Report - happywithvegas.com/landingpages/vv029

Report Overview

Submitted URL
happywithvegas.com/landingpages/vv029_mg/index.php
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-05-23 21:25:36
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
happywithvegas.com	385395	2020-10-27	2020-10-29	2023-05-23	9.4 kB	1.3 MB	188.114.96.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-23	1.1 kB	66 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-23	501 B	12 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-23	medium	happywithvegas.com/vv029_mg/img/logo-ru.svg
2023-05-23	medium	happywithvegas.com/vv029_mg/js/jquery.min.js
2023-05-23	medium	happywithvegas.com/vv029_mg/js/main.js
2023-05-23	medium	happywithvegas.com/vv029_mg/index.php
2023-05-23	medium	happywithvegas.com/vv029_mg/img/preloader.svg
2023-05-23	medium	happywithvegas.com/vv029_mg/img/logo-en.svg
2023-05-23	medium	happywithvegas.com/landingpages/vv029_mg/index.php

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	happywithvegas.com/vv029_mg/js/jquery.min.js	87 kB	2023-03-07	2024-04-20
Pretty URL happywithvegas.com/vv029_mg/js/jquery.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:28 Last Seen2024-04-20 18:50:55 Times Seen7504 Hash 5b5a269bd363e0886c17d855c2aab241 042dd055cd289215835a58507c9531f808e1648a 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e Loading...

	happywithvegas.com/vv029_mg/js/main.js	6.2 kB	2023-05-23	2023-05-23
Pretty URL happywithvegas.com/vv029_mg/js/main.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-23 23:25:00 Last Seen2023-05-23 23:25:36 Times Seen2 Hash fd987575aba7c63acaa0fd04eef0eaca 57f27f6c375ec14f87636e5d5090df91be3f9f34 4c35a0a0942541012e455e7ed54a179a668a1fe14ea321da02609df665956fbd Loading...

HTTP Transactions (21)

URL IP Response Size

happywithvegas.com/vv029_mg/img/partners-pay.png

188.114.96.1

200 OK

21 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/img/partners-pay.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
PNG image data, 942 x 202, 8-bit colormap, non-interlaced\012- data
Size
21 kB (20801 bytes)
Hash
59ffeaabc7d9d42b66ec2e83ff788ab0
383ee5549648117ece4c72eefa61e87b4cc7b25c
3fef5f2da047a7b01fd2f20b4901e61d6647ba3b61ad553709e4db0f05ef7807

HTTP Headers

GET /vv029_mg/img/partners-pay.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 20801
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-5141"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0g0sGhe9siP9x%2BqZpsewTGO%2Fff825V%2F7xunUhxe64ytlUG4AGs6WJimifdsfix%2Fbv03K2DusYvbFEGj61jdiLeIepTCLsrglhNPATmQvqZSA5waZhvBXjTzpswvt3ON%2FawuMnE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f5f0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/vv029_mg/img/partners-pay-mob.png

188.114.96.1

200 OK

20 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/img/partners-pay-mob.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
PNG image data, 437 x 278, 8-bit colormap, non-interlaced\012- data
Size
20 kB (20008 bytes)
Hash
0d4722f919360be049732b86ee2b28eb
2f53d8b2e6d6369cfc99de2a20889aa790128450
796f1b6b93e57aea3d7b4d34a6e83b39e9e5719b7aced0a62a7af259894a3d40

HTTP Headers

GET /vv029_mg/img/partners-pay-mob.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 20008
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-4e28"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2jamMYsFfeu0xi7OVYb3VKBUGHSTagFIJaloc0VTQnibIDdkOnCFP330bHXYV%2BjDtjji2JyHqT%2FhQghQViRM0Ai5EKu9PEYngyw5NJycz30nzp80GNMwACyRRuioSa1UMC%2BBmo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f670b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/vv029_mg/img/sh.png

188.114.96.1

200 OK

15 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/img/sh.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
PNG image data, 1312 x 179, 8-bit colormap, non-interlaced\012- data
Size
15 kB (14796 bytes)
Hash
d05b1cffd4aaafc4f51e653cbb9c63af
96659960d7d9f973d2e12d54cb0a4479f4ecd5b7
f1e809b49aa58ce92de5cb4bf2536d65b3a0e2e006816db1999804e5940d1d81

HTTP Headers

GET /vv029_mg/img/sh.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 14796
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-39cc"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqOs2XYJLxb4Z9Arml44VdF0AulNKVkPTuENw6np1%2Bhz3VTkJ80yFMMSOFy7goePZhZUgaevi5iOg%2B7aTGC9Tl2kxcVVlL3Z8nJhW6DygoDYdu8Uri87Cev0gUxwsyUE4BdVjfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eec69b00b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/vv029_mg/img/logo-ru.svg

188.114.96.1

200 OK

15 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/img/logo-ru.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
15 kB (14606 bytes)
Hash
582d2be4e52144a37fdb8497b23d4045
1ccbef08fe3d5e6a86254766d2e6f448714a07f7
1b7cf9149755f569c9e5421398348067d327237b0b273d903f6151c34ce10ccd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vv029_mg/img/logo-ru.svg HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: W/"615ef874-3aae"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2Bcw%2BzCWJCkY%2FUSdj%2F%2BymwL8QY8dBzk9ajor3gE1dzpAKHgf%2FIysKalqMFTeklVk0qIx2ZDUlCHzrx88QYkpku7n%2FdjlPE30sF7Aw3RKKY41%2BAcMz%2FsWOxmRjC09QUae%2B%2B5IJQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f620b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/vv029_mg/img/bg-main.jpg

188.114.96.1

200 OK

322 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/img/bg-main.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x647, components 3\012- data
Size
322 kB (321509 bytes)
Hash
9fee11f9e7686aef9f041c2a35743000
131ce37a409f999034b4e4455e857e90df50a703
89b56c8627f146d4f7d62276c532e60305bd53c93f5a132924b9646156b5ed18

HTTP Headers

GET /vv029_mg/img/bg-main.jpg HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/jpeg
content-length: 321509
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-4e7e5"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEkuuv7I1SgSeg%2FnVGmRyAPVeZh9Rk%2BhMnEsUKNrBGjpULMERzNhRhuojAM5znjzXHoXtwPJAqV9A09SPB5IAsXfyGxMnjjs5zCXHzeyA%2B2022AJYxukfLG0TiUy6%2BQgzuimSdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eec59a20b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Size
48 kB (48412 bytes)
Hash
31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

HTTP Headers

GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://happywithvegas.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 11:49:35 GMT
expires: Fri, 17 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 466544
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

happywithvegas.com/vv029_mg/js/jquery.min.js

188.114.96.1

200 OK

80 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/js/jquery.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (32030), with CRLF line terminators
Size
80 kB (79655 bytes)
Hash
5b5a269bd363e0886c17d855c2aab241
042dd055cd289215835a58507c9531f808e1648a
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vv029_mg/js/jquery.min.js HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: application/javascript
last-modified: Fri, 06 May 2022 12:13:01 GMT
etag: W/"627510cd-152b9"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90iOOpTQJPfty9skylfuhzA4fcM7GTnqC7UXWAlc7mbKOOOu74SNlZY8dSbb7wEeO6nomm3mHRYL7XTxtLwD7VKWVdPDm%2FFOl4CUbat%2Fln9ia3HJaPAvQukFluqTx9%2FuUEVo%2BAA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f650b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16324, version 1.0\012- data
Size
16 kB (16324 bytes)
Hash
f43fa5b4f6366eae0039e4e49db645de
d7fec074ba8b6e69bec4a995ea722d3d1513ad43
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

HTTP Headers

GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://happywithvegas.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:48 GMT
expires: Thu, 16 May 2024 00:16:48 GMT
cache-control: public, max-age=31536000
age: 594511
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

happywithvegas.com/vv029_mg/css/style.css?1

188.114.96.1

200 OK

4.5 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/css/style.css?1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
ASCII text
Size
4.5 kB (4505 bytes)
Hash
6b041e5cdf382c0a301009d4df130af2
37ebf7ac7bd083db4b3e8550042e9a32e48a5bd9
4abc0858b98726606694c01363243cee86b07e072e9dde8856d27a7bd6c8ed0a

HTTP Headers

GET /vv029_mg/css/style.css?1 HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: text/css
last-modified: Fri, 06 May 2022 12:15:43 GMT
etag: W/"6275116f-4326"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUWDzpEZBr0o5HprfyfO76VUWJmOaWSu3way2JrO3ITTE5cXtHrarUbx9sOhWyMjOw3NiXJHgmgA5an57OeAHU84r4YMEW1UpfWSsxlo6rLM8fKVPLKPm%2FrkVxYOTNuVGAENYnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f5c0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/vv029_mg/img/pers-1.png?1

188.114.96.1

200 OK

355 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/img/pers-1.png?1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
PNG image data, 628 x 534, 8-bit/color RGBA, non-interlaced\012- data
Size
355 kB (355018 bytes)
Hash
49e11a3fa925b62eac7b3d30105e6614
3aff6a2eb0148f1ca31f5ee8b28baddce79512cf
9358b4930b055aec528e70b98c788f0b8185651265525370ad0b791d1674c098

HTTP Headers

GET /vv029_mg/img/pers-1.png?1 HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 355018
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-56aca"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhLxc6UpnLDRrXXexq%2BNRYWDX9vzjJVP0L80OUInTRDJCtYAd8sZNTN6JpyXy1HXVwvqlnbBhhUOyqZNSUUU5QJvGKjJ6fAXmhr%2BlhRvlqPzwleFfLp%2Fq6n15HJbMrM9PFc7F3k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eec69aa0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/vv029_mg/img/pers-2.png

188.114.96.1

200 OK

352 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/img/pers-2.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
PNG image data, 628 x 534, 8-bit/color RGBA, non-interlaced\012- data
Size
352 kB (351554 bytes)
Hash
2e3546803ba6d3e1bf572ea0ad541de8
4a771d80b229a5acf4713930cd48f9fb553b8ac7
2526665440142177e7aa023e3d54584ef6fe259ae4ea87f1c9506a85395c6938

HTTP Headers

GET /vv029_mg/img/pers-2.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 351554
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-55d42"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBTPq9oJmcyZHnamIVSwWbTvhcThRzSOfyMczpxDn9f7kVfwv8%2BK1dJENqzr3s5f57vR1XW9G88yBSXXu4GQfz1o5NFjfm7GGWauOWQZAQCvxoMfBXFluaWNhFKltjCNVgA9Bxg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eec69ad0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/vv029_mg/img/favicon.png

188.114.96.1

200 OK

1.9 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/img/favicon.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1941 bytes)
Hash
0b22c0d7f4ba85138e1d468331d5d841
1aeadd90089f343b40cab6121a87467baa469531
1755f9d5022561b6edb124c71907d7d90faf763651ebb4906f03cc47aa5f6def

HTTP Headers

GET /vv029_mg/img/favicon.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 1941
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-795"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvhZSu5zkfE4r0PjbPMvVEiNet6zUWRIbIA1KeAlK205JdQvThUv0yT%2B6Futb66KaYLF2ZLi7pO7PM9pK2CufBwLivHy%2Bpp0MOfJlvXObi0IIYXHLzKEVvOW4np24P28%2BhTkImc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eef4d3f0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/vv029_mg/img/flags.png

188.114.96.1

200 OK

6.7 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/img/flags.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
PNG image data, 16 x 224, 8-bit/color RGBA, non-interlaced\012- data
Size
6.7 kB (6739 bytes)
Hash
3015b784ecf600c33c41110e133cf4b9
80d8857d64933292def3fc0dde6007e1bae44351
06819193e640d047669a343a4427bdd643632bb5c927cdb853f32e1db79c92c2

HTTP Headers

GET /vv029_mg/img/flags.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 6739
last-modified: Fri, 06 May 2022 12:07:36 GMT
etag: "62750f88-1a53"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DL2cWWlRkc9MuQfekJqZj38sROcdty4AE7u%2FNcARv40Z%2BFE1wjMXbN6qexCRGXG5qK1pTe8Zq%2FQuknOJy3xGV%2Fkf5YY1V69bWf3a8aKC5F1tOPANbjH1dHOCMMN%2Fw5AehOUOZu0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eef7d640b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/vv029_mg/js/main.js

188.114.96.1

200 OK

6.2 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/js/main.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (6403), with no line terminators
Size
6.2 kB (6185 bytes)
Hash
14331311ca6e79b7db1538513c8b0a05
8cc469f8da8a253565555fc357e276565adde576
6c27d2d0cb3b28725bfe8caeefbf4894ae6f4974bf8af9e85c963a3063d7c307

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vv029_mg/js/main.js HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: application/javascript
last-modified: Fri, 06 May 2022 12:12:52 GMT
etag: W/"627510c4-1829"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCbxAx7uWAbhmcD%2BZ70j13fSKTUYmrtBHv9%2FOsZ5Pg1EGUKOwgK8VOIloN0RUCb8Unn9WA1q7%2F8zzl49DodUHp3dpJGNn7Jdi0ryvF5xRtyFUzzIAsfDMVcoJ6kitEeW6V1UTfg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f660b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/vv029_mg/index.php

188.114.96.1

200 OK

21 kB

URL User Request GET HTTP/3
happywithvegas.com/vv029_mg/index.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type

Size
21 kB (21353 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vv029_mg/index.php HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:18 GMT
content-type: text/html; charset=UTF-8
set-cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f; expires=Wed, 24-May-2023 21:25:18 GMT; Max-Age=86400; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6o88n0ufpLJLveXziUY%2BHsqnQlHKeiC64FAGNabCXkdpARAYGhuyYR6u45uIvZKttW%2Fu5KaBOrdXF5imIUPmrxzAjkclWZMitkz5zBza53%2FitF%2FCMOAnSKovdkNRUWG%2B6pS41ds%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cc05ee64a960b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/vv029_mg/img/preloader.svg

188.114.96.1

200 OK

626 B

URL GET HTTP/3
happywithvegas.com/vv029_mg/img/preloader.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML document text\012- exported SGML document, ASCII text, with very long lines (680), with no line terminators
Size
626 B (626 bytes)
Hash
d55ac89e66c1b935f0e76f6f87c31e33
f3c323f6c9142fd432f70761deae20d79c957238
1e246bc3034629b11d411a01ea9a536c5ec991beca02fa3bc6481f96a2db8aab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vv029_mg/img/preloader.svg HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: W/"615ef874-272"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6s8kSryOVNsxZCCvi4%2FLYzCbAxDauZtL6d0cEn%2BrQKkoojxSXAAlma%2F%2BIg02vtVoN8dn9hRoL%2B8HyXf%2BbCt%2FvBLxuNPg0eQxTz8r6xL%2BSXjuABFAasvo7g5yWVG69U%2Bmc3j6P1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f630b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/vv029_mg/img/lang-arr.png

188.114.96.1

200 OK

1.1 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/img/lang-arr.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
PNG image data, 13 x 8, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1064 bytes)
Hash
90cac70809f117b7b119e434f4361e9c
85351468b3fe911d79ce06ffce827b3e41e2ef80
f58b65b14d6339c11b682e7debd706acb89858294a4dc589c2d31538acc94a68

HTTP Headers

GET /vv029_mg/img/lang-arr.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 1064
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-428"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BD9cwvu8bwW4wgTCZR4UbWKFGXrsVmqh6RnlBCs4b37C8gQhLt9d15d1pDyYcjIk5W9tXWdwJOpOhIazPo5XyjD%2BqElYokL6cz4Tpmp1o8YTN%2F9ONQ4x5E6qJD3N23WBP3q%2FHiM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eec59a10b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/vv029_mg/img/steps.png

188.114.96.1

200 OK

11 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/img/steps.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
PNG image data, 910 x 108, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11047 bytes)
Hash
95ae76b0c8d8534f41b121c41db436bb
d309abe6fc2cc7ff2c6a1948dca80ccd2c02a76c
2ff519fc8ae59f8d4f67d1003644f1b5958e165e8d59bdc99b00a536a3880c8a

HTTP Headers

GET /vv029_mg/img/steps.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/png
content-length: 11047
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-2b27"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7U7%2FUgp1frKYJcVLGqwarcxDHV0kbG9MrVn77dvngIsnAhSHlDpB1aLWRrtPjr9i0lRL6cyUxR5KKpVzNOqs%2BmYyQTV8lXDHK5zJ1iM1uwUyZG9rR5qWYTql8D%2Fdcyl3muoQY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eec59a60b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,700,800&display=swap&subset=cyrillic

142.250.74.106

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,700,800&display=swap&subset=cyrillic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text
Size
11 kB (11356 bytes)
Hash
0a59b4bd6c8460df367a74e8f6282790
84382d208cbb987d24061b9659e13b7183541a8d
90ceec400590888d429de8f59127c5d22396a81c3e2af31df7f84917e251a726

HTTP Headers

GET /css?family=Open+Sans+Condensed:700|Open+Sans:400,700,800&display=swap&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 23 May 2023 21:25:19 GMT
date: Tue, 23 May 2023 21:25:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

happywithvegas.com/vv029_mg/img/logo-en.svg

188.114.96.1

200 OK

13 kB

URL GET HTTP/3
happywithvegas.com/vv029_mg/img/logo-en.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://happywithvegas.com/vv029_mg/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
13 kB (12728 bytes)
Hash
17ec10fc9dae9f9d35920edebf3941a2
9229658dc8618295ba4910e0a8bab2aac20648f7
bf112cef8f6c784d9cbb053f146655b56fd4c41df762ef837941e0ae061ab4b8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /vv029_mg/img/logo-en.svg HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php
Cookie: mongo_sess=dcc01397469fd8323ac178b117aaf48f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 23 May 2023 21:25:19 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: W/"615ef874-31b8"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLhuMTgRSSu%2FlronEf9tiXtqK%2FHUUSAX1ySTxiDr10cF4gD8%2B%2B0CPL8AkrX8tJMoI8z8xPU5v4cvGVHOC49vB%2BdMcWLb08QWhHxCtVCugSrchT%2FhiHcyonFcVPHNBzqkpL30K0s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05eea9f610b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

happywithvegas.com/landingpages/vv029_mg/index.php

188.114.96.1

302 Found

21 kB

URL User Request GET HTTP/2
happywithvegas.com/landingpages/vv029_mg/index.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT

File type

Size
21 kB (21353 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /landingpages/vv029_mg/index.php HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 23 May 2023 21:25:18 GMT
content-type: text/html
location: https://happywithvegas.com/vv029_mg/index.php
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pb4XcLcLOm4%2B3kgaxsapBJWJHchHlhBtf3FpMG7YRUiQAai55aMAVIaM2%2BGaTWO8o%2F52ryc9AB7hh3CaA5KzJRGtryNzK4xYpeWMTpcm78kfraFV7ZjSFIHNb6OlyEK8XQA9Ws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cc05ee528c30b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP