happywithvegas.com/vv029_mg/img/partners-pay.png
188.114.96.1200 OK 21 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/partners-pay.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 942 x 202, 8-bit colormap, non-interlaced\012- data
Hash 59ffeaabc7d9d42b66ec2e83ff788ab0
383ee5549648117ece4c72eefa61e87b4cc7b25c
3fef5f2da047a7b01fd2f20b4901e61d6647ba3b61ad553709e4db0f05ef7807
GET /vv029_mg/img/partners-pay.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 20801
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-5141"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0g0sGhe9siP9x%2BqZpsewTGO%2Fff825V%2F7xunUhxe64ytlUG4AGs6WJimifdsfix%2Fbv03K2DusYvbFEGj61jdiLeIepTCLsrglhNPATmQvqZSA5waZhvBXjTzpswvt3ON%2FawuMnE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f5f0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/partners-pay-mob.png
188.114.96.1200 OK 20 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/partners-pay-mob.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 437 x 278, 8-bit colormap, non-interlaced\012- data
Hash 0d4722f919360be049732b86ee2b28eb
2f53d8b2e6d6369cfc99de2a20889aa790128450
796f1b6b93e57aea3d7b4d34a6e83b39e9e5719b7aced0a62a7af259894a3d40
GET /vv029_mg/img/partners-pay-mob.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 20008
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-4e28"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2jamMYsFfeu0xi7OVYb3VKBUGHSTagFIJaloc0VTQnibIDdkOnCFP330bHXYV%2BjDtjji2JyHqT%2FhQghQViRM0Ai5EKu9PEYngyw5NJycz30nzp80GNMwACyRRuioSa1UMC%2BBmo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f670b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/sh.png
188.114.96.1200 OK 15 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/sh.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 1312 x 179, 8-bit colormap, non-interlaced\012- data
Hash d05b1cffd4aaafc4f51e653cbb9c63af
96659960d7d9f973d2e12d54cb0a4479f4ecd5b7
f1e809b49aa58ce92de5cb4bf2536d65b3a0e2e006816db1999804e5940d1d81
GET /vv029_mg/img/sh.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 14796
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-39cc"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqOs2XYJLxb4Z9Arml44VdF0AulNKVkPTuENw6np1%2Bhz3VTkJ80yFMMSOFy7goePZhZUgaevi5iOg%2B7aTGC9Tl2kxcVVlL3Z8nJhW6DygoDYdu8Uri87Cev0gUxwsyUE4BdVjfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eec69b00b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/logo-ru.svg
188.114.96.1200 OK 15 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/logo-ru.svg
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 582d2be4e52144a37fdb8497b23d4045
1ccbef08fe3d5e6a86254766d2e6f448714a07f7
1b7cf9149755f569c9e5421398348067d327237b0b273d903f6151c34ce10ccd
Analyzer Verdict Alert fortinet Phishing
GET /vv029_mg/img/logo-ru.svg HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: W/"615ef874-3aae"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2Bcw%2BzCWJCkY%2FUSdj%2F%2BymwL8QY8dBzk9ajor3gE1dzpAKHgf%2FIysKalqMFTeklVk0qIx2ZDUlCHzrx88QYkpku7n%2FdjlPE30sF7Aw3RKKY41%2BAcMz%2FsWOxmRjC09QUae%2B%2B5IJQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f620b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/bg-main.jpg
188.114.96.1200 OK 322 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/bg-main.jpg
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x647, components 3\012- data
Size 322 kB (321509 bytes)
Hash 9fee11f9e7686aef9f041c2a35743000
131ce37a409f999034b4e4455e857e90df50a703
89b56c8627f146d4f7d62276c532e60305bd53c93f5a132924b9646156b5ed18
GET /vv029_mg/img/bg-main.jpg HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/jpeg
content-length: 321509
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-4e7e5"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEkuuv7I1SgSeg%2FnVGmRyAPVeZh9Rk%2BhMnEsUKNrBGjpULMERzNhRhuojAM5znjzXHoXtwPJAqV9A09SPB5IAsXfyGxMnjjs5zCXHzeyA%2B2022AJYxukfLG0TiUy6%2BQgzuimSdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eec59a20b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Hash 31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://happywithvegas.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 11:49:35 GMT
expires: Fri, 17 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 466544
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
happywithvegas.com/vv029_mg/js/jquery.min.js
188.114.96.1200 OK 80 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/js/jquery.min.js
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (32030), with CRLF line terminators
Hash 5b5a269bd363e0886c17d855c2aab241
042dd055cd289215835a58507c9531f808e1648a
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
Analyzer Verdict Alert fortinet Phishing
GET /vv029_mg/js/jquery.min.js HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: application/javascript
last-modified: Fri, 06 May 2022 12:13:01 GMT
etag: W/"627510cd-152b9"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90iOOpTQJPfty9skylfuhzA4fcM7GTnqC7UXWAlc7mbKOOOu74SNlZY8dSbb7wEeO6nomm3mHRYL7XTxtLwD7VKWVdPDm%2FFOl4CUbat%2Fln9ia3HJaPAvQukFluqTx9%2FuUEVo%2BAA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f650b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
IP 216.58.207.227:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 16324, version 1.0\012- data
Hash f43fa5b4f6366eae0039e4e49db645de
d7fec074ba8b6e69bec4a995ea722d3d1513ad43
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://happywithvegas.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:48 GMT
expires: Thu, 16 May 2024 00:16:48 GMT
cache-control: public, max-age=31536000
age: 594511
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
happywithvegas.com/vv029_mg/css/style.css?1
188.114.96.1200 OK 4.5 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/css/style.css?1
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
Hash 6b041e5cdf382c0a301009d4df130af2
37ebf7ac7bd083db4b3e8550042e9a32e48a5bd9
4abc0858b98726606694c01363243cee86b07e072e9dde8856d27a7bd6c8ed0a
GET /vv029_mg/css/style.css?1 HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: text/css
last-modified: Fri, 06 May 2022 12:15:43 GMT
etag: W/"6275116f-4326"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUWDzpEZBr0o5HprfyfO76VUWJmOaWSu3way2JrO3ITTE5cXtHrarUbx9sOhWyMjOw3NiXJHgmgA5an57OeAHU84r4YMEW1UpfWSsxlo6rLM8fKVPLKPm%2FrkVxYOTNuVGAENYnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f5c0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/pers-1.png?1
188.114.96.1200 OK 355 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/pers-1.png?1
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 628 x 534, 8-bit/color RGBA, non-interlaced\012- data
Size 355 kB (355018 bytes)
Hash 49e11a3fa925b62eac7b3d30105e6614
3aff6a2eb0148f1ca31f5ee8b28baddce79512cf
9358b4930b055aec528e70b98c788f0b8185651265525370ad0b791d1674c098
GET /vv029_mg/img/pers-1.png?1 HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 355018
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-56aca"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhLxc6UpnLDRrXXexq%2BNRYWDX9vzjJVP0L80OUInTRDJCtYAd8sZNTN6JpyXy1HXVwvqlnbBhhUOyqZNSUUU5QJvGKjJ6fAXmhr%2BlhRvlqPzwleFfLp%2Fq6n15HJbMrM9PFc7F3k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eec69aa0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/pers-2.png
188.114.96.1200 OK 352 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/pers-2.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 628 x 534, 8-bit/color RGBA, non-interlaced\012- data
Size 352 kB (351554 bytes)
Hash 2e3546803ba6d3e1bf572ea0ad541de8
4a771d80b229a5acf4713930cd48f9fb553b8ac7
2526665440142177e7aa023e3d54584ef6fe259ae4ea87f1c9506a85395c6938
GET /vv029_mg/img/pers-2.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 351554
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-55d42"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBTPq9oJmcyZHnamIVSwWbTvhcThRzSOfyMczpxDn9f7kVfwv8%2BK1dJENqzr3s5f57vR1XW9G88yBSXXu4GQfz1o5NFjfm7GGWauOWQZAQCvxoMfBXFluaWNhFKltjCNVgA9Bxg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eec69ad0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/favicon.png
188.114.96.1200 OK 1.9 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/favicon.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b22c0d7f4ba85138e1d468331d5d841
1aeadd90089f343b40cab6121a87467baa469531
1755f9d5022561b6edb124c71907d7d90faf763651ebb4906f03cc47aa5f6def
GET /vv029_mg/img/favicon.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 1941
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-795"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvhZSu5zkfE4r0PjbPMvVEiNet6zUWRIbIA1KeAlK205JdQvThUv0yT%2B6Futb66KaYLF2ZLi7pO7PM9pK2CufBwLivHy%2Bpp0MOfJlvXObi0IIYXHLzKEVvOW4np24P28%2BhTkImc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eef4d3f0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/flags.png
188.114.96.1200 OK 6.7 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/flags.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 16 x 224, 8-bit/color RGBA, non-interlaced\012- data
Hash 3015b784ecf600c33c41110e133cf4b9
80d8857d64933292def3fc0dde6007e1bae44351
06819193e640d047669a343a4427bdd643632bb5c927cdb853f32e1db79c92c2
GET /vv029_mg/img/flags.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 6739
last-modified: Fri, 06 May 2022 12:07:36 GMT
etag: "62750f88-1a53"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DL2cWWlRkc9MuQfekJqZj38sROcdty4AE7u%2FNcARv40Z%2BFE1wjMXbN6qexCRGXG5qK1pTe8Zq%2FQuknOJy3xGV%2Fkf5YY1V69bWf3a8aKC5F1tOPANbjH1dHOCMMN%2Fw5AehOUOZu0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eef7d640b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/js/main.js
188.114.96.1200 OK 6.2 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/js/main.js
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (6403), with no line terminators
Hash 14331311ca6e79b7db1538513c8b0a05
8cc469f8da8a253565555fc357e276565adde576
6c27d2d0cb3b28725bfe8caeefbf4894ae6f4974bf8af9e85c963a3063d7c307
Analyzer Verdict Alert fortinet Phishing
GET /vv029_mg/js/main.js HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: application/javascript
last-modified: Fri, 06 May 2022 12:12:52 GMT
etag: W/"627510c4-1829"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCbxAx7uWAbhmcD%2BZ70j13fSKTUYmrtBHv9%2FOsZ5Pg1EGUKOwgK8VOIloN0RUCb8Unn9WA1q7%2F8zzl49DodUHp3dpJGNn7Jdi0ryvF5xRtyFUzzIAsfDMVcoJ6kitEeW6V1UTfg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f660b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/index.php
188.114.96.1200 OK 21 kB URL User Request GET HTTP/3 happywithvegas.com/vv029_mg/index.php
IP 188.114.96.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /vv029_mg/index.php HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:18 GMT
content-type: text/html; charset=UTF-8
set-cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f; expires=Wed, 24-May-2023 21:25:18 GMT; Max-Age=86400; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6o88n0ufpLJLveXziUY%2BHsqnQlHKeiC64FAGNabCXkdpARAYGhuyYR6u45uIvZKttW%2Fu5KaBOrdXF5imIUPmrxzAjkclWZMitkz5zBza53%2FitF%2FCMOAnSKovdkNRUWG%2B6pS41ds%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cc05ee64a960b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/preloader.svg
188.114.96.1200 OK 626 B URL GET HTTP/3 happywithvegas.com/vv029_mg/img/preloader.svg
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- exported SGML document, ASCII text, with very long lines (680), with no line terminators
Hash d55ac89e66c1b935f0e76f6f87c31e33
f3c323f6c9142fd432f70761deae20d79c957238
1e246bc3034629b11d411a01ea9a536c5ec991beca02fa3bc6481f96a2db8aab
Analyzer Verdict Alert fortinet Phishing
GET /vv029_mg/img/preloader.svg HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: W/"615ef874-272"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6s8kSryOVNsxZCCvi4%2FLYzCbAxDauZtL6d0cEn%2BrQKkoojxSXAAlma%2F%2BIg02vtVoN8dn9hRoL%2B8HyXf%2BbCt%2FvBLxuNPg0eQxTz8r6xL%2BSXjuABFAasvo7g5yWVG69U%2Bmc3j6P1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f630b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/lang-arr.png
188.114.96.1200 OK 1.1 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/lang-arr.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 13 x 8, 8-bit/color RGBA, non-interlaced\012- data
Hash 90cac70809f117b7b119e434f4361e9c
85351468b3fe911d79ce06ffce827b3e41e2ef80
f58b65b14d6339c11b682e7debd706acb89858294a4dc589c2d31538acc94a68
GET /vv029_mg/img/lang-arr.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 1064
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-428"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BD9cwvu8bwW4wgTCZR4UbWKFGXrsVmqh6RnlBCs4b37C8gQhLt9d15d1pDyYcjIk5W9tXWdwJOpOhIazPo5XyjD%2BqElYokL6cz4Tpmp1o8YTN%2F9ONQ4x5E6qJD3N23WBP3q%2FHiM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eec59a10b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/steps.png
188.114.96.1200 OK 11 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/steps.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 910 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash 95ae76b0c8d8534f41b121c41db436bb
d309abe6fc2cc7ff2c6a1948dca80ccd2c02a76c
2ff519fc8ae59f8d4f67d1003644f1b5958e165e8d59bdc99b00a536a3880c8a
GET /vv029_mg/img/steps.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 11047
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-2b27"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7U7%2FUgp1frKYJcVLGqwarcxDHV0kbG9MrVn77dvngIsnAhSHlDpB1aLWRrtPjr9i0lRL6cyUxR5KKpVzNOqs%2BmYyQTV8lXDHK5zJ1iM1uwUyZG9rR5qWYTql8D%2Fdcyl3muoQY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eec59a60b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,700,800&display=swap&subset=cyrillic
142.250.74.106200 OK 11 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,700,800&display=swap&subset=cyrillic
IP 142.250.74.106:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
Hash 0a59b4bd6c8460df367a74e8f6282790
84382d208cbb987d24061b9659e13b7183541a8d
90ceec400590888d429de8f59127c5d22396a81c3e2af31df7f84917e251a726
GET /css?family=Open+Sans+Condensed:700|Open+Sans:400,700,800&display=swap&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 23 May 2023 21:25:19 GMT
date: Tue, 23 May 2023 21:25:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
happywithvegas.com/vv029_mg/img/logo-en.svg
188.114.96.1200 OK 13 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/logo-en.svg
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 17ec10fc9dae9f9d35920edebf3941a2
9229658dc8618295ba4910e0a8bab2aac20648f7
bf112cef8f6c784d9cbb053f146655b56fd4c41df762ef837941e0ae061ab4b8
Analyzer Verdict Alert fortinet Phishing
GET /vv029_mg/img/logo-en.svg HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: W/"615ef874-31b8"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLhuMTgRSSu%2FlronEf9tiXtqK%2FHUUSAX1ySTxiDr10cF4gD8%2B%2B0CPL8AkrX8tJMoI8z8xPU5v4cvGVHOC49vB%2BdMcWLb08QWhHxCtVCugSrchT%2FhiHcyonFcVPHNBzqkpL30K0s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f610b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/landingpages/vv029_mg/index.php
188.114.96.1302 Found 21 kB URL User Request GET HTTP/2 happywithvegas.com/landingpages/vv029_mg/index.php
IP 188.114.96.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /landingpages/vv029_mg/index.php HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 23 May 2023 21:25:18 GMT
content-type: text/html
location: https://happywithvegas.com/vv029_mg/index.php
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pb4XcLcLOm4%2B3kgaxsapBJWJHchHlhBtf3FpMG7YRUiQAai55aMAVIaM2%2BGaTWO8o%2F52ryc9AB7hh3CaA5KzJRGtryNzK4xYpeWMTpcm78kfraFV7ZjSFIHNb6OlyEK8XQA9Ws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cc05ee528c30b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2