ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 732ed209e10454157ef1d4fd0b1626ad
bfa02e7cac5d8912d0a7e41d13cc41096fc5fb61
7a1a679c21f79a9bd2df2fe75fdb6da354f0573a50dc14d425f939f176fe7ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 21:24:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
happywithvegas.com/vv029_mg/img/partners-pay.png
188.114.96.1200 OK 21 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/partners-pay.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 942 x 202, 8-bit colormap, non-interlaced\012- data
Hash 59ffeaabc7d9d42b66ec2e83ff788ab0
383ee5549648117ece4c72eefa61e87b4cc7b25c
3fef5f2da047a7b01fd2f20b4901e61d6647ba3b61ad553709e4db0f05ef7807
GET /vv029_mg/img/partners-pay.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: image/png
content-length: 20801
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-5141"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKIxIxeU4DJ0qJQ1eldwRgENBmKYitiDJ9NZBVydx%2FbdXKZ3Hp5cFW%2BCr2htW0jtfVKBE%2FCJdc20v7lq%2FutlPlzLoBE5MQWv73%2ByCjYBaGyAEjz0wRBqHrE8Jc0zipfoM6gLfYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df0191cb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/partners-pay-mob.png
188.114.96.1200 OK 20 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/partners-pay-mob.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 437 x 278, 8-bit colormap, non-interlaced\012- data
Hash 0d4722f919360be049732b86ee2b28eb
2f53d8b2e6d6369cfc99de2a20889aa790128450
796f1b6b93e57aea3d7b4d34a6e83b39e9e5719b7aced0a62a7af259894a3d40
GET /vv029_mg/img/partners-pay-mob.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: image/png
content-length: 20008
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-4e28"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sve8vKoPGAwVnEyiFOZZ3CAxfL14EdwPvj5SvSKprD8SwDNVpZ1%2FdlvXlIU41nn1BS4aWXq%2BPhB1RHxktYvSKp%2BY2infA052iTSzJNzPwgLhRLm1YTNB1FETxa0cJjJqajKMGLk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df0191fb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/logo-ru.svg
188.114.96.1200 OK 4.0 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/logo-ru.svg
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 582d2be4e52144a37fdb8497b23d4045
1ccbef08fe3d5e6a86254766d2e6f448714a07f7
1b7cf9149755f569c9e5421398348067d327237b0b273d903f6151c34ce10ccd
Analyzer Verdict Alert fortinet Phishing
GET /vv029_mg/img/logo-ru.svg HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: W/"615ef874-3aae"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPRfYz6OaJ4OVxgi5T%2FD7jaYchA%2F97ldcSkjLTlaaxJhCobFwvcIvHeVcVvW2ozJNvEgupA%2FhNNcNU0wmR3ypB3w73gNYVhoFRKM%2Ff4obae3bEmlnXrlvLsJW35Kdkl5I%2FZC8NI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df01919b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/lang-arr.png
188.114.96.1200 OK 1.1 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/lang-arr.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 13 x 8, 8-bit/color RGBA, non-interlaced\012- data
Hash 90cac70809f117b7b119e434f4361e9c
85351468b3fe911d79ce06ffce827b3e41e2ef80
f58b65b14d6339c11b682e7debd706acb89858294a4dc589c2d31538acc94a68
GET /vv029_mg/img/lang-arr.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: image/png
content-length: 1064
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-428"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEhae94utawj8MAHRY3Qxk9aS6PSfp6X8wDxPTYbnzD2PnzmtEcVFf92iR9QI4FrPChfqeKESk%2FW5%2BZLdu4RU%2FdKSnMu09AhjxVtkpPtkF85cKr2mfte2YK%2FQ4qLvgPknParSc0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df13a96b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/steps.png
188.114.96.1200 OK 11 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/steps.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 910 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash 95ae76b0c8d8534f41b121c41db436bb
d309abe6fc2cc7ff2c6a1948dca80ccd2c02a76c
2ff519fc8ae59f8d4f67d1003644f1b5958e165e8d59bdc99b00a536a3880c8a
GET /vv029_mg/img/steps.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: image/png
content-length: 11047
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-2b27"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1iQT3CnhFK8oXwwOcanEV6OTzNt1iA5dQb8eEs38dzU6nx1w69KlwHcOmP20cA9A4AOKTi8iycqvjRxTrM0rAl%2F0g%2B1Jj0HkPfOhIs%2FLqkpxksG2%2FCsps1IsTA%2BCvaJO6jRcRE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df13a9cb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/sh.png
188.114.96.1200 OK 15 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/sh.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 1312 x 179, 8-bit colormap, non-interlaced\012- data
Hash d05b1cffd4aaafc4f51e653cbb9c63af
96659960d7d9f973d2e12d54cb0a4479f4ecd5b7
f1e809b49aa58ce92de5cb4bf2536d65b3a0e2e006816db1999804e5940d1d81
GET /vv029_mg/img/sh.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: image/png
content-length: 14796
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-39cc"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxO1Y3MhO0e9ce%2FT9JLxPkGzzLxPhWa6R0Mqqha3b2T4c61F4NRWkkYphz4AuGrYfiH1Py1Im4YyVJHurI7cH%2BUgynm%2ByQfy9LO%2B30NUKsK5Ke%2B9Rcg8fDHfzocvGKx4%2F7e01IM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df13aa6b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ec5e2945678cfa7511125f457063f33d
b4b501c267d6bdc3f26d9fb93de3c562576dde94
e7bf71c2fc9c590f69f274f44eff79815790824351aa636fdd59d857adec92dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 21:24:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ec5e2945678cfa7511125f457063f33d
b4b501c267d6bdc3f26d9fb93de3c562576dde94
e7bf71c2fc9c590f69f274f44eff79815790824351aa636fdd59d857adec92dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 21:24:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
happywithvegas.com/vv029_mg/img/logo-en.svg
188.114.96.1200 OK 53 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/logo-en.svg
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 17ec10fc9dae9f9d35920edebf3941a2
9229658dc8618295ba4910e0a8bab2aac20648f7
bf112cef8f6c784d9cbb053f146655b56fd4c41df762ef837941e0ae061ab4b8
Analyzer Verdict Alert fortinet Phishing
GET /vv029_mg/img/logo-en.svg HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: W/"615ef874-31b8"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kyH970Qfdf0IXJnrd4D5tTCp9wMCs3B5NpkMKQTOZSSfH0ZX3VRoTWNYlLAuWX28Y7O5mVVxUjyLzmNoSUGqIzuyb7LWI9nP30mc%2FkrX07CiLmvRiAAWtOk6HJ97y7JKFO5xiQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df01915b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ec5e2945678cfa7511125f457063f33d
b4b501c267d6bdc3f26d9fb93de3c562576dde94
e7bf71c2fc9c590f69f274f44eff79815790824351aa636fdd59d857adec92dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 21:24:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
happywithvegas.com/vv029_mg/img/pers-1.png?1
188.114.96.1200 OK 355 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/pers-1.png?1
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 628 x 534, 8-bit/color RGBA, non-interlaced\012- data
Size 355 kB (355018 bytes)
Hash 49e11a3fa925b62eac7b3d30105e6614
3aff6a2eb0148f1ca31f5ee8b28baddce79512cf
9358b4930b055aec528e70b98c788f0b8185651265525370ad0b791d1674c098
GET /vv029_mg/img/pers-1.png?1 HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: image/png
content-length: 355018
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-56aca"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ms9j27B7IsH0usNB8V0TqPRbfOF0usezVEs8cvOBun68sQiOX2r5EHpRz8mWedWPs%2BIyU2S56M76lspLOSlpHJiGSH%2BNiytHyDhjcS5mafylzd0MF4lvCHpTHg%2BcLtMl2HMmu5Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df13aa1b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/bg-main.jpg
188.114.96.1200 OK 322 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/bg-main.jpg
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x647, components 3\012- data
Size 322 kB (321509 bytes)
Hash 9fee11f9e7686aef9f041c2a35743000
131ce37a409f999034b4e4455e857e90df50a703
89b56c8627f146d4f7d62276c532e60305bd53c93f5a132924b9646156b5ed18
GET /vv029_mg/img/bg-main.jpg HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: image/jpeg
content-length: 321509
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-4e7e5"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQblcSG3G%2BZQF1It4pdBWkazOUOGhQqlJXClBREcL%2BPn7KhDZZ7jr1fvHPBHjGNaqtI1Bbze4o%2F8HSw%2Bmb%2Bj%2F579d0a3qi4S2M6m9owBXXPnRtfxq2%2B9sMNDGW6RXl96%2FhclC5w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df13a98b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/pers-2.png
188.114.96.1200 OK 352 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/pers-2.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 628 x 534, 8-bit/color RGBA, non-interlaced\012- data
Size 352 kB (351554 bytes)
Hash 2e3546803ba6d3e1bf572ea0ad541de8
4a771d80b229a5acf4713930cd48f9fb553b8ac7
2526665440142177e7aa023e3d54584ef6fe259ae4ea87f1c9506a85395c6938
GET /vv029_mg/img/pers-2.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: image/png
content-length: 351554
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-55d42"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=US1iGI5XtIFqbTf99n7tHnApxu9bkx9ajWXO5%2BC3femsMjMhq614BgHLrYoIrtJaR9CXRlB6gcTwLAcs0G3lQGYbHSg1q9fKs0a2qVPQtT1hjwBvsF9hCRmxhTC6znyF7YnIoUc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df13aa3b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/js/jquery.min.js
188.114.96.1200 OK 48 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/js/jquery.min.js
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (32030), with CRLF line terminators
Hash 5b5a269bd363e0886c17d855c2aab241
042dd055cd289215835a58507c9531f808e1648a
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
Analyzer Verdict Alert fortinet Phishing
GET /vv029_mg/js/jquery.min.js HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: application/javascript
last-modified: Fri, 06 May 2022 12:13:01 GMT
etag: W/"627510cd-152b9"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8Wz4Y3K6CoMRUKDB%2BAHwpBPURG%2FxlpV9PgM%2BYN4PD77bQtyE4TYCm9a%2B5bgmHFw7vIsRn0KALbYMQg3NZEbJCPNHW%2BdzI9PphqZtVsTJzN35rtEJnajNpfOkdwhvntbqBZg%2BUE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df02923b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Hash 31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://happywithvegas.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 11:49:35 GMT
expires: Fri, 17 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 466504
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ec5e2945678cfa7511125f457063f33d
b4b501c267d6bdc3f26d9fb93de3c562576dde94
e7bf71c2fc9c590f69f274f44eff79815790824351aa636fdd59d857adec92dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 May 2023 21:24:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
happywithvegas.com/vv029_mg/img/favicon.png
188.114.96.1200 OK 1.9 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/favicon.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b22c0d7f4ba85138e1d468331d5d841
1aeadd90089f343b40cab6121a87467baa469531
1755f9d5022561b6edb124c71907d7d90faf763651ebb4906f03cc47aa5f6def
GET /vv029_mg/img/favicon.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: image/png
content-length: 1941
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: "615ef874-795"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bp5N7qQBq4qeffwcOKZS%2B8bLAyVNyyKIfbdParTPht%2FL3sGkfxaFCh%2F6gfvpzKB13YBbZpXii8sk7bqmDX7lzQYAGHwxgxLh0n6aUA3nXhWiRUkDLMXI767qnPnsG%2FnBIJW6MkA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df31d3db509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/img/flags.png
188.114.96.1200 OK 6.7 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/img/flags.png
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type PNG image data, 16 x 224, 8-bit/color RGBA, non-interlaced\012- data
Hash 3015b784ecf600c33c41110e133cf4b9
80d8857d64933292def3fc0dde6007e1bae44351
06819193e640d047669a343a4427bdd643632bb5c927cdb853f32e1db79c92c2
GET /vv029_mg/img/flags.png HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/css/style.css?1
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: image/png
content-length: 6739
last-modified: Fri, 06 May 2022 12:07:36 GMT
etag: "62750f88-1a53"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfYLu%2FW6LqeAj4La3CIWPmKOZ2w4uX8BZ%2BY6yWksN0Swsgjw4jbPQtS78CqDRwo%2BBI%2B6Djo4l%2B5caoU0iva8ONpNEaEKhMji8t2xYN7VOFpCosGqidjvIkQ8YBPz0FcqhVRK80c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df34d79b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/js/main.js
188.114.96.1200 OK 6.2 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/js/main.js
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (6403), with no line terminators
Hash 14331311ca6e79b7db1538513c8b0a05
8cc469f8da8a253565555fc357e276565adde576
6c27d2d0cb3b28725bfe8caeefbf4894ae6f4974bf8af9e85c963a3063d7c307
Analyzer Verdict Alert fortinet Phishing
GET /vv029_mg/js/main.js HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: application/javascript
last-modified: Fri, 06 May 2022 12:12:52 GMT
etag: W/"627510c4-1829"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnhUWUjHTNTCV9hwm52jWowPDJIuCjCzMOTvNHD2WfUQ%2BOBzPpMCU6DaCq5t5mhwI4J6r9WOMy5PmmpMqu1X%2BZHW16QOUwaNjkrd9NMm7eltlZZz6V%2FGPrz6ed%2B65QMBjM5wJkQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df02929b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
IP 216.58.207.227:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 16324, version 1.0\012- data
Hash f43fa5b4f6366eae0039e4e49db645de
d7fec074ba8b6e69bec4a995ea722d3d1513ad43
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://happywithvegas.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:48 GMT
expires: Thu, 16 May 2024 00:16:48 GMT
cache-control: public, max-age=31536000
age: 594471
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
happywithvegas.com/landingpages/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
188.114.96.1302 Found 22 kB URL User Request GET HTTP/2 happywithvegas.com/landingpages/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
IP 188.114.96.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /landingpages/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_ HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 23 May 2023 21:24:38 GMT
content-type: text/html
location: https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tg9Sc46iXc%2BJdk4oWLFhANJagENbCGxUt8fI9EhvhrjN7m4ra1O4idJPlc34PNDaDs5nx0DGEK5qKgm%2FTTXga%2BAjgrInLvi46yFC9am3PYBjHfAaLIUGQ%2FrVP%2FpNGv3xa4b2TOs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cc05deb8e88b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
happywithvegas.com/vv029_mg/img/preloader.svg
188.114.96.1200 OK 626 B URL GET HTTP/3 happywithvegas.com/vv029_mg/img/preloader.svg
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- exported SGML document, ASCII text, with very long lines (680), with no line terminators
Hash d55ac89e66c1b935f0e76f6f87c31e33
f3c323f6c9142fd432f70761deae20d79c957238
1e246bc3034629b11d411a01ea9a536c5ec991beca02fa3bc6481f96a2db8aab
Analyzer Verdict Alert fortinet Phishing
GET /vv029_mg/img/preloader.svg HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Oct 2021 13:39:00 GMT
etag: W/"615ef874-272"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEVDak487syQg4v2B%2FEcYVnqm%2BqC1NLt%2BOLmncd41VKsV0CXdotKRmTXRLnfCBuDecRzjuxSEgfjk%2B4CY0cdSFFkXMMimml6MpG%2FE0UJG7FjdHR7dApbvZ7xctECMnLGTaOv7x8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df01918b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/css/style.css?1
188.114.96.1200 OK 17 kB URL GET HTTP/3 happywithvegas.com/vv029_mg/css/style.css?1
IP 188.114.96.1:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
Hash 6b041e5cdf382c0a301009d4df130af2
37ebf7ac7bd083db4b3e8550042e9a32e48a5bd9
4abc0858b98726606694c01363243cee86b07e072e9dde8856d27a7bd6c8ed0a
GET /vv029_mg/css/style.css?1 HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:39 GMT
content-type: text/css
last-modified: Fri, 06 May 2022 12:15:43 GMT
etag: W/"6275116f-4326"
cache-control: public, no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeID0bi8beSLqvZqo3W891p75sVl5EbQWngP3UqUyOJoYgXLw50MmNuVdW1EZdCYzWt7%2BWd0%2FqVeEkMu5N9p6cyc26sj%2BdG6LnCXq6%2FBPpZRJQuTkJRgvNNhwrQtH6FuypbHA3o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc05df01906b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
188.114.96.1200 OK 22 kB URL User Request GET HTTP/3 happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
IP 188.114.96.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:F8:9F:73:28:16:09:39:9D:54:00:5D:56:66:8F:4E:E4:2E:89:C8
ValiditySun, 28 Aug 2022 00:00:00 GMT - Mon, 28 Aug 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_ HTTP/1.1
Host: happywithvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 May 2023 21:24:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: mongo_sess=11deb937df2b0e290ab9d3ceb8bb0dba; expires=Wed, 24-May-2023 21:24:38 GMT; Max-Age=86400; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XT8Py3l2eo4Ge8XhlHRoN06TlxHQkZg8XaqdfaQLVfZJHOOeV93%2F9lMFuqaFEaqsEuvr5fSocfbue36apah9BmwAGf6rN3zln5ry%2BBx%2FRGmEo8FXqSV5VtRgic9cXYcPcfA6En8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cc05dec7c51b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,700,800&display=swap&subset=cyrillic
142.250.74.106200 OK 11 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,700,800&display=swap&subset=cyrillic
IP 142.250.74.106:443
Requested by https://happywithvegas.com/vv029_mg/index.php?ref=vp_w162765c132529l9944gusp286_
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
Hash 0a59b4bd6c8460df367a74e8f6282790
84382d208cbb987d24061b9659e13b7183541a8d
90ceec400590888d429de8f59127c5d22396a81c3e2af31df7f84917e251a726
GET /css?family=Open+Sans+Condensed:700|Open+Sans:400,700,800&display=swap&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happywithvegas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 23 May 2023 21:24:39 GMT
date: Tue, 23 May 2023 21:24:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2