/5fe1f360d4834f1e526b194c?click_id={click_id}&sub_id={target.thru} HTTP 302
https://spinwithvegas.com/landingpages/vv046_ny/index.php?ref=vp_w88865c69773l7543gdep167_{target.thru... HTTP 302
https://spinwithvegas.com/landingpages/vv046_ny/index.php Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

38
Requests

82 %
HTTPS

54 %
IPv6

12
Domains

13
Subdomains

12
IPs

3
Countries

1110 kB
Transfer

1450 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://vegas-redirect.com/?s=54&ref=vp_w88865c69773l7543gdep167_%7Btarget.thru%7D&click_id=%7Bclick_id%7D&from=aHR0cDovL2dvLnlvbnllbGludGEuY29tLw%3D%3D&encoded_url=ZW4vY2hyaXN0bWFzLXdlZWstMT9jbGlja19pZD0lN0JjbGlja19pZCU3RA%3D%3D
Title: Bonus TnC's

Search URL Search Domain Scan URL

URL: https://vegas-redirect.com/?s=54&ref=vp_w88865c69773l7543gdep167_%7Btarget.thru%7D&click_id=%7Bclick_id%7D&from=aHR0cDovL2dvLnlvbnllbGludGEuY29tLw%3D%3D&encoded_url=ZGUvY2hyaXN0bWFzLXdlZWstMT9jbGlja19pZD0lN0JjbGlja19pZCU3RA%3D%3D
Title: Bonusbedingungen

Search URL Search Domain Scan URL

URL: https://vegas-redirect.com/?s=54&ref=vp_w88865c69773l7543gdep167_%7Btarget.thru%7D&click_id=%7Bclick_id%7D&from=aHR0cDovL2dvLnlvbnllbGludGEuY29tLw%3D%3D&encoded_url=cGwvY2hyaXN0bWFzLXdlZWstMT9jbGlja19pZD0lN0JjbGlja19pZCU3RA%3D%3D
Title: Zasady dotyczące bonusów

Search URL Search Domain Scan URL

URL: https://vegas-redirect.com/?s=54&ref=vp_w88865c69773l7543gdep167_%7Btarget.thru%7D&click_id=%7Bclick_id%7D&from=aHR0cDovL2dvLnlvbnllbGludGEuY29tLw%3D%3D&encoded_url=cm8vY2hyaXN0bWFzLXdlZWstMT9jbGlja19pZD0lN0JjbGlja19pZCU3RA%3D%3D
Title: T&C bonusuri

Search URL Search Domain Scan URL

URL: https://vegas-redirect.com/?s=54&ref=vp_w88865c69773l7543gdep167_%7Btarget.thru%7D&click_id=%7Bclick_id%7D&from=aHR0cDovL2dvLnlvbnllbGludGEuY29tLw%3D%3D&encoded_url=cnUvY2hyaXN0bWFzLXdlZWstMT9jbGlja19pZD0lN0JjbGlja19pZCU3RA%3D%3D
Title: Правила и условия

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://str.migraine-follow.us/electrophoresed/GSTuPkbDLyKWhexGmk8O4HFiQVAVVZ2RzjvVijQd80f1lR6ElMCxfI9hfGuu8Sz8buoHfWY4IMaBn-GhC09SlAgVL2CDAAVqe_s0J87rtu9cmM8IMGYdpzj8B12unTa8T7egs7FYvvWqnRPy6urZyXowH-jA5wMW-rXShypJfDj7r5BbOyh0OcVePF HTTP 302
https://www.yilopeet.com/9Z_A1o43fpNSV9MAztRJFclEzt0G64XCj2uyeU9iWybucTgmHDduGiqBQwAPFaRzetV8Mn6Js3DNTxbVsloQrg~~/758088/a7838693e16a19f15844eb8997debd63/118259347/ Page URL
http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?sid1=160007&sid2=591848786&sid3=758088 Page URL
http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?newcid=4740&sid1=160007&sid2=591848786&sid3=758088&sid4=&dev_click= Page URL
https://offer-notavailable.com/bettercontent/?utm_source=102058&utm_medium=27&utm_campaign=248&utm_content=170 Page URL
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=102058&vert=&cid= HTTP 307
http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1187961483080842866 Page URL
http://go.yonyelinta.com/match-6633/42429/109977769/1615800340/mf_c95c05da-f73b-431b-af5b-340d27909f0c/dHM0NjQtaW50ZXJuYXRpb25hbGVtYWlsLWdlbmVyYWw=/?flux_txid=475075720557923304&flux_hid=1187961483080842866 HTTP 302
https://spinwithvegas.com/l/5fe1f360d4834f1e526b194c?click_id={click_id}&sub_id={target.thru} HTTP 302
https://spinwithvegas.com/landingpages/vv046_ny/index.php?ref=vp_w88865c69773l7543gdep167_{target.thru}&click_id=%7Bclick_id%7D HTTP 302
https://spinwithvegas.com/landingpages/vv046_ny/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://str.migraine-follow.us/electrophoresed/GSTuPkbDLyKWhexGmk8O4HFiQVAVVZ2RzjvVijQd80f1lR6ElMCxfI9hfGuu8Sz8buoHfWY4IMaBn-GhC09SlAgVL2CDAAVqe_s0J87rtu9cmM8IMGYdpzj8B12unTa8T7egs7FYvvWqnRPy6urZyXowH-jA5wMW-rXShypJfDj7r5BbOyh0OcVePF HTTP 302
https://www.yilopeet.com/9Z_A1o43fpNSV9MAztRJFclEzt0G64XCj2uyeU9iWybucTgmHDduGiqBQwAPFaRzetV8Mn6Js3DNTxbVsloQrg~~/758088/a7838693e16a19f15844eb8997debd63/118259347/

Request Chain 17

http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=102058&vert=&cid= HTTP 307
http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1187961483080842866

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set / Show response
www.yilopeet.com/9Z_A1o43fpNSV9MAztRJFclEzt0G64XCj2uyeU9iWybucTgmHDduGiqBQwAPFaRzetV8Mn6Js3DNTxbVsloQrg~~/758088/a7838693e16a19f15844eb8997debd63/118259347/
Redirect Chain

http://str.migraine-follow.us/electrophoresed/GSTuPkbDLyKWhexGmk8O4HFiQVAVVZ2RzjvVijQd80f1lR6ElMCxfI9hfGuu8Sz8buoHfWY4IMaBn-GhC09SlAgVL2CDAAVqe_s0J87rtu9cmM8IMGYdpzj8B12unTa8T7egs7FYvvWqnRPy6urZyXo...
https://www.yilopeet.com/9Z_A1o43fpNSV9MAztRJFclEzt0G64XCj2uyeU9iWybucTgmHDduGiqBQwAPFaRzetV8Mn6Js3DNTxbVsloQrg~~/758088/a7838693e16a19f15844eb8997debd63/118259347/

162 B
549 B

1170ms
903ms

Document
text/html

168.235.82.148
RAMNODE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yilopeet.com/9Z_A1o43fpNSV9MAztRJFclEzt0G64XCj2uyeU9iWybucTgmHDduGiqBQwAPFaRzetV8Mn6Js3DNTxbVsloQrg~~/758088/a7838693e16a19f15844eb8997debd63/118259347/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 168.235.82.148 , United States, ASN3842 (RAMNODE, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a51c79d459a80cc8e3b837b5a0883b4116c7fef29cb5a5e6aac8b81ec60b508a

Request headers

Host: www.yilopeet.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 15 Mar 2021 09:25:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uid4849=591848786-20210315052535-44d3def81b7f81f69bf8adb622ccebdf-; domain=yilopeet.com; expires=Wed, 14-Apr-2021 09:25:35 GMT; path=/; SameSite=None; Secure
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 15 Mar 2021 09:25:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Origin: *
location: https://www.yilopeet.com/9Z_A1o43fpNSV9MAztRJFclEzt0G64XCj2uyeU9iWybucTgmHDduGiqBQwAPFaRzetV8Mn6Js3DNTxbVsloQrg~~/758088/a7838693e16a19f15844eb8997debd63/118259347/

GET
H/1.1 200
OK / Show response
sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/ 6 KB
6 KB 279ms
243ms Document
text/html 23.250.22.58
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?sid1=160007&sid2=591848786&sid3=758088
Requested by: Host: www.yilopeet.com
URL: https://www.yilopeet.com/9Z_A1o43fpNSV9MAztRJFclEzt0G64XCj2uyeU9iWybucTgmHDduGiqBQwAPFaRzetV8Mn6Js3DNTxbVsloQrg~~/758088/a7838693e16a19f15844eb8997debd63/118259347/
Protocol: HTTP/1.1
Server: 23.250.22.58 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash: 3b21888a3b5f0bde00aef014df4c196f6df4e6d8d46774612f7d284fea4825b3

Request headers

Host: sunflowerfresh.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Mon, 15 Mar 2021 09:32:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.26

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 76 KB
30 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW

Requested by

Host: sunflowerfresh.com
URL: http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?sid1=160007&sid2=591848786&sid3=758088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88ce9f59faab52fc79f5d6746907d374d52ed91ed4fdf01dd552a02c9ccd6092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://sunflowerfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30486
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Mar 2021 09:25:35 GMT

POST
H/1.1 200
OK fp.php
sunflowerfresh.com/ 252 B
452 B 364ms
363ms XHR
text/html 23.250.22.58
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://sunflowerfresh.com/fp.php
Requested by: Host: sunflowerfresh.com
URL: http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?sid1=160007&sid2=591848786&sid3=758088
Protocol: HTTP/1.1
Server: 23.250.22.58 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash

Request headers

Referer: http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?sid1=160007&sid2=591848786&sid3=758088
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 15 Mar 2021 09:32:36 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.26
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 29a38865-21e1-485f-8a85-c343bbbe30fb.js Show response
static.bouncepilot.com/ 31 KB
31 KB 42ms
7ms Script
application/javascript 2600:9000:211e:1600:10:b308:84c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by: Host: www.yilopeet.com
URL: https://www.yilopeet.com/9Z_A1o43fpNSV9MAztRJFclEzt0G64XCj2uyeU9iWybucTgmHDduGiqBQwAPFaRzetV8Mn6Js3DNTxbVsloQrg~~/758088/a7838693e16a19f15844eb8997debd63/118259347/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1600:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43162aaf944c89d906de83fb5a35bf9a40252bbcfc7f1d4eb1066a921e092f44

Request headers

Referer: http://sunflowerfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 18:43:19 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 18:00:19 GMT
server: AmazonS3
age: 138997
etag: "a84b4e57f75301a644dea466962596f6"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 31264
x-amz-cf-id: RhJJoM97ydUKvZQcZRFCgYL4YA0acSlJNe4Q1oaUVv8uY82NqvL1lg==

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 175ms
54ms Script
application/javascript 13.226.159.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-99.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d88e33f01165a7085114a365de792cbda138af8875ab3e481750e24b0fb86eed

Request headers

Referer: http://sunflowerfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hS0GYDvxGey0vcXHihG.XaTLcBqaSSz8
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jan 2021 07:05:18 GMT
Server: AmazonS3
Age: 6175
ETag: W/"ff8e77b524c13c390e9fccf4ddba5ec9"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Mon, 15 Mar 2021 08:32:41 GMT
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: H7-AUfzSYge7vqWbPpT0LoR-zGaUHWF5mMpSp3JqFGL_tu6wsFMgmg==

GET cookie
api.traversedlp.com/retargeting/v1/ 0
0

GET
H/1.1 200
OK / Show response
sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/ 6 KB
6 KB 135ms
135ms Document
text/html 23.250.22.58
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?newcid=4740&sid1=160007&sid2=591848786&sid3=758088&sid4=&dev_click=
Requested by: Host: sunflowerfresh.com
URL: http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?sid1=160007&sid2=591848786&sid3=758088
Protocol: HTTP/1.1
Server: 23.250.22.58 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash: 706e20bf591b72c0a43bf63546fe1d3d2017a0d84097450b7085d43d8db11b67

Request headers

Host: sunflowerfresh.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?sid1=160007&sid2=591848786&sid3=758088
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: clkcheck27338=dbbb5e1e4261aa85cf5c6bfca4150f97_102058
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?sid1=160007&sid2=591848786&sid3=758088

Response headers

Server: nginx
Date: Mon, 15 Mar 2021 09:32:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.26

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 76 KB
30 KB 48ms
33ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW

Requested by

Host: sunflowerfresh.com
URL: http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?newcid=4740&sid1=160007&sid2=591848786&sid3=758088&sid4=&dev_click=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b79a45628c22e72d4b9a86c7df44e8054399fcaca78e0b2629834ccf3659be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://sunflowerfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30499
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Mar 2021 09:25:36 GMT

POST
H/1.1 200
OK fp.php
sunflowerfresh.com/ 233 B
433 B 337ms
337ms XHR
text/html 23.250.22.58
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://sunflowerfresh.com/fp.php
Requested by: Host: sunflowerfresh.com
URL: http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?newcid=4740&sid1=160007&sid2=591848786&sid3=758088&sid4=&dev_click=
Protocol: HTTP/1.1
Server: 23.250.22.58 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash

Request headers

Referer: http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?newcid=4740&sid1=160007&sid2=591848786&sid3=758088&sid4=&dev_click=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 15 Mar 2021 09:32:37 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.26
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 29a38865-21e1-485f-8a85-c343bbbe30fb.js Show response
static.bouncepilot.com/ 31 KB
31 KB 7ms
7ms Script
application/javascript 2600:9000:211e:1600:10:b308:84c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by: Host: www.yilopeet.com
URL: https://www.yilopeet.com/9Z_A1o43fpNSV9MAztRJFclEzt0G64XCj2uyeU9iWybucTgmHDduGiqBQwAPFaRzetV8Mn6Js3DNTxbVsloQrg~~/758088/a7838693e16a19f15844eb8997debd63/118259347/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1600:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43162aaf944c89d906de83fb5a35bf9a40252bbcfc7f1d4eb1066a921e092f44

Request headers

Referer: http://sunflowerfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 18:43:19 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 18:00:19 GMT
server: AmazonS3
age: 138997
etag: "a84b4e57f75301a644dea466962596f6"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 31264
x-amz-cf-id: eiESf-BeiHFyIm4Eiv9RSfGpqCRJYHYJuZAzEV6zkoL17sEhX87TFA==

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 54ms
54ms Script
application/javascript 13.226.159.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-99.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d88e33f01165a7085114a365de792cbda138af8875ab3e481750e24b0fb86eed

Request headers

Referer: http://sunflowerfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hS0GYDvxGey0vcXHihG.XaTLcBqaSSz8
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jan 2021 07:05:18 GMT
Server: AmazonS3
Age: 6175
ETag: W/"ff8e77b524c13c390e9fccf4ddba5ec9"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Mon, 15 Mar 2021 08:32:41 GMT
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: tJSuz40XtS5sovKxqrb1sKzLVxr_GOiRiG3S0X06nSgE57b23yvAdQ==

GET
H2 200 cookie Show response
api.traversedlp.com/retargeting/v1/ 18 B
413 B 132ms
132ms XHR
application/json 52.86.198.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.198.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-198-209.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce

Request headers

Referer: http://sunflowerfresh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:36 GMT
server: nginx/1.18.0
etag: W/"12-86d81FY+WDtP4sdiTK7DKw"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://sunflowerfresh.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 18

POST enqueue
api.traversedlp.com/retargetinginclusion/ 0
0

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ 0
0 407ms
136ms Preflight
text/html 52.86.198.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Server: 52.86.198.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-198-209.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://sunflowerfresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 15 Mar 2021 09:25:37 GMT
content-type: text/html; charset=utf-8
content-length: 228
server: nginx/1.18.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://sunflowerfresh.com
access-control-allow-credentials: true
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: content-type,authorization
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary: Accept-Encoding

GET
H2 200 / Show response
offer-notavailable.com/bettercontent/ 3 KB
2 KB 271ms
244ms Document
text/html 2606:4700:3035::ac43:c19a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer-notavailable.com/bettercontent/?utm_source=102058&utm_medium=27&utm_campaign=248&utm_content=170
Requested by: Host: sunflowerfresh.com
URL: http://sunflowerfresh.com/ac67e0cbd2b3f103ae2bc5587f67037fc/?newcid=4740&sid1=160007&sid2=591848786&sid3=758088&sid4=&dev_click=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c19a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f603524706925ef46209dfa6fa2f407cd1b2d956e8968fefb9cdad8c545582

Request headers

:method: GET
:authority: offer-notavailable.com
:scheme: https
:path: /bettercontent/?utm_source=102058&utm_medium=27&utm_campaign=248&utm_content=170
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://sunflowerfresh.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://sunflowerfresh.com/

Response headers

date: Mon, 15 Mar 2021 09:25:37 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6c636be721a6b53d020ffe6fceee7a2d1615800336; expires=Wed, 14-Apr-21 09:25:36 GMT; path=/; domain=.offer-notavailable.com; HttpOnly; SameSite=Lax; Secure
cf-cache-status: DYNAMIC
cf-request-id: 08d6cd99f40000d725d13b3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O14tFYCDXOlBmXriSiLx63iXRlMfa7oD3YVwm8%2BSRKRPaIe1WsDVapPiepW4D%2BjV3vX8wOT%2BYiMICeg4i68IaX80FSShssZg6Y1Q65vKxuQGZKc1tdiZIxjdof5CAGeS%2Bn0G"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6304b2098e5ad725-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 desktop.png
offer-notavailable.com/bettercontent/images/ 92 KB
93 KB 12ms
12ms Image
image/png 2606:4700:3035::ac43:c19a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer-notavailable.com/bettercontent/images/desktop.png
Requested by: Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=102058&utm_medium=27&utm_campaign=248&utm_content=170
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c19a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864

Request headers

Referer: https://offer-notavailable.com/bettercontent/?utm_source=102058&utm_medium=27&utm_campaign=248&utm_content=170
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:37 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2169625
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94237
cf-request-id: 08d6cd9af00000d7252a3b8000000001
last-modified: Wed, 06 Nov 2019 23:26:55 GMT
server: cloudflare
etag: "5dc356bf-1701d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SDW9qz2bpOgdUwrHhsIPvEdTbv7K%2FjUsJFn2RuBfyPgLVb3lcCYx2uwRAayobog%2Bn6NKkTbYB2j1m51MoHj65VPilna%2BRMC2LeLbJ2dlmuScVEOqlnWhp5Fwy973XCVUENkj"}],"max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6304b20b1816d725-FRA
expires: Sat, 20 Mar 2021 06:45:12 GMT

GET
H/1.1

200
OK

ts464-internationalemail-general Show response
go.yonyelinta.com/
Redirect Chain

http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=102058&vert=&cid=
http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1187961483080842866

496 B
563 B

521ms
480ms

Document
text/html

216.189.51.90
ARACHNITEC

General

Check archive.org

Show headers Download Go to

Full URL: http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1187961483080842866
Requested by: Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=102058&utm_medium=27&utm_campaign=248&utm_content=170
Protocol: HTTP/1.1
Server: 216.189.51.90 , United States, ASN6921 (ARACHNITEC, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: ac5e2236879b201786b4ab0035990c0515e3dfb97dd9b90132e14a35fdc91f46

Request headers

Host: go.yonyelinta.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://offer-notavailable.com/bettercontent/?utm_source=102058&utm_medium=27&utm_campaign=248&utm_content=170

Response headers

Server: nginx/1.14.2
Date: Mon, 15 Mar 2021 09:25:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip

Redirect headers

Date: Mon, 15 Mar 2021 09:25:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d9cdbaa347cdb65f4651430979a338dd41615800340; expires=Wed, 14-Apr-21 09:25:40 GMT; path=/; domain=.rapid-cdn.com; HttpOnly; SameSite=Lax PHPSESSID=999af12fb4548cc1a91e6e9a4a4672a2; expires=Mon, 22-Mar-2021 09:25:40 GMT; Max-Age=604800; path=/; secure; SameSite=None csid3=999af12fb4548cc1a91e6e9a4a4672a2; expires=Tue, 15-Mar-2022 09:25:40 GMT; Max-Age=31536000; path=/; secure; SameSite=None PHPSESSID=999af12fb4548cc1a91e6e9a4a4672a2; expires=Tue, 16-Mar-2021 09:25:40 GMT; Max-Age=86400; path=/; secure; SameSite=None
X-Powered-By: PHP/7.3.14
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Robots-Tag: noindex, noarchive, nofollow
P3P: CP="This is not a P3P policy"
Location: http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1187961483080842866
CF-Cache-Status: DYNAMIC
cf-request-id: 08d6cda6cc00002c2e6bbb4000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xmqmuq87SgcqnHeykuRaFaPrkjHkxNNy16KVA%2F2OBqf75yez10ygsXJx7tOWfEKLPXrU8ZvSzTSUjA45oxt2jwAZ381fwgnNmP%2FMaTHu8UQq8A3NOV5HRGzH"}],"max_age":604800,"group":"cf-nel"}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
CF-RAY: 6304b21e190c2c2e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

Primary Request index.php Show response
spinwithvegas.com/landingpages/vv046_ny/
Redirect Chain

http://go.yonyelinta.com/match-6633/42429/109977769/1615800340/mf_c95c05da-f73b-431b-af5b-340d27909f0c/dHM0NjQtaW50ZXJuYXRpb25hbGVtYWlsLWdlbmVyYWw=/?flux_txid=475075720557923304&flux_hid=1187961483...
https://spinwithvegas.com/l/5fe1f360d4834f1e526b194c?click_id={click_id}&sub_id={target.thru}
https://spinwithvegas.com/landingpages/vv046_ny/index.php?ref=vp_w88865c69773l7543gdep167_{target.thru}&click_id=%7Bclick_id%7D
https://spinwithvegas.com/landingpages/vv046_ny/index.php

13 KB
3 KB

62ms
62ms

Document
text/html

2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/index.php

Requested by

Host: go.yonyelinta.com
URL: http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1187961483080842866

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57ef96cfecd2dac1080ed8d55411b61f0f24aff0b924be6cd05dd26881c229c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: spinwithvegas.com
:scheme: https
:path: /landingpages/vv046_ny/index.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://go.yonyelinta.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d81df8e920b1c82d6f58cca3f949c232e1615800341; mongo_sess=23f2a21cc2915ff8af34a5fcc89785aa
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://go.yonyelinta.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1187961483080842866

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
cf-request-id: 08d6cdac1800004abdfc0b9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MYmLUmD5U4oiyH44w%2BeiRG8%2BgDd31VzJaYW1GAq1%2BkeGvtc%2FQ0zKSRXoHCDUnvkiUekMFSOSOE6kSSrjv%2FpWo%2FUffBAM7RgrU1FBTR9nP8R%2FN1ES8R8RRmAY%2Bc6y6A%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6304b22688024abd-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Mon, 15 Mar 2021 09:25:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: mongo_sess=23f2a21cc2915ff8af34a5fcc89785aa; expires=Tue, 16-Mar-2021 09:25:41 GMT; Max-Age=86400; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /landingpages/vv046_ny/index.php
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
cf-request-id: 08d6cdabe600004abd3dbe3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0Y%2FRnyjsGQwGBpICsoJdIkQKNKFslrnKVhN%2FR8GgdnvXs9KMVsCvHwQRGVEplFIfJjbOlMakfzwbsnu1sRsM5R4N2fLzs6%2BbxLP3GeOlcmFKaMSw9tuSq4LlRYvlhg%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6304b2263f994abd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-Q050 200 css
fonts.googleapis.com/ 9 KB
874 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,700,800&display=swap&subset=cyrillic

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/index.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d31822d0d56c13395ef0671e48e9c4a5e863882dab1fbefd79cb2c90665d0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://spinwithvegas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 09:25:41 GMT
server: ESF
date: Mon, 15 Mar 2021 09:25:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Mar 2021 09:25:41 GMT

GET
H2 200 style.css
spinwithvegas.com/landingpages/vv046_ny/css/ 13 KB
3 KB 43ms
42ms Stylesheet
text/css 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/css/style.css

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77b2fda4dcb9e36168ebb867aa0b99803dd15af3ebce4d3a1bdecf6506d37958

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d6cdac5d00004abd33869000000001
last-modified: Mon, 21 Dec 2020 13:23:08 GMT
server: cloudflare
etag: W/"5fe0a1bc-355d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rFktmRWGnNmh0ZCW9qoPgUriAs%2FI3aSfWGEvwaz88%2Bfp8DePQCBVnMxfiX8JwWGrfQ7VVAjwnZ9WY%2BWLHQsgRmwehND0y%2FWi2wNgK7wJuie25cG4I6SYyhO9XBfOug%3D%3D"}]}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-ray: 6304b226f8954abd-FRA
expires: Tue, 16 Mar 2021 09:25:41 GMT

GET
H2 200 preloader.svg
spinwithvegas.com/landingpages/vv046_ny/img/ 626 B
692 B 48ms
47ms Image
image/svg+xml 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/img/preloader.svg

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efd00ef9127002193a5b1dcd4c21081b1d4486a05b8a97c2736252f282a2b7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d6cdac6000004abd1a310000000001
last-modified: Mon, 21 Dec 2020 10:27:02 GMT
server: cloudflare
etag: W/"5fe07876-272"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C99iRLlgWibjcGmEs8p4JC9o9osMQfrvmbEUTzzSBdAjuGXPcl65RgbiZsm8BknQV%2BkU0XnC4LJ3V%2F91KjU3QJdAf236MhpDk9svgWqZ3uNxgqMJ4stnrj23IRm8Nw%3D%3D"}]}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 6304b226f8a34abd-FRA

GET
H2 200 logo.png
spinwithvegas.com/landingpages/vv046_ny/img/ 71 KB
72 KB 48ms
48ms Image
image/png 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/img/logo.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b6ba2c51f0445367411b95457811094c44e7082199ff1d6723ec9ef5c44bea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72838
cf-request-id: 08d6cdac6000004abd5e194000000001
last-modified: Mon, 21 Dec 2020 10:27:02 GMT
server: cloudflare
etag: "5fe07876-11c86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QQYM3xc22XR86nPOIJh8NSfFLnfOBvW38i7%2FwKfDIJ6t0RI2UijubeT1tK8Pm91FFV1bFTgJnIFpfPOpmqC9YHorQd5dasOUnr54HSw9qK3pS7VSoUV1FCvChCRY%2Bg%3D%3D"}]}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6304b226f8a54abd-FRA
expires: Tue, 16 Mar 2021 09:25:41 GMT

GET
H2 200 partners-pay.png
spinwithvegas.com/landingpages/vv046_ny/img/ 57 KB
57 KB 42ms
41ms Image
image/png 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/img/partners-pay.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

572904bbed47e1347fa438f748f007c848bed5f4a2fd78e40b7b4b53f3095a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58160
cf-request-id: 08d6cdac6000004abd39be0000000001
last-modified: Mon, 21 Dec 2020 10:27:02 GMT
server: cloudflare
etag: "5fe07876-e330"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pwPH%2F%2BNfwS%2B5ACnlCwVlhNDLHI%2B6l4%2FygsihNxSaluqGlDQEvQUh%2BlOJksHuvsJB7IZrEfJS7r1K4O27JjDsHwcCjnAlQYJhKrKtU8xvfIqSqp0T78mYcNoi%2FDkc2g%3D%3D"}]}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6304b226f8a64abd-FRA
expires: Tue, 16 Mar 2021 09:25:41 GMT

GET
H2 200 partners-pay-mob.png
spinwithvegas.com/landingpages/vv046_ny/img/ 73 KB
73 KB 51ms
50ms Image
image/png 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/img/partners-pay-mob.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c57d97fa18c962887058ea824959f5a6e8bb691f069c51a8e7ecb81731f251b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74828
cf-request-id: 08d6cdac6100004abd4b225000000001
last-modified: Mon, 21 Dec 2020 10:27:02 GMT
server: cloudflare
etag: "5fe07876-1244c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M86H222w0rglM0F%2FfsiyCponZqdJyy47UG6PTjQd6zP3wqjIlis7Qp%2BWHLselV0h%2BrpZErdscJGGQNyieOVvQHeIJQuPGt%2FXcnNtbf5aHG1%2FkK6X2GLtj4TAGD%2FNKg%3D%3D"}]}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6304b226f8a94abd-FRA
expires: Tue, 16 Mar 2021 09:25:41 GMT

GET
H2 200 createjs-2015.11.26.min.js Show response
spinwithvegas.com/landingpages/vv046_ny/js/ 186 KB
47 KB 52ms
51ms Script
application/javascript 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/js/createjs-2015.11.26.min.js

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d6cdac5e00004abd0528e000000001
last-modified: Mon, 12 Feb 2018 11:11:34 GMT
server: cloudflare
etag: W/"5a817666-2e8b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=togEs3TPEI1AVauIx4pq8QLXK0g%2BNTgDqmj2UrjWsjXtWrw6OyWVF83x0VN9JVtzhnrJ84CsJKrvP0cbcdDp1Q4CwqJjKYaxzOZVqlzUuGs9bCl5YWZYU4qLb3sooQ%3D%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-ray: 6304b226f8984abd-FRA
expires: Tue, 16 Mar 2021 09:25:41 GMT

GET
H2 200 index.js Show response
spinwithvegas.com/landingpages/vv046_ny/js/ 19 KB
4 KB 51ms
50ms Script
application/javascript 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/js/index.js

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73f65da33b165ba6317844d5ac2b4e1a46f392f913b36c72876a1077c418a623

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d6cdac5e00004abd5331d000000001
last-modified: Mon, 21 Dec 2020 11:18:24 GMT
server: cloudflare
etag: W/"5fe08480-4d65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NvW8%2FyJ92fLpalCCMUMAOHqFcOkfva%2FiHXPDAAnmMQk%2BPOBMJJtSYkTZ5DO4w%2Bc0T887QkM5Rnl2KdObve4VMmkCmpmqMogPgJPkvGiupm%2FyBos53FFog%2FpL1%2FBgtQ%3D%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-ray: 6304b226f89a4abd-FRA
expires: Tue, 16 Mar 2021 09:25:41 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
spinwithvegas.com/landingpages/vv046_ny/js/ 85 KB
29 KB 51ms
50ms Script
application/javascript 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/js/jquery-3.2.1.min.js

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d6cdac5f00004abd60a92000000001
last-modified: Mon, 10 Sep 2018 10:48:44 GMT
server: cloudflare
etag: W/"5b964c0c-15287"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SDIReyUd67K06LICASX1JfKiEMFKb8t5UTf8uKTBWRwtUO3TgHUtUgmBJ0tjt%2BeVAOY9dTcRjitPizew2noafZT0cQz5%2FrywjZPcImOu%2B1j5YG2psMoGt9cxudSOrw%3D%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-ray: 6304b226f89d4abd-FRA
expires: Tue, 16 Mar 2021 09:25:41 GMT

GET
H2 200 main.js Show response
spinwithvegas.com/landingpages/vv046_ny/js/ 3 KB
1 KB 48ms
47ms Script
application/javascript 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/js/main.js

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f1a1bf8782367d78baf9fcc8f9ed061f91a13ee29c0fb7df74883c775456cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08d6cdac6000004abd2db8a000000001
last-modified: Mon, 21 Dec 2020 13:18:28 GMT
server: cloudflare
etag: W/"5fe0a0a4-c63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4hebtNxwlRSz0utoovWJC3jdpEq2CL%2FSTuVZUZkEiTirjNK3rlBN6XcQ%2FRnk59oC7kmv2szL7TLsu5IadsXW4WkXOcdFeO3mL1rHkw2mAB5ZkDpgmj8n6pbRjz0gBg%3D%3D"}]}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=86400
cf-ray: 6304b226f8a04abd-FRA
expires: Tue, 16 Mar 2021 09:25:41 GMT

GET
H2 200 lang-arr.png
spinwithvegas.com/landingpages/vv046_ny/img/ 1 KB
1 KB 32ms
30ms Image
image/png 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/img/lang-arr.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f58b65b14d6339c11b682e7debd706acb89858294a4dc589c2d31538acc94a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1064
cf-request-id: 08d6cdacae00004abd668be000000001
last-modified: Mon, 21 Dec 2020 10:27:02 GMT
server: cloudflare
etag: "5fe07876-428"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=en%2BYH4MB7UujaX9wFwXiuZbRHNuQLLtIWjpoVpKRQMDXFrt%2FE38QtoFdPDKxHu2hjR7%2BZ4DPkE3eZ5L9u8cKxTp8J9aey7xvHJxfFxxaGGtQVrj8IonoEcdcVHa1vA%3D%3D"}]}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6304b22779a34abd-FRA
expires: Tue, 16 Mar 2021 09:25:41 GMT

GET
H2 200 content-bg-desk.jpg
spinwithvegas.com/landingpages/vv046_ny/img/ 432 KB
433 KB 34ms
32ms Image
image/jpeg 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/img/content-bg-desk.jpg

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2db896c9f892013d93d8a07fdf8044174816b64951d7e20a171e79362d7954d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 442167
cf-request-id: 08d6cdacaf00004abd42aec000000001
last-modified: Mon, 21 Dec 2020 10:27:02 GMT
server: cloudflare
etag: "5fe07876-6bf37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eTapsJSoWdJmPO1lCDsJkYF%2B2h6%2BTpgP723TqHTq4QVsT11enuUMj9HsYqY8F6JoVAir3BTwltIB4xl985ypewFX9LJMuQRFA1e%2BGOq5%2BFr8rztgICDkjl9GpxAAjw%3D%3D"}]}
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6304b22779a54abd-FRA
expires: Tue, 16 Mar 2021 09:25:41 GMT

GET
H2 200 logo-light-1.png
spinwithvegas.com/landingpages/vv046_ny/img/ 26 KB
26 KB 16ms
14ms Image
image/png 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/img/logo-light-1.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

656ef62960b826072d6ef9775270694165cf09882b085fb7fb6134fb76885f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 86381
strict-transport-security: max-age=300; includeSubDomains;
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26509
cf-request-id: 08d6cdacaf00004abd3dbeb000000001
last-modified: Mon, 21 Dec 2020 10:27:02 GMT
server: cloudflare
etag: "5fe07876-678d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2%2BBVSkYPdStuQQJrR3JRLUeUViQ9ksZ2brNHkud69aVH3Nwy%2BeGlt4FO2N%2Bn4LqboaflrmC%2FLNUSplmaHaA4Y6YxaNwA5lcDhU3FzQ8UC1J11g50KFs0QZwB1yAFXg%3D%3D"}]}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6304b22779a74abd-FRA
expires: Mon, 15 Mar 2021 09:26:00 GMT

GET
H2 200 logo-light-2.png
spinwithvegas.com/landingpages/vv046_ny/img/ 23 KB
23 KB 13ms
11ms Image
image/png 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/img/logo-light-2.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92126e01e710beca2472d4ea728f0e7b432a7e0bb8c64d41b5bf0f9a177ce709

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 86381
strict-transport-security: max-age=300; includeSubDomains;
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23427
cf-request-id: 08d6cdacaf00004abd63186000000001
last-modified: Mon, 21 Dec 2020 10:27:02 GMT
server: cloudflare
etag: "5fe07876-5b83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=26OBC1fj2918O56EsUsyKWInHsl4KSA7UQM5ybQQfSOVUK7RF4pzmDqJVzl4GNdUlHjPsSHYX8yUtk0MXaz%2Bu70WCyGTsW1N8B0l8FSuYlnF%2FaG8OvCexuoJJ%2FgGwA%3D%3D"}]}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6304b22779a94abd-FRA
expires: Mon, 15 Mar 2021 09:26:00 GMT

GET
H2 200 steps-bg-desk.png
spinwithvegas.com/landingpages/vv046_ny/img/ 38 KB
38 KB 39ms
37ms Image
image/png 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/img/steps-bg-desk.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f00093573ad8522b6616228440305ba725cef57bccec7a1b8983f6513895bf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38590
cf-request-id: 08d6cdacaf00004abd67b3c000000001
last-modified: Mon, 21 Dec 2020 10:27:02 GMT
server: cloudflare
etag: "5fe07876-96be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=300; includeSubDomains;
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c1SiYbZKmRowJBC7cycE2k2nKGXiYbh%2B%2BH1tXymM2%2BgRTA29DJQf7rGb1WgWWOO0P0YuiasTgWKq0YENUnrHije5E%2FQyxr2%2BAHRFriIpfxQXByWHKbt7U7X10rFZEA%3D%3D"}]}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6304b22779ab4abd-FRA
expires: Tue, 16 Mar 2021 09:25:41 GMT

GET
H2 200 sh.png
spinwithvegas.com/landingpages/vv046_ny/img/ 14 KB
15 KB 16ms
14ms Image
image/png 2606:4700:3032::ac43:c5f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spinwithvegas.com/landingpages/vv046_ny/img/sh.png

Requested by

Host: spinwithvegas.com
URL: https://spinwithvegas.com/landingpages/vv046_ny/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:c5f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a1b911e07464f76aefd656827151f98cab1098fe64700dcabb9333336266419

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spinwithvegas.com/landingpages/vv046_ny/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:25:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 86381
strict-transport-security: max-age=300; includeSubDomains;
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14643
cf-request-id: 08d6cdacaf00004abd59b44000000001
last-modified: Mon, 21 Dec 2020 10:27:02 GMT
server: cloudflare
etag: "5fe07876-3933"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pftEuXh7HG6RAgKnnZq%2FWshgvIL8rC0yHFTQPugL4FrONF61eOqxgt3J7GmT8ygJTvNfJRWBZM%2BcsrUsE0AkFmLBxxMYfQ5yyv5aO8hHjuyfoXaf1adG7KVS07NacQ%3D%3D"}]}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6304b22779ad4abd-FRA
expires: Mon, 15 Mar 2021 09:26:00 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,700,800&display=swap&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://spinwithvegas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 02:04:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 372092
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 11 Mar 2022 02:04:09 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,700,800&display=swap&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://spinwithvegas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 573009
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:15:32 GMT

GET
H3-Q050 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,700,800&display=swap&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://spinwithvegas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 23:19:05 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:37 GMT
server: sffe
age: 381996
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16256
x-xss-protection: 0
expires: Thu, 10 Mar 2022 23:19:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.traversedlp.com
URL: https://api.traversedlp.com/retargeting/v1/cookie

Domain: api.traversedlp.com
URL: https://api.traversedlp.com/retargetinginclusion/enqueue

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			spinwithvegas.com/	1970-01-19 16:51:26	Name: mongo_sess Value: 23f2a21cc2915ff8af34a5fcc89785aa
			.spinwithvegas.com/	1970-01-19 17:33:12	Name: __cfduid Value: d81df8e920b1c82d6f58cca3f949c232e1615800341

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.traversedlp.com
fonts.googleapis.com
fonts.gstatic.com
go.yonyelinta.com
offer-notavailable.com
rapid-cdn.com
spinwithvegas.com
static.bouncepilot.com
static.traversedlp.com
str.migraine-follow.us
sunflowerfresh.com
www.googletagmanager.com
www.yilopeet.com
api.traversedlp.com
13.226.159.99
168.235.82.148
188.74.244.176
216.189.51.90
23.250.22.58
2600:9000:211e:1600:10:b308:84c0:93a1
2606:4700:3031::6815:4a86
2606:4700:3032::ac43:c5f1
2606:4700:3035::ac43:c19a
2a00:1450:4001:800::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82a::200a
52.86.198.209
1b6ba2c51f0445367411b95457811094c44e7082199ff1d6723ec9ef5c44bea6
1b79a45628c22e72d4b9a86c7df44e8054399fcaca78e0b2629834ccf3659be0
1d31822d0d56c13395ef0671e48e9c4a5e863882dab1fbefd79cb2c90665d0ec
306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce
3b21888a3b5f0bde00aef014df4c196f6df4e6d8d46774612f7d284fea4825b3
43162aaf944c89d906de83fb5a35bf9a40252bbcfc7f1d4eb1066a921e092f44
4a1b911e07464f76aefd656827151f98cab1098fe64700dcabb9333336266419
572904bbed47e1347fa438f748f007c848bed5f4a2fd78e40b7b4b53f3095a95
57ef96cfecd2dac1080ed8d55411b61f0f24aff0b924be6cd05dd26881c229c4
59f603524706925ef46209dfa6fa2f407cd1b2d956e8968fefb9cdad8c545582
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
656ef62960b826072d6ef9775270694165cf09882b085fb7fb6134fb76885f32
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
706e20bf591b72c0a43bf63546fe1d3d2017a0d84097450b7085d43d8db11b67
73f65da33b165ba6317844d5ac2b4e1a46f392f913b36c72876a1077c418a623
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
77b2fda4dcb9e36168ebb867aa0b99803dd15af3ebce4d3a1bdecf6506d37958
88ce9f59faab52fc79f5d6746907d374d52ed91ed4fdf01dd552a02c9ccd6092
92126e01e710beca2472d4ea728f0e7b432a7e0bb8c64d41b5bf0f9a177ce709
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9f1a1bf8782367d78baf9fcc8f9ed061f91a13ee29c0fb7df74883c775456cd0
a51c79d459a80cc8e3b837b5a0883b4116c7fef29cb5a5e6aac8b81ec60b508a
ac5e2236879b201786b4ab0035990c0515e3dfb97dd9b90132e14a35fdc91f46
c57d97fa18c962887058ea824959f5a6e8bb691f069c51a8e7ecb81731f251b3
d2db896c9f892013d93d8a07fdf8044174816b64951d7e20a171e79362d7954d
d88e33f01165a7085114a365de792cbda138af8875ab3e481750e24b0fb86eed
eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864
efd00ef9127002193a5b1dcd4c21081b1d4486a05b8a97c2736252f282a2b7a6
f00093573ad8522b6616228440305ba725cef57bccec7a1b8983f6513895bf61
f58b65b14d6339c11b682e7debd706acb89858294a4dc589c2d31538acc94a68

spinwithvegas.com Open in urlscan Pro 2606:4700:3032::ac43:c5f1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

82 %HTTPS

54 %IPv6

12 Domains

13 Subdomains

12 IPs

3 Countries

1110 kBTransfer

1450 kBSize

2 Cookies

5 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

spinwithvegas.com Open in urlscan Pro
2606:4700:3032::ac43:c5f1 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

82 %
HTTPS

54 %
IPv6

12
Domains

13
Subdomains

12
IPs

3
Countries

1110 kB
Transfer

1450 kB
Size

2
Cookies

38 HTTP transactions
0 data transactions