vegashero2.com Open in urlscan Pro
185.207.199.248 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gm9cn.com/wu40a3h
Effective URL:
https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Submission Tags: falconsandbox
Submission: On November 17 via api (November 17th 2025, 6:06:49 pm UTC) from US — Scanned from DE

Summary HTTP 277 Redirects Behaviour Indicators

Summary

This website contacted 60 IPs in 13 countries across 61 domains to perform 277 HTTP transactions. The main IP is 185.207.199.248, located in Marshall Islands and belongs to CLOUDFLARENET, US. The main domain is vegashero2.com.
TLS certificate: Issued by WE1 on October 12th 2025. Valid for: 3 months.

This is the only time vegashero2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.198.48 172.67.198.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	185.207.196.148 185.207.196.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.207.199.61 185.207.199.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 163	185.207.199.248 185.207.199.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.214.0.104 52.214.0.104	16509 (AMAZON-02) (AMAZON-02)
1	52.49.104.56 52.49.104.56	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	188.166.63.236 188.166.63.236	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	104.18.95.41 104.18.95.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:710... 2a02:26f0:7100::210:139	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2600:9000:20b... 2600:9000:20b4:a200:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:7e00:202... 2a0b:7e00:202:2701::5	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	37.157.6.243 37.157.6.243	198622 (ADFORM Ad...) (ADFORM Adform A/S)
2	2606:4700::68... 2606:4700::6812:13e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.220.208.29 54.220.208.29	16509 (AMAZON-02) (AMAZON-02)
2	104.18.94.41 104.18.94.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	37.157.5.87 37.157.5.87	198622 (ADFORM Ad...) (ADFORM Adform A/S)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 2	35.214.183.184 35.214.183.184	19527 (GOOGLE-2) (GOOGLE-2)
1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
9	37.157.2.235 37.157.2.235	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	37.157.5.49 37.157.5.49	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	52.17.172.159 52.17.172.159	16509 (AMAZON-02) (AMAZON-02)
1	95.100.184.137 95.100.184.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.29.115.198 52.29.115.198	16509 (AMAZON-02) (AMAZON-02)
1	149.202.238.105 149.202.238.105	16276 (OVH OVH SAS) (OVH OVH SAS)
1	3.69.181.172 3.69.181.172	16509 (AMAZON-02) (AMAZON-02)
6	35.214.136.108 35.214.136.108	19527 (GOOGLE-2) (GOOGLE-2)
2 4	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	77.243.51.122 77.243.51.122	42697 (NETIC-AS ...) (NETIC-AS Netic A/S)
2	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
3	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.220.174.14 54.220.174.14	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	89.163.240.122 89.163.240.122	24961 (MYLOC-AS ...) (MYLOC-AS WIIT AG)
1 1	91.210.226.39 91.210.226.39	48314 (IP-PROJEC...) (IP-PROJECTS Michael Sebastian Schinzel trading as IP-Projects GmbH & Co. KG)
5 5	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	80.82.210.217 80.82.210.217	24961 (MYLOC-AS ...) (MYLOC-AS WIIT AG)
1	103.231.98.109 103.231.98.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.173.205.128 18.173.205.128	16509 (AMAZON-02) (AMAZON-02)
2 3	34.102.136.131 34.102.136.131	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	52.214.80.236 52.214.80.236	16509 (AMAZON-02) (AMAZON-02)
2	3.122.165.18 3.122.165.18	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS WIIT AG)
2 2	35.210.130.15 35.210.130.15	15169 (GOOGLE) (GOOGLE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH OVH SAS) (OVH OVH SAS)
2 2	35.190.24.218 35.190.24.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:600... 2a04:4e42:600::644	54113 (FASTLY) (FASTLY)
1	34.1.242.226 34.1.242.226	19527 (GOOGLE-2) (GOOGLE-2)
1	91.185.218.28 91.185.218.28	51859 (MNSHA-AS ...) (MNSHA-AS Mainstream doo Beograd)
1	54.36.150.183 54.36.150.183	16276 (OVH OVH SAS) (OVH OVH SAS)
2	37.187.82.52 37.187.82.52	16276 (OVH OVH SAS) (OVH OVH SAS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	35.156.243.179 35.156.243.179	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.251 51.89.9.251	16276 (OVH OVH SAS) (OVH OVH SAS)
1 1	99.84.152.75 99.84.152.75	16509 (AMAZON-02) (AMAZON-02)
2 3	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	23.59.16.30 23.59.16.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	57.129.18.111 57.129.18.111	16276 (OVH OVH SAS) (OVH OVH SAS)
1	3.230.248.29 3.230.248.29	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f10:4ce... 2600:1f10:4ce4:4a02:8e9:90a7:8e89:68ae	14618 (AMAZON-AES) (AMAZON-AES)
1 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	206.189.8.180 206.189.8.180	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
277	60

1 172.67.198.48 (Ascension Island) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gm9cn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.207.196.148 (Marshall Islands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vgr.naralvin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gamification-widgets.platform-mega.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tournaments-gateway-prod.platform-mega.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.207.199.61 (Marshall Islands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

evega5ge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

163 185.207.199.248 (Marshall Islands) 2 redirects

ASN13335 (CLOUDFLARENET, US)

vegashero2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

cdn.seondf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.0.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-0-104.eu-west-1.compute.amazonaws.com

1ce9b5295a9b238836f42b27e515f96c.seondnsresolve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.104.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-104-56.eu-west-1.compute.amazonaws.com

eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondnsresolve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.63.236 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.95.41 (Ascension Island) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:7100::210:139 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

tm.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.ads.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20b4:a200:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:7e00:202:2701::5 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.243 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:13e (None, )

ASN13335 (CLOUDFLARENET, US)

admaxium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtg.admaxium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.208.29 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-208-29.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.94.41 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.87 (Denmark) 1 redirects

ASN198622 (ADFORM Adform A/S, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.183.184 (Groningen, Netherlands) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 184.183.214.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)

20872977p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.2.235 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.49 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.172.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-172-159.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.184.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-184-137.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.115.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-115-198.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.202.238.105 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip105.ip-149-202-238.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.181.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-172.eu-central-1.compute.amazonaws.com

user-sync.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.214.136.108 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.27.193 (Ascension Island) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.243.51.122 (Aalborg, Denmark)

ASN42697 (NETIC-AS Netic A/S, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.174.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-174-14.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.163.240.122 (Germany) 3 redirects

ASN24961 (MYLOC-AS WIIT AG, DE)
PTR: cm45.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.210.226.39 (Germany) 1 redirects

ASN48314 (IP-PROJECTS Michael Sebastian Schinzel trading as IP-Projects GmbH & Co. KG, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.82.210.217 (Wuppertal, Germany)

ASN24961 (MYLOC-AS WIIT AG, DE)

dsp-cookie.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.98.109 (Japan)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.205.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-128.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.136.131 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 131.136.102.34.bc.googleusercontent.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.214.80.236 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-80-236.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.165.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-165-18.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS WIIT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.130.15 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 15.130.210.35.bc.googleusercontent.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::644 (United States)

ASN54113 (FASTLY, US)

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.1.242.226 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 226.242.1.34.bc.googleusercontent.com

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.185.218.28 (Slovenia)

ASN51859 (MNSHA-AS Mainstream doo Beograd, RS)

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.150.183 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip183.ip-54-36-150.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.187.82.52 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31746890.ip-37-187-82.eu

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.243.179 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-243-179.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.152.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-152-75.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.0.160.131 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.59.16.30 (Hamburg, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-59-16-30.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 57.129.18.111 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: haproxy-eu-013.roqad.pl

wt.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.230.248.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-248-29.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f10:4ce4:4a02:8e9:90a7:8e89:68ae (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.189.8.180 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

consent.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
163	vegashero2.com 2 redirects vegashero2.com	2 MB
13	adform.net 1 redirects s2.adform.net — Cisco Umbrella Rank: 7590 track.adform.net — Cisco Umbrella Rank: 4486 a1.adform.net — Cisco Umbrella Rank: 16039 c1.adform.net — Cisco Umbrella Rank: 772	40 KB
11	platform-mega.com gamification-widgets.platform-mega.com tournaments-gateway-prod.platform-mega.com	712 KB
6	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 459	734 B
5	doubleclick.net 5 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 317	3 KB
4	demdex.net 3 redirects dpm.demdex.net — Cisco Umbrella Rank: 302	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	3 KB
4	rfihub.com 2 redirects 20872977p.rfihub.com p.rfihub.com — Cisco Umbrella Rank: 945 a.rfihub.com — Cisco Umbrella Rank: 2895	8 KB
4	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 1874	17 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 14613	1 KB
3	adsafety.net 3 redirects cm.adsafety.net — Cisco Umbrella Rank: 33903	4 KB
3	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 583	182 B
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 2279 load77.exelator.com — Cisco Umbrella Rank: 5517	2 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2827	670 B
3	sportradar.com tm.ads.sportradar.com — Cisco Umbrella Rank: 74489 tracker.ads.sportradar.com — Cisco Umbrella Rank: 81158	64 KB
2	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 929	655 B
2	onaudience.com pixel.onaudience.com — Cisco Umbrella Rank: 2921	198 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14428	628 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1988	751 B
2	agkn.com aa.agkn.com — Cisco Umbrella Rank: 635	613 B
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1117 image2.pubmatic.com — Cisco Umbrella Rank: 962	504 B
2	adition.com 1 redirects dsp-cookie.adfarm1.adition.com — Cisco Umbrella Rank: 2118 dsp.adfarm1.adition.com — Cisco Umbrella Rank: 9264	616 B
2	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2388 us-u.openx.net — Cisco Umbrella Rank: 593	556 B
2	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1069	688 B
2	sportradarserving.com 1 redirects a.sportradarserving.com — Cisco Umbrella Rank: 4062	3 KB
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 7118	839 B
2	admaxium.com admaxium.com — Cisco Umbrella Rank: 102153 rtg.admaxium.com — Cisco Umbrella Rank: 931892	1 KB
2	cookie-script.com cdn.cookie-script.com — Cisco Umbrella Rank: 16941 consent.cookie-script.com — Cisco Umbrella Rank: 33145	109 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	255 KB
2	seondnsresolve.com 1ce9b5295a9b238836f42b27e515f96c.seondnsresolve.com eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondnsresolve.com — Cisco Umbrella Rank: 53394	1 KB
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1165	175 B
1	liadm.com i.liadm.com — Cisco Umbrella Rank: 640	208 B
1	rqtrk.eu wt.rqtrk.eu — Cisco Umbrella Rank: 1422	350 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 984	493 B
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 1348	2 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 847	232 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 4423	44 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 549	140 B
1	mediarithmics.com cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 4529	180 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 33332	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 831	66 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1366	281 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 524	1 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 449	149 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 22424	445 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 43370	849 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 963	268 B
1	semasio.net uipglob.semasio.net — Cisco Umbrella Rank: 1794	239 B
1	fwmrm.net user-sync.fwmrm.net — Cisco Umbrella Rank: 1181	504 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 855	114 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 3619	59 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 596	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 8253	235 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 793	199 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 49255	605 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 3916	6 KB
1	seondf.com cdn.seondf.com — Cisco Umbrella Rank: 205625 Failed	191 KB
1	evega5ge.com 1 redirects evega5ge.com	414 B
1	naralvin.com 1 redirects vgr.naralvin.com	657 B
1	gm9cn.com 1 redirects gm9cn.com	515 B
0	adnxs.com Failed secure.adnxs.com Failed ib.adnxs.com Failed
277	61

	Domain	Requested by
163	vegashero2.com	2 redirects vegashero2.com
9	c1.adform.net	a1.adform.net c1.adform.net
9	tournaments-gateway-prod.platform-mega.com	vegashero2.com
6	x.bidswitch.net	c1.adform.net vegashero2.com
5	cm.g.doubleclick.net	5 redirects
4	dpm.demdex.net	3 redirects vegashero2.com
4	dsum-sec.casalemedia.com	2 redirects c1.adform.net vegashero2.com
4	challenges.cloudflare.com	1 redirects vegashero2.com challenges.cloudflare.com
3	a.audrte.com	2 redirects c1.adform.net
3	cm.adsafety.net	3 redirects
3	idsync.rlcdn.com	c1.adform.net vegashero2.com
3	region1.google-analytics.com	vegashero2.com
2	sync-tm.everesttech.net	1 redirects vegashero2.com
2	p.rfihub.com	2 redirects
2	pixel.onaudience.com	c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	aa.agkn.com	c1.adform.net vegashero2.com
2	loadm.exelator.com	2 redirects
2	ps.eyeota.net	c1.adform.net vegashero2.com
2	a.sportradarserving.com	1 redirects vegashero2.com
2	tracker.ads.sportradar.com	tm.ads.sportradar.com tracker.ads.sportradar.com
2	a1.adform.net	1 redirects vegashero2.com
2	segment.prod.bidr.io	1 redirects vegashero2.com
2	gamification-widgets.platform-mega.com	vegashero2.com gamification-widgets.platform-mega.com
2	www.googletagmanager.com	vegashero2.com www.googletagmanager.com
1	consent.cookie-script.com	vegashero2.com
1	partners.tremorhub.com	vegashero2.com
1	i.liadm.com	vegashero2.com
1	wt.rqtrk.eu	vegashero2.com
1	contextual.media.net	vegashero2.com
1	us-u.openx.net	vegashero2.com
1	image2.pubmatic.com	vegashero2.com
1	a.rfihub.com	vegashero2.com
1	live.rezync.com	1 redirects
1	onetag-sys.com	c1.adform.net
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	cookie-matching.mediarithmics.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	match.adsrvr.org	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	dsp-cookie.adfarm1.adition.com	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	uipglob.semasio.net	c1.adform.net
1	user-sync.fwmrm.net	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	server.seadform.net	vegashero2.com
1	20872977p.rfihub.com	c1.rfihub.net
1	rtg.admaxium.com	vegashero2.com
1	admaxium.com	www.googletagmanager.com
1	track.adform.net	www.googletagmanager.com
1	s2.adform.net	vegashero2.com
1	c1.rfihub.net	vegashero2.com
1	tm.ads.sportradar.com	vegashero2.com
1	cdn.cookie-script.com	vegashero2.com
1	eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondnsresolve.com	vegashero2.com
1	1ce9b5295a9b238836f42b27e515f96c.seondnsresolve.com	vegashero2.com
1	cdn.seondf.com	vegashero2.com
1	evega5ge.com	1 redirects
1	vgr.naralvin.com	1 redirects
1	gm9cn.com	1 redirects
0	ib.adnxs.com Failed	vegashero2.com
0	secure.adnxs.com Failed	c1.adform.net
277	76

This site contains no links.

Subject Issuer	Validity	Valid
vegashero2.com WE1	`2025-10-12` - `2026-01-10`	3 months	crt.sh
seondf.com WE1	`2025-11-13` - `2026-02-11`	3 months	crt.sh
*.seondnsresolve.com Amazon RSA 2048 M02	`2025-06-19` - `2026-07-18`	a year	crt.sh
eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondnsresolve.com Sectigo RSA Domain Validation Secure Server CA	`2025-03-03` - `2026-04-03`	a year	crt.sh
*.google-analytics.com WE2	`2025-10-27` - `2026-01-19`	3 months	crt.sh
88d0a580.sni.cloudflaressl.com WE1	`2025-10-17` - `2026-01-15`	3 months	crt.sh
*.cookie-script.com Sectigo Public Server Authentication CA DV R36	`2025-08-07` - `2026-09-07`	a year	crt.sh
platform-mega.com WE1	`2025-10-08` - `2026-01-06`	3 months	crt.sh
tracker.ads.sportradar.com R13	`2025-11-13` - `2026-02-11`	3 months	crt.sh
*.rfihub.net Amazon RSA 2048 M04	`2025-08-31` - `2026-09-29`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-09-05` - `2026-10-06`	a year	crt.sh
admaxium.com WE1	`2025-10-27` - `2026-01-25`	3 months	crt.sh
challenges.cloudflare.com WE1	`2025-10-23` - `2026-01-21`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2025-04-02` - `2026-04-27`	a year	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-10-27` - `2026-11-12`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M03	`2025-03-29` - `2026-04-27`	a year	crt.sh
*.yieldlab.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-06-12` - `2026-06-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2025-03-04` - `2026-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M04	`2025-05-19` - `2026-06-17`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-09` - `2026-02-09`	a year	crt.sh
*.fwmrm.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-10-29` - `2026-11-29`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-10-16` - `2026-01-10`	3 months	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2025-05-09` - `2026-06-09`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2025-04-01` - `2026-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2025-02-06` - `2026-03-05`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M04	`2025-08-10` - `2026-09-08`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2025-08-12` - `2026-08-19`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-02-19` - `2026-03-22`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M01	`2025-09-18` - `2026-10-16`	a year	crt.sh
*.agkn.com RapidSSL TLS RSA CA G1	`2025-09-18` - `2026-09-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	a year	crt.sh
id5-sync.com E8	`2025-11-01` - `2026-01-30`	3 months	crt.sh
*.teads.tv Thawte TLS RSA CA G1	`2025-05-18` - `2026-05-17`	a year	crt.sh
smaato.net Sectigo Public Server Authentication CA DV E36	`2025-09-01` - `2026-09-01`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2025-05-22` - `2026-06-05`	a year	crt.sh
*.mediarithmics.com GandiCert	`2025-02-24` - `2026-02-23`	a year	crt.sh
*.onaudience.com Go Daddy Secure Certificate Authority - G2	`2025-05-05` - `2026-05-27`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M03	`2025-02-11` - `2026-03-12`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2025-03-03` - `2026-04-01`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-21` - `2025-12-27`	a year	crt.sh
*.media.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-08-24` - `2026-08-25`	a year	crt.sh
*.rqtrk.eu RapidSSL TLS RSA CA G1	`2025-05-16` - `2026-05-15`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2025-07-01` - `2026-07-29`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M02	`2024-12-24` - `2026-01-23`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Frame ID: 9C86488CED2B4475C4F0864F087B09F2
Requests: 213 HTTP requests in this frame

Frame: https://vegashero2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/93954b626b88/main.js
Frame ID: 9FB4590A8525AEF473D2BB5BDADA9D2A
Requests: 2 HTTP requests in this frame

Frame: https://vegashero2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/93954b626b88/main.js
Frame ID: 34F1FE7EC32EA804AC2D487C99E0E4B0
Requests: 2 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/02fva/0x4AAAAAABfM5zGQSKJYP40V/auto/fbE/new/normal?lang=auto
Frame ID: F706A615C01E301307B8FE879FF1F84F
Requests: 1 HTTP requests in this frame

Frame: https://20872977p.rfihub.com/ca.html?ver=9&rb=55629&ca=20872977&_o=55629&_t=20872977&pe=https%3A%2F%2Fvegashero2.com%2Fde%2Fregistration&pf=https%3A%2F%2Fvegashero2.com%2Fregistration&ra=16429135775957737
Frame ID: 476071B3EC2F04AE92C96EF79C4A3A2B
Requests: 17 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Frame ID: 3FB360207CEF13D6CCB8471BDD9AE5A7
Requests: 40 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/7rg8i/0x4AAAAAABfM5zGQSKJYP40V/auto/fbE/new/normal?lang=auto
Frame ID: C7C4983348D2BDC8ED8827A18D703AE6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VegasHero

Page URL History Show full URLs

http://gm9cn.com/wu40a3h HTTP 307
https://gm9cn.com/wu40a3h HTTP 302
https://vgr.naralvin.com/?mid=249325_1747105&clickid=wu40a3h HTTP 302
https://evega5ge.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&c... HTTP 307
https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&c... Page URL
https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0f... Page URL

Detected technologies

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

277
Requests

85 %
HTTPS

12 %
IPv6

61
Domains

76
Subdomains

60
IPs

13
Countries

3731 kB
Transfer

13546 kB
Size

57
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gm9cn.com/wu40a3h HTTP 307
https://gm9cn.com/wu40a3h HTTP 302
https://vgr.naralvin.com/?mid=249325_1747105&clickid=wu40a3h HTTP 302
https://evega5ge.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h HTTP 307
https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h Page URL
https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gm9cn.com/wu40a3h HTTP 307
https://gm9cn.com/wu40a3h HTTP 302
https://vgr.naralvin.com/?mid=249325_1747105&clickid=wu40a3h HTTP 302
https://evega5ge.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h HTTP 307
https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Request Chain 21

https://vegashero2.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://vegashero2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/93954b626b88/main.js

Request Chain 43

https://vegashero2.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://vegashero2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/93954b626b88/main.js

Request Chain 89

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/93954b626b88/api.js

Request Chain 106

https://segment.prod.bidr.io/associate-segment?buzz_key=dsp&segment_key=dsp-36023&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=dsp&segment_key=dsp-36023&value=&_bee_ppp=1

Request Chain 155

https://a1.adform.net/Serving/TrackPoint/?pm=3855065&ADFPageName=vegashero.com%2Fde&ADFdivider=%7C&ord=67265845293&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJkZSJ9XX0&loc=https%3A%2F%2Fvegashero2.com%2Fde%2Fregistration&CPref=https%3A%2F%2Fvegashero2.com%2Fregistration&Set1=de-DE%7Cde-DE%7C1600x1200%7C24 HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3855065&ADFPageName=vegashero.com%2Fde&ADFdivider=%7C&ord=67265845293&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJkZSJ9XX0&loc=https%3A%2F%2Fvegashero2.com%2Fde%2Fregistration&CPref=https%3A%2F%2Fvegashero2.com%2Fregistration&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

Request Chain 162

https://a.sportradarserving.com/pixel?type=js&aid=3187&id=1002227 HTTP 302
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=3187&id=1002227

Request Chain 183

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3222801662044230557&expiration=1764612412 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3222801662044230557&expiration=1764612412&C=1

Request Chain 186

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3222801662044230557 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3222801662044230557&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 190

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=3222801662044230557 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12025111718a3bbc8e93450a514fad&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=aeb7746fbf805e00f1e60c7c6133e89b&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNTExMTcxOGEzYmJjOGU5MzQ1MGE1MTRmYWQ&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESENzwwPbnVgEfLC3SPB7cYec&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://dsp-cookie.adfarm1.adition.com/?ssp=6&gdpr_consent=&gdpr=1

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzIyMjgwMTY2MjA0NDIzMDU1Nw HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_error=3

Request Chain 196

https://a.audrte.com/a?adform_uid=3222801662044230557 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWkzZ2k2bXUtYjh3YlNJMEtUY1NCODEwaURnaEhKdy1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26aruid%3Dmi3gi6mu-b8wbSI0KTcSB810iDghHJw-ad HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWkzZ2k2bXUtYjh3YlNJMEtUY1NCODEwaURnaEhKdy1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26aruid%3Dmi3gi6mu-b8wbSI0KTcSB810iDghHJw-ad&google_tc= HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&aruid=mi3gi6mu-b8wbSI0KTcSB810iDghHJw-ad&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 197

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=3222801662044230557&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=3222801662044230557&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=05141824773391845900504280628775553245&noredirect=1

Request Chain 199

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1049&cid=7573757407285344620

Request Chain 200

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=awnApot71Vl3CQ5

Request Chain 203

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3670500618 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1145&cid=3kXntUEVQNUrvNh6DdFf/e

Request Chain 220

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588536831758359&referrer=https%3A%2F%2Fvegashero2.com%2Fregistration&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=66c9be0f-5d9b-47b5-bba3-23e96e2025d4%3A1763402813.0041907&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D66c9be0f-5d9b-47b5-bba3-23e96e2025d4%253A1763402813.0041907%26_%3D1763402813.0052736&cb=1763402813.005287 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=66c9be0f-5d9b-47b5-bba3-23e96e2025d4%3A1763402813.0041907&_=1763402813.0052736

Request Chain 221

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0NDU4ODUzNjgzMTc1ODM1OQ==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_error=1

Request Chain 223

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5144588536831758359&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5144588536831758359&redir=

Request Chain 226

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5144588536831758359&bid=omt9pi0

Request Chain 230

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5144588536831758359&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5144588536831758359&forward=&C=1

Request Chain 235

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=aRtkPAAEgBXG1wBi

277 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

registration Show response
vegashero2.com/
Redirect Chain

http://gm9cn.com/wu40a3h
https://gm9cn.com/wu40a3h
https://vgr.naralvin.com/?mid=249325_1747105&clickid=wu40a3h
https://evega5ge.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

425 KB
299 KB

146ms
96ms

Document
text/html

185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f438faa36c17edf2fb94ff23c349219d03db3c5c8940861ce9f93cf99cc0fcfe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age: 120
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=86400
cf-cache-status: HIT
cf-ray: 9a012a0da9a1e513-TXL
cf-ttl: 1763402750616
cf-vary: Accept-Encoding
content-encoding: br
content-type: text/html
date: Mon, 17 Nov 2025 18:06:50 GMT
last-modified: Mon, 17 Nov 2025 09:57:47 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 9a012a0cac92051f-TXL
content-length: 0
date: Mon, 17 Nov 2025 18:06:50 GMT
location: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
server: cloudflare
vary: Accept-Encoding

GET
H2 200 styles.ae7eaa0aaba7e744.css
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 137 KB
23 KB 71ms
70ms Stylesheet
text/css 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/styles.ae7eaa0aaba7e744.css
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 734fbb886c3b047ee3e289855ce263e47dc0282c9499b3ea52234fbd36f94e88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"99cadffc1a5d6856ca2bd0d1f2929d8a"
age: 387
cf-ray: 9a012a0e6bfee513-TXL
expires: Mon, 17 Nov 2025 21:58:45 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 17 Nov 2025 18:06:50 GMT
content-type: text/css
last-modified: Mon, 17 Nov 2025 09:57:36 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 BebasNeuePro-SemiExpRegular.1af91ba94912de9b.woff2
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 25 KB
26 KB 70ms
70ms Font
font/woff2 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/BebasNeuePro-SemiExpRegular.1af91ba94912de9b.woff2
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199af398a06b6ccdf5e4800d45328246f9e6199da03fe16d71fd2cd2f0c25b80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "2a95459d7ecffd6ea86b70c38cd2534a"
age: 120
cf-ray: 9a012a0e6c09e513-TXL
expires: Mon, 17 Nov 2025 22:03:25 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 26068
date: Mon, 17 Nov 2025 18:06:50 GMT
content-type: font/woff2
last-modified: Mon, 17 Nov 2025 09:57:25 GMT
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 292 KB
0 Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d515be5da5b65785436e59277291f50482846c6e0ee4a71324b85a978c9b66cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
H3 200 runtime.0935afd84428248f.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 5 KB
3 KB 67ms
66ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c99a097a01fdcdcb97a2c059ad03178e5f83a20c278d42f48624c194ab1714c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"877a24230477b4f642fe73f0e7312a07"
age: 120
cf-ray: 9a012a0e9d7633a5-TXL
expires: Mon, 17 Nov 2025 22:02:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:50 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:36 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 polyfills.82eea1a5a8ac9066.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 34 KB
13 KB 67ms
67ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b12a061fdce3f0e4043721091b1fa8951a4834e105fc060e29a63ad7a9a78c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"95887e14716b4834ef1118547d3e8f75"
age: 120
cf-ray: 9a012a0e9d7b33a5-TXL
expires: Mon, 17 Nov 2025 22:02:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:50 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:36 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 main.1a67283436efc815.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 3 MB
663 KB 86ms
86ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/main.1a67283436efc815.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 737a4d5d94f1f725d6d49da1acd629d8d56d6f37234615b9607463fa1aec1164

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"26df6cf21f6decd3646d0df29a342c72"
age: 120
cf-ray: 9a012a0e9d7d33a5-TXL
expires: Mon, 17 Nov 2025 22:02:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:50 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:36 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET agent.umd.js
cdn.seondf.com/js/v6/ 0
0

GET
H3 200 info
vegashero2.com/en/api/v3/project/ 147 B
1 KB 97ms
97ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/en/api/v3/project/info?fields=payment

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: z70fFRK2zusLxJarBFTLezZr7fuII-NHqMgn6uNL
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: ccb00311-3a12-4ef0-ae73-272b69f6a93b
content-encoding: br
cf-cache-status: HIT
age: 120
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402751963
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:04:51 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=300
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 27
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a110cc133a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H3 200 9878.361f739b6ebc28b3.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
40 KB 73ms
72ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/9878.361f739b6ebc28b3.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"eeaead8b773c70d2f4e6a3bcacf4abce"
age: 120
cf-ray: 9a012a110cca33a5-TXL
expires: Mon, 17 Nov 2025 21:58:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 6645.bbfc5cecf75d71a1.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
6 KB 75ms
74ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/6645.bbfc5cecf75d71a1.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1b7f980f5aa468e461844eb9fbf74b66"
age: 120
cf-ray: 9a012a110cd033a5-TXL
expires: Mon, 17 Nov 2025 21:58:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 795.5d55cb1ad0b4dda4.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
2 KB 87ms
86ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/795.5d55cb1ad0b4dda4.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659c9b9deb64ed907aed88672191e9e1"
age: 120
cf-ray: 9a012a110cd333a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 6039.88b93af2e433d9df.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
1 KB 85ms
85ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/6039.88b93af2e433d9df.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c2d52b22e67e8d66349dc2bdecd175a5"
age: 120
cf-ray: 9a012a110cd833a5-TXL
expires: Mon, 17 Nov 2025 21:58:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 8081.efb58457c5dcbce6.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
62 KB 75ms
75ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/8081.efb58457c5dcbce6.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"575fb28a2b55106a89210c0358e52fb4"
age: 119
cf-ray: 9a012a110cdc33a5-TXL
expires: Mon, 17 Nov 2025 21:58:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 1003.458168a11da14eef.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
9 KB 87ms
86ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/1003.458168a11da14eef.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"7c7cc0845bb6913cff7dd0952047a46c"
age: 119
cf-ray: 9a012a110cdf33a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 6328.8c6cde3b7e1cb71a.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
9 KB 83ms
83ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/6328.8c6cde3b7e1cb71a.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"d142cc4b67a6cf8e648ca902e3470657"
age: 119
cf-ray: 9a012a110ce333a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 4173.a7fb1793d1a52319.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
9 KB 73ms
73ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/4173.a7fb1793d1a52319.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"8c1f5bb8870605050036d49beb8033dc"
age: 119
cf-ray: 9a012a110ce733a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 common.a31f374801931b34.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
5 KB 63ms
63ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/common.a31f374801931b34.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"80d657f57294f69ca4487f891e19c801"
age: 119
cf-ray: 9a012a110cea33a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:35 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 dialogs.0e4289a370fd7b65.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
197 KB 77ms
77ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/dialogs.0e4289a370fd7b65.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"bd2b8e1c65ab70072bb50f0ce61d526b"
age: 119
cf-ray: 9a012a110cee33a5-TXL
expires: Mon, 17 Nov 2025 21:58:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:35 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 info
vegashero2.com/en/api/v3/system/ 352 B
2 KB 81ms
81ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/en/api/v3/system/info

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: Z9f7f1aPHZgSYijE6QAACky0piCUG1MWpM_ZvxOW
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: 535a555f-0182-47ca-bf0d-f21cf0fcd22c
content-encoding: br
cf-cache-status: HIT
age: 119
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402752057
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:04:52 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=86400
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 42
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a111d0833a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H3 200 info
vegashero2.com/en/api/v3/project/ 4 KB
2 KB 86ms
86ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/en/api/v3/project/info?fields=languages

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: 6KGKNi3O8caeMm5gpKBAD2KWr7cAK9tEMJ37grVb
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: ea7761b9-da38-4627-9dab-517596f17b4b
content-encoding: br
cf-cache-status: HIT
age: 119
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402752052
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:04:52 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=300
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 55
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a111d1633a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H3

200

main.js
vegashero2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/93954b626b88/ Frame 9FB4
Redirect Chain

https://vegashero2.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://vegashero2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/93954b626b88/main.js?

10 KB
5 KB

27ms
27ms

Script
application/javascript

185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/93954b626b88/main.js?

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/registration

Protocol

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 9a012a115dd533a5-TXL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/93954b626b88/main.js?
cf-ray: 9a012a111d1d33a5-TXL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 9a012a0da9a1e513
vegashero2.com/cdn-cgi/challenge-platform/h/b/jsd/oneshot/93954b626b88/0.6305752218745604:1763401029:HKyMoOnXBCNPHxMebU076rAUIPoN0_au8dqbCTJtJY8/ Frame 9FB4 0
1 KB 40ms
36ms XHR
text/plain 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cdn-cgi/challenge-platform/h/b/jsd/oneshot/93954b626b88/0.6305752218745604:1763401029:HKyMoOnXBCNPHxMebU076rAUIPoN0_au8dqbCTJtJY8/9a012a0da9a1e513
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

cf-ray: 9a012a11df4233a5-TXL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
cf-chl-out-s: FSgjpILQuc4pUUnEpZXt8WTrJLByYuqF2c/2YA91v+bQzbp/qNWuguDzoKP5haSqYC2JpIcUz5CVoKsJZx9QPKG0F0lHYCePgmqJzHBRTNUU0uty6mX90eMpF9CdQzcPdY1O5ITMv/uE2wv3L4+CzCF3Svsv/ASc8TY8iFzyku4ZA0pR07lTJ3Z3wlJKSrwVoTdWw6KHc6WpJVMgKDhn5t7LSWj1hKv8WDDL/cUg4BC2yQA9aTHFN4T4XQ/P1E4sHTu5f1iOXwWX4BiMT/WFqRnDua+o67ABUBiMDHlPdMJg12I+S1+t+Z3ddyGtdVX002AaklcfR6XJO3a/7ZzMwYzoZZ0k/e1KvrMdxZzuDfA0OY8axjIUMN7EmHsu7Smt1i07mJo8MQWdqEMXHVSYmur+Hy6YBK9mnVOzgmlSZy+Z1YrYmhJh5XAziO1Bc5G8EbM/QbPDMdQhQHpNuGGC0iq6gvz75I4+1WIs/h/i4P9iA1NH9lCqGyHZkuiQ6eRXsNOE7F4kdw7enHKpA/TM1zaOTh/IGugHeWxCP/0fLbwPnXOk5e+avB2u7dpYc3FBl2rb0VNiBKj3HR/57yIdI+x1ztfsdRP5YxOqnouiyzrEhjWHFFW5g1IOtcz5e1DpK1mFR+dkYS53ssHebGfI6JJxLGl/FTaWtL76agPjoTklGwUUWOP4K0jaRnE9nADuG4FExr2ZcpLF/VJbclC20g==$VvPkxht1eZySIyyW/XlgKg==
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 200 Primary Request registration Show response
vegashero2.com/de/ 425 KB
299 KB 71ms
70ms Document
text/html 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/main.1a67283436efc815.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1b3a6a849778af7ad42ce57b8aa43fd24af85495cb10f6a937061283d5d6f2c

Request headers

Referer: https://vegashero2.com/registration
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age: 1
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=86400
cf-cache-status: HIT
cf-ray: 9a012a11ef6533a5-TXL
cf-ttl: 1763402870657
cf-vary: Accept-Encoding
content-encoding: br
content-type: text/html
date: Mon, 17 Nov 2025 18:06:51 GMT
last-modified: Mon, 17 Nov 2025 09:57:47 GMT
priority: u=0,i
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding

GET
H2 200 styles.ae7eaa0aaba7e744.css
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 137 KB
0 0ms
0ms Stylesheet
text/css 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/styles.ae7eaa0aaba7e744.css
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 734fbb886c3b047ee3e289855ce263e47dc0282c9499b3ea52234fbd36f94e88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"99cadffc1a5d6856ca2bd0d1f2929d8a"
age: 387
cf-ray: 9a012a0e6bfee513-TXL
expires: Mon, 17 Nov 2025 21:58:45 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 17 Nov 2025 18:06:50 GMT
content-type: text/css
last-modified: Mon, 17 Nov 2025 09:57:36 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 BebasNeuePro-SemiExpRegular.1af91ba94912de9b.woff2
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 25 KB
0 0ms
0ms Font
font/woff2 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/BebasNeuePro-SemiExpRegular.1af91ba94912de9b.woff2
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199af398a06b6ccdf5e4800d45328246f9e6199da03fe16d71fd2cd2f0c25b80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "2a95459d7ecffd6ea86b70c38cd2534a"
age: 120
cf-ray: 9a012a0e6c09e513-TXL
expires: Mon, 17 Nov 2025 22:03:25 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 26068
date: Mon, 17 Nov 2025 18:06:50 GMT
content-type: font/woff2
last-modified: Mon, 17 Nov 2025 09:57:25 GMT
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 292 KB
0 Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d515be5da5b65785436e59277291f50482846c6e0ee4a71324b85a978c9b66cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
H3 200 runtime.0935afd84428248f.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 5 KB
0 0ms
0ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c99a097a01fdcdcb97a2c059ad03178e5f83a20c278d42f48624c194ab1714c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"877a24230477b4f642fe73f0e7312a07"
age: 120
cf-ray: 9a012a0e9d7633a5-TXL
expires: Mon, 17 Nov 2025 22:02:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:50 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:36 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 polyfills.82eea1a5a8ac9066.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 34 KB
0 1ms
1ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b12a061fdce3f0e4043721091b1fa8951a4834e105fc060e29a63ad7a9a78c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"95887e14716b4834ef1118547d3e8f75"
age: 120
cf-ray: 9a012a0e9d7b33a5-TXL
expires: Mon, 17 Nov 2025 22:02:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:50 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:36 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 main.1a67283436efc815.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 3 MB
0 2ms
2ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/main.1a67283436efc815.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 737a4d5d94f1f725d6d49da1acd629d8d56d6f37234615b9607463fa1aec1164

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"26df6cf21f6decd3646d0df29a342c72"
age: 120
cf-ray: 9a012a0e9d7d33a5-TXL
expires: Mon, 17 Nov 2025 22:02:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:50 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:36 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 agent.umd.js Show response
cdn.seondf.com/js/v6/ 646 KB
191 KB 37ms
37ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.seondf.com/js/v6/agent.umd.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/main.1a67283436efc815.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e07080f16ae0bb76bc1f1ad916b9e3055977828a1797d64928de59a3b8694121

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
x-amz-version-id: Lz69ZHtGqiABmWsZOTwe5uzWefAFTLL1
age: 3307
etag: W/"e8d40f0deef327bb0ebeb76d62950562"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=3mDGcZhvZsPdJ58zAo%2FejjHpj1KG8vxNPnnnqKpowmYYkAiJ71rUN6nO8UMk%2FpXhtBqPX7VJ4sTYYprIxYZ2THL4hUIqUpXNrqUBK1Je"}]}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: zmu2KV1SAhOvf6Ua8EYBznmdHjmGWk_A-aCYEFpXA6RCzpIb_kKkQQ==
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
vary: Origin, accept-encoding
last-modified: Tue, 11 Nov 2025 10:30:32 GMT
priority: u=3,i=?0
server-timing: cfExtPri
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
via: 1.1 73fd3e6328cf8c076faabc9aa6581730.cloudfront.net (CloudFront)
cf-ray: 9a012a132ab77b43-WAW
x-amz-cf-pop: WAW51-P6
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 info Show response
vegashero2.com/de/api/v3/project/ 147 B
1 KB 81ms
81ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/project/info?fields=payment

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf66dd196e4dea28252eb08f65608f18be5fbe8ab6b3d0330c5d097a3990cd72

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: 8PjVHEeKeBVmUfJwIBnnsaHURvgJB9tC8qAjfO8-
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: 50546e7e-22a4-47d4-a8fe-6bdc153889d7
content-encoding: br
cf-cache-status: HIT
age: 118
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402753711
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:04:53 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=300
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 47
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a131b4233a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H3 200 9878.361f739b6ebc28b3.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
0 0ms
0ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/9878.361f739b6ebc28b3.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"eeaead8b773c70d2f4e6a3bcacf4abce"
age: 120
cf-ray: 9a012a110cca33a5-TXL
expires: Mon, 17 Nov 2025 21:58:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 6645.bbfc5cecf75d71a1.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
0 2ms
2ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/6645.bbfc5cecf75d71a1.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1b7f980f5aa468e461844eb9fbf74b66"
age: 120
cf-ray: 9a012a110cd033a5-TXL
expires: Mon, 17 Nov 2025 21:58:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 795.5d55cb1ad0b4dda4.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
0 3ms
3ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/795.5d55cb1ad0b4dda4.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659c9b9deb64ed907aed88672191e9e1"
age: 120
cf-ray: 9a012a110cd333a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 6039.88b93af2e433d9df.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
0 4ms
4ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/6039.88b93af2e433d9df.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c2d52b22e67e8d66349dc2bdecd175a5"
age: 120
cf-ray: 9a012a110cd833a5-TXL
expires: Mon, 17 Nov 2025 21:58:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 8081.efb58457c5dcbce6.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
0 4ms
4ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/8081.efb58457c5dcbce6.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"575fb28a2b55106a89210c0358e52fb4"
age: 119
cf-ray: 9a012a110cdc33a5-TXL
expires: Mon, 17 Nov 2025 21:58:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 1003.458168a11da14eef.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
0 5ms
5ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/1003.458168a11da14eef.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"7c7cc0845bb6913cff7dd0952047a46c"
age: 119
cf-ray: 9a012a110cdf33a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 6328.8c6cde3b7e1cb71a.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
0 6ms
6ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/6328.8c6cde3b7e1cb71a.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"d142cc4b67a6cf8e648ca902e3470657"
age: 119
cf-ray: 9a012a110ce333a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 4173.a7fb1793d1a52319.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
0 7ms
7ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/4173.a7fb1793d1a52319.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"8c1f5bb8870605050036d49beb8033dc"
age: 119
cf-ray: 9a012a110ce733a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 common.a31f374801931b34.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
0 7ms
7ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/common.a31f374801931b34.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"80d657f57294f69ca4487f891e19c801"
age: 119
cf-ray: 9a012a110cea33a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:35 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 dialogs.0e4289a370fd7b65.js
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 0
0 8ms
8ms Other
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/dialogs.0e4289a370fd7b65.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Sec-Purpose: prefetch
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"bd2b8e1c65ab70072bb50f0ce61d526b"
age: 119
cf-ray: 9a012a110cee33a5-TXL
expires: Mon, 17 Nov 2025 21:58:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:35 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 info Show response
vegashero2.com/de/api/v3/system/ 351 B
2 KB 79ms
73ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/system/info

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73fce1a83732acb53b2be9474670ff94bbb61ba9546c72eeceeac3e066501ac1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: _gErb9suWMo8ak7SlgBsz7yKS-iMmzueG-vuQwII
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: 3ede55eb-af37-407a-9055-0e3916bc7e25
content-encoding: br
cf-cache-status: HIT
age: 9
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402862959
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:06:42 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=86400
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 23
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a132b7233a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H3 200 info Show response
vegashero2.com/en/api/v3/project/ 4 KB
2 KB 66ms
59ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/en/api/v3/project/info?fields=languages

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc00e3163a948a3bb06956975e080cc5dc8334b248814d588c0288b3ff7b1f20

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: jxbJ_pepU-Nq0EenkpAOkK9wGAb3ePJqhDGilKHA
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: a9f67c43-0c50-484f-914c-506ac54f5dde
content-encoding: br
cf-cache-status: HIT
age: 0
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402871363
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:06:51 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=300
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 202
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a133b8033a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H3

200

main.js Show response
vegashero2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/93954b626b88/ Frame 34F1
Redirect Chain

https://vegashero2.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://vegashero2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/93954b626b88/main.js?

10 KB
0

0ms
0ms

Script
application/javascript

185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/93954b626b88/main.js?

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/de/registration

Protocol

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

804ca4e5e48213b6f08692e4ba45b2be52f4b6f8c983a1c0d7786d7011615672

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 9a012a115dd533a5-TXL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/93954b626b88/main.js?
cf-ray: 9a012a111d1d33a5-TXL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 9a012a11ef6533a5 Show response
vegashero2.com/cdn-cgi/challenge-platform/h/b/jsd/oneshot/93954b626b88/0.6305752218745604:1763401029:HKyMoOnXBCNPHxMebU076rAUIPoN0_au8dqbCTJtJY8/ Frame 34F1 0
1 KB 35ms
31ms XHR
text/plain 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cdn-cgi/challenge-platform/h/b/jsd/oneshot/93954b626b88/0.6305752218745604:1763401029:HKyMoOnXBCNPHxMebU076rAUIPoN0_au8dqbCTJtJY8/9a012a11ef6533a5
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

cf-ray: 9a012a13acd533a5-TXL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
cf-chl-out-s: ceB5+aj4GDToOb0oXpXOY5y5hBUh/OBHJGHnihVWItjcN6k4kStmHXXbE/0n+KlpZi6cPb/OcK0EH0+kWgtLrBkzUHYDQSOCk+5n1iUoqp3Cmq09IB6OJzmgIQznvZvJOAAlVoixAC1JPoWPPv1k21II8GiCCXosRS2c9GagOFJY3yaWTlUvB5P6P44xCNB3rk70EhpAmIYdaXIMgu1YfZVK0vM9xXtFX92lB3odrtZcrXCC+4rBpjVLloTM0q0B+amr+MqDZL5XmM9KxlTyrtvG0wTln0iD7P3T2pd1WLvEFSrqGUtRB/fmXnjCfpYBgYfjN8wwlCtzdUTz1964e2z2pGs+K4ZTEeqNxkvR/0zeVSgijvldT+KlRvg2MMbUYT4GhR9oV8ZSfmqGWT+zDz1T+zEGbwI1iP6sAkE0dyrKhbNo2Fx7/4QMTe20CNYykTzxyWsz8RQYOdWW2OnZQ9F5ot1VEDDwm/h+dp9BSNsNMED+iGWPAwx0T1KDR+S3bpCV/6V8IHhkuJcpmJMmDWgk8wDml28NX+QkHrUeqXIQX+0Fnp1IhNix9Qi7ecAIYhlUppNC/fX8uuw5q98c6PsbOP8UxOP6JjASuUKNmsZ0oENQOlHI9CfnAIYKlAImgOVD4BSNoMB3XoifnSafZ5xNTYrqNhQjIBf4pZlKNm58pwis8DxITBUArXJ9xttbYW7CsEV7Nv1D9b5F5JaK2g==$LQ7VPlzw8UBSDAUUOQ6rXg==
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 200 9878.361f739b6ebc28b3.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 126 KB
0 0ms
0ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/9878.361f739b6ebc28b3.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab1aaf86cd32b627d78affb540908d2eecc48858ba5f57d263ea287e1d588d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"eeaead8b773c70d2f4e6a3bcacf4abce"
age: 120
cf-ray: 9a012a110cca33a5-TXL
expires: Mon, 17 Nov 2025 21:58:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 6645.bbfc5cecf75d71a1.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 17 KB
0 1ms
1ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/6645.bbfc5cecf75d71a1.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f955d022abad91d9318acbc4053fc640adc7f06d3b00dd1fbf6e2da0301dd9f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1b7f980f5aa468e461844eb9fbf74b66"
age: 120
cf-ray: 9a012a110cd033a5-TXL
expires: Mon, 17 Nov 2025 21:58:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 795.5d55cb1ad0b4dda4.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 5 KB
0 2ms
2ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/795.5d55cb1ad0b4dda4.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e020b9e990c11db615cbde19923f101721b0cf958f3482ee1b07ef6de2311f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659c9b9deb64ed907aed88672191e9e1"
age: 120
cf-ray: 9a012a110cd333a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 6039.88b93af2e433d9df.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 3 KB
0 3ms
3ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/6039.88b93af2e433d9df.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7d821911f5f6727cf14086687dfedd12709f26c34d8137b3d52c562b347d627

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c2d52b22e67e8d66349dc2bdecd175a5"
age: 120
cf-ray: 9a012a110cd833a5-TXL
expires: Mon, 17 Nov 2025 21:58:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 8081.efb58457c5dcbce6.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 260 KB
0 3ms
3ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/8081.efb58457c5dcbce6.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fabe527817cac710db0692168b506a9642c0de36f9ae96dd040a92d828eee45e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"575fb28a2b55106a89210c0358e52fb4"
age: 119
cf-ray: 9a012a110cdc33a5-TXL
expires: Mon, 17 Nov 2025 21:58:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 1003.458168a11da14eef.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 40 KB
0 5ms
5ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/1003.458168a11da14eef.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b14c73c8abedbd964fc48b3bcc69cb1af412e956fc6dff18b89a993eeba0e3f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"7c7cc0845bb6913cff7dd0952047a46c"
age: 119
cf-ray: 9a012a110cdf33a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 6328.8c6cde3b7e1cb71a.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 29 KB
0 6ms
6ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/6328.8c6cde3b7e1cb71a.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0ebbaf4d965bfb0496f9c04e71e1eb6589c8de39b4bfb59e97360eed1fb3766

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"d142cc4b67a6cf8e648ca902e3470657"
age: 119
cf-ray: 9a012a110ce333a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 4173.a7fb1793d1a52319.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 32 KB
0 6ms
6ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/4173.a7fb1793d1a52319.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f68f4669565e314d17776c578665484367a76bf89eb9dafeed78b8fa5b2b1c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"8c1f5bb8870605050036d49beb8033dc"
age: 119
cf-ray: 9a012a110ce733a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 common.a31f374801931b34.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 19 KB
0 7ms
7ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/common.a31f374801931b34.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c157d33f8f26c6dd381c3579f470fed57fc0190667d584ac847bd6e2241aa44

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"80d657f57294f69ca4487f891e19c801"
age: 119
cf-ray: 9a012a110cea33a5-TXL
expires: Mon, 17 Nov 2025 21:58:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:35 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 dialogs.0e4289a370fd7b65.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 881 KB
0 8ms
8ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/dialogs.0e4289a370fd7b65.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0765645a33cea6a119b2657046f10dae469304eb8c21b702f81a4ce36697ad3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"bd2b8e1c65ab70072bb50f0ce61d526b"
age: 119
cf-ray: 9a012a110cee33a5-TXL
expires: Mon, 17 Nov 2025 21:58:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:35 GMT
server: cloudflare
priority: u=4,i
vary: Accept-Encoding

GET
H3 200 info Show response
vegashero2.com/de/api/v3/project/ 601 B
2 KB 78ms
76ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/project/info?fields=client,sportsbook,registration,login

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42ae7ad9883ca4d8c3951dee32c425cc2896f463497733e23de273eb4f01aa40

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: HqRMZx6t9WlcqSug41zseu7A8cDVVGht2sBdwOc3
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: 187c5c31-c48f-403d-a86b-be5294f94e8b
content-encoding: br
cf-cache-status: HIT
age: 117
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402754962
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:04:54 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=300
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 125
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a13bcfa33a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H3 200 info Show response
vegashero2.com/de/api/v3/project/ 607 B
2 KB 63ms
61ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/project/info?fields=brandOnboarding,gamificationWithdrawal,shorts,spinRally,jackpot,chat,multiLevelVipProgram,rebates,gamificationWidgetLoader

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59b5d8a6bb1904d25e82254b1e3a510c7d73c142bcfb0fb058ffe74db1734a0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: GrAv4l0OjNqI0huvLUgyfwwJcE0B9LJoIs9eE-JP
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: d1186529-b3f7-4679-a6cf-f49d4f5fb5b0
content-encoding: br
cf-cache-status: HIT
age: 117
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402754970
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:04:54 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=300
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 85
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a13bcfc33a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H3 200 info Show response
vegashero2.com/de/api/v3/project/ 842 B
2 KB 59ms
57ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/project/info?fields=liveThumbnails,actionTriggers,pickGameOnBonusActivation,checkWageringRestriction

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b27b654536e8c883577ab92a2c5703bc743e92f24dd7f4c2d66077821c03827

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: cNM_VFifnkmLpsN4MXmqEgPwJb5TknnO90k-74d1
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: 07bc7863-747e-4da7-978f-ce9821698a25
content-encoding: br
cf-cache-status: HIT
age: 117
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402754941
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:04:54 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=300
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 82
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a13bcfe33a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET fa85b391-2c2b-40f6-9d42-e64347ecf7e5
https://vegashero2.com/ 0
0

GET b6988b17-ee4c-4871-824d-eb7f24f4719d
https://vegashero2.com/ 0
0

GET 671ebede-2b58-44ae-acad-13a1987ce7e2
https://vegashero2.com/ 0
0

GET ed77e3b7-5a1c-4777-a268-b47bface5ab2
https://vegashero2.com/ 0
0

GET 1c4e871d-b85a-4c73-8b4b-90e643df5787
https://vegashero2.com/ 0
0

GET 298d5bc4-94d3-4a9e-9847-785024610e1d
https://vegashero2.com/ 0
0

GET f66390ae-6cbc-43c6-950a-899733821220
https://vegashero2.com/ 0
0

GET f0ebb590-5071-4917-b86e-ca560e5228cb
https://vegashero2.com/ 0
0

GET e4dc3236-6e1c-40d7-950f-68bfeb01fbd5
https://vegashero2.com/ 0
0

GET fbf317be-e590-44a2-9ca7-34424d8ba4ce
https://vegashero2.com/ 0
0

GET 35136a9c-23a1-41d0-8550-b789da89c6a6
https://vegashero2.com/ 0
0

GET 6f3536f9-62de-4727-afcf-688e9b875aa4
https://vegashero2.com/ 0
0

GET d4714a48-7ecb-49ff-bc83-7cdb84e860ad
https://vegashero2.com/ 0
0

GET 1155d6a1-6787-43c9-9f41-81ff8e750098
https://vegashero2.com/ 0
0

GET a91dc835-4607-4c02-a4f2-06ba1dee2c08
https://vegashero2.com/ 0
0

GET fffa3667-9170-4953-9991-4365194c7b95
https://vegashero2.com/ 0
0

GET e52b6208-ce3f-4520-97f3-571f84f87fda
https://vegashero2.com/ 0
0

GET 2625d636-104a-4919-bdc0-9a279c3a8af4
https://vegashero2.com/ 0
0

POST
H2 200 / Show response
1ce9b5295a9b238836f42b27e515f96c.seondnsresolve.com/ 11 B
161 B 195ms
63ms XHR
application/json 52.214.0.104
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://1ce9b5295a9b238836f42b27e515f96c.seondnsresolve.com/
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.0.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-0-104.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2d7a270c1928be61476bfe7e9a662b5d23101783e646e0b241b3955ad5ee786f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

access-control-allow-origin: *
content-length: 11
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS,GET,POST

GET
H/1.1 200 / Show response
eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondnsresolve.com/ 780 B
978 B 148ms
46ms XHR
application/json 52.49.104.56
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondnsresolve.com/
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.49.104.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-104-56.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e96271b09ac2fa31e230553164a6e017e751c3adaf3198f542bb6583f53e210c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

access-control-allow-origin: *
content-length: 780
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json
connection: close
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 88 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87a06d50a2e60f0f2fa9957322630c869ea00dfc13b6d462a7967bb3ffb0cffc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 collection Show response
vegashero2.com/de/api/v3/casino/ 441 B
2 KB 63ms
63ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/casino/collection

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee26ce81faaababd04d1f9d2c7af2bbc5a8acd70595d4a1e7517822660fe82c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: J-9mFeI_GCyYg_UG6LXlxFJPa7bmvxO3Opl8nUSc
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: 56a71632-a34b-4435-9e32-c50a247f0594
content-encoding: br
cf-cache-status: HIT
age: 116
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402705849
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:04:55 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=300
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 66
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a158a0533a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

POST
H3 200 translation Show response
vegashero2.com/de/api/v3/lang/ 116 KB
34 KB 453ms
453ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/lang/translation

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

875db474e4f3e621f792664ca240b5947e8baf09a6693df5fd5a34f6e356eb91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: h6-2W3_WbXbFFwdNFLwlHicYwTinD0_iyitAvOt6
Content-Type: application/json
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: 002fc535-860c-47cc-97cc-58aa0836c083
content-encoding: br
cf-cache-status: DYNAMIC
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 373
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a158a1733a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 330 KB
112 KB 215ms
106ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5KC48WXM

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/main.1a67283436efc815.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd47bad97241544fcadd200521cf6909dd627e4cc2dbed1a3aacd05fcb8ec5fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Mon, 17 Nov 2025 18:06:51 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114184
date: Mon, 17 Nov 2025 18:06:51 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 info Show response
vegashero2.com/de/api/v3/project/ 577 B
2 KB 69ms
69ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/project/info?fields=captcha

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec558b5973a14f6d6b14186931ccddcf465f17830a398e271a458d50e8cc70b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: ytAt3O3PkgoVjqj2G0KBCwwz42IutZEvhlamVgXa
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: b6ced371-be08-4ed5-abb1-3b6187653d42
content-encoding: br
cf-cache-status: HIT
age: 116
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402755937
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:04:55 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=300
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 35
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a159a5933a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H2 200 f441a99041550f4bd8814026cde766e7f8782955.js Show response
gamification-widgets.platform-mega.com/loader/ 2 KB
2 KB 100ms
29ms Script
text/plain 185.207.196.148
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://gamification-widgets.platform-mega.com/loader/f441a99041550f4bd8814026cde766e7f8782955.js?widgetName=srw&projectId=c86f7304-6c62-4151-a049-8adda1537075&gatewayUrl=https%3A%2F%2Ftournaments-gateway-prod.platform-mega.com
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/main.1a67283436efc815.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.207.196.148 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66e0a325be5f86a801b45ae552735e11f7ed3bd9a58059742abb1e16c86d09d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cf-cache-status: HIT
etag: "876a1659a3f5ab360bbb5a604453d7c0"
age: 6124
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=W%2F8NbxNEW2%2BtvhgpZiSDaTiy0vxlQ1CHeBhy3Hqx8%2Bz3HKfv4aPW6V4RRHhTrbZtY0br7pyZMlTSAqgoJ5%2BsCOkVHvrGEolHUVHgIgVAnQgAfAGKfrXlh8CPcUZ72V1W1PFJNA%3D%3D"}]}
cf-ray: 9a012a160db6e51f-TXL
accept-ranges: bytes
content-length: 1767
date: Mon, 17 Nov 2025 18:06:51 GMT
last-modified: Wed, 17 Sep 2025 11:49:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 init Show response
vegashero2.com/de/api/v3/gamification/widget/ 840 B
2 KB 66ms
66ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/gamification/widget/init

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cd065f3e74abbe6e4e4e68d01a1c7b4a84c0f7a7b7eef89878c8962235ed4ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: 2xsW5NULdz2KxWgVRcVECGWFWA0Pc70Mw0anOk9f
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: bd7007c1-f393-492c-96ce-9c470f2d0420
content-encoding: br
cf-cache-status: HIT
age: 115
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402756081
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:04:56 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=86400
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 165
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a159a5e33a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H2 200 e72d128e1a8fd05dabb79b46315392f0.js Show response
cdn.cookie-script.com/s/ 586 KB
109 KB 118ms
33ms Script
application/javascript 188.166.63.236
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://cdn.cookie-script.com/s/e72d128e1a8fd05dabb79b46315392f0.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/main.1a67283436efc815.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.166.63.236 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.26.3 /
Resource Hash: d7afb6a6e888054337493d041a08d937f4216c3e7935520916a2145898679be1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

x-cache-status: HIT
content-encoding: gzip
etag: W/"e19ba36ddc83a880e346e822b2f7995d"
access-control-allow-origin: *
date: Mon, 17 Nov 2025 18:06:51 GMT
last-modified: Sat, 14 Jun 2025 07:29:34 GMT
vary: Accept-Encoding
server: nginx/1.26.3
content-type: application/javascript

GET
H3 200 4236.a17fd5c7b4bef89f.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 8 KB
3 KB 55ms
55ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/4236.a17fd5c7b4bef89f.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c9c777bda4785d40c5d29242b90934b945ab0ee9ab3de26419cf245cd19da1e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"7dcb1a4aafec40ccc40560ff3f88253f"
age: 116
cf-ray: 9a012a15aa6f33a5-TXL
expires: Mon, 17 Nov 2025 22:03:29 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 9792.3610f15595f07944.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 43 KB
11 KB 70ms
70ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/9792.3610f15595f07944.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a818629089cff6a6d1e378dabefffa4d75d0d815a175551c03657aa7b187d28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"176b3257336a883552838ac792991067"
age: 116
cf-ray: 9a012a15aa7133a5-TXL
expires: Mon, 17 Nov 2025 22:02:11 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

POST
H3 200 resolve Show response
vegashero2.com/de/api/v3/comrade/ 405 B
2 KB 151ms
150ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/comrade/resolve

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ef6555df5b46fe7c29fe4b3e32b0a6d97c348179e322bcf7230ec10edbf74a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: diqIW4_lOl1MG_cPuEKRN8A2xNjwwWwp7uY-AtXh
Content-Type: application/json
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: 154c7c31-5cb6-452f-95d9-f151938db8a4
content-encoding: br
cf-cache-status: DYNAMIC
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 47
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a173f0633a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/93954b626b88/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/b/93954b626b88/api.js

48 KB
16 KB

47ms
47ms

Script
application/javascript

104.18.95.41
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/93954b626b88/api.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Server: 104.18.95.41 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cadddf1717be85c3467494943718b22cc3b75cfdfc4b972d5fdafc0a659f529

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

server: cloudflare
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 9a012a183aa3f558-TXL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 11 Nov 2025 16:01:18 GMT
vary: Accept-Encoding
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location: /turnstile/v0/b/93954b626b88/api.js
cross-origin-resource-policy: cross-origin
cf-ray: 9a012a176fcef558-TXL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 pattern.4765020b56299dc6.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 5 KB
5 KB 73ms
73ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/pattern.4765020b56299dc6.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/styles.ae7eaa0aaba7e744.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79172cb0b22b4205cb278da03be1bc0120718a7ec98dfc2b91ee018b33d2bf03

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/styles.ae7eaa0aaba7e744.css

Response headers

cf-cache-status: HIT
etag: "728358a88d3adcd4cacf62adaccfd319"
age: 388
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 21:58:37 GMT
cf-polished: origFmt=png, origSize=5508
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="pattern.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:36 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a182a0733a5-TXL
accept-ranges: bytes
content-length: 5098
server: cloudflare

GET
H3 200 BebasNeuePro-BoldItalic.f6f52c8f4eab6e4a.woff2
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 26 KB
26 KB 85ms
84ms Font
font/woff2 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/BebasNeuePro-BoldItalic.f6f52c8f4eab6e4a.woff2
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a72c668014740c640a74c6766d38bd24a293ef02be57e89aee18a8947001363

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h

Response headers

cf-cache-status: HIT
etag: "b39e1c03046d857f78da99811fbebb5a"
age: 116
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: font/woff2
last-modified: Mon, 17 Nov 2025 09:57:25 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=14400
cf-ray: 9a012a183a1d33a5-TXL
accept-ranges: bytes
content-length: 26744
server: cloudflare

GET
H3 200 close.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/ 440 B
787 B 100ms
99ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/close.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2960f24bf19ec177ead60171f3e4ff1f2ccdaf174f2246ef6621447cb7f95074

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "c83313352df272f5d93b703baa81cb8e"
age: 29198
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:50 GMT
cf-polished: origFmt=png, origSize=1056
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="close.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:26 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a183a1833a5-TXL
accept-ranges: bytes
content-length: 440
server: cloudflare

GET
H3 200 close-hover.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/ 474 B
824 B 69ms
68ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/close-hover.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f9cbd3d55fb3386f13c42fb3c90f201e2f180fe573909bf343328a74f7e3d93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "6a2fca31dbb3e0022300fc6e02935b87"
age: 29198
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:50 GMT
cf-polished: origFmt=png, origSize=1077
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="close-hover.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:26 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a183a2033a5-TXL
accept-ranges: bytes
content-length: 474
server: cloudflare

GET
H3 200 close-active.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/ 472 B
823 B 77ms
76ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/close-active.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08b9313a30d37f0e70ceeab65045b7bfa27f338503d9ca01e028ad741aaa80fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "e1325f3ee6a6bb1fb5c2c38049c276d1"
age: 29198
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:50 GMT
cf-polished: origFmt=png, origSize=1124
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="close-active.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:26 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a183a2433a5-TXL
accept-ranges: bytes
content-length: 472
server: cloudflare

GET
H3 200 1680700129373_de.svg
vegashero2.com/dimg/language/ 15 KB
7 KB 41ms
40ms Image
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://vegashero2.com/dimg/language/1680700129373_de.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/de/registration

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

054e6c5160fd8b52c75267a4fcac2b6201027d9d0cae865dd33c35e1cb59cef7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"51a3b9c98f012ff60334cc950bbec92f"
age: 953625
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/svg+xml
last-modified: Wed, 05 Apr 2023 13:08:49 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
content-security-policy: block-all-mixed-content
x-front-cache-status: HIT
x-amz-request-id: 185E8CC197489592
cf-ray: 9a012a183a2933a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 1680270471572_en.svg
vegashero2.com/dimg/language/ 1 KB
974 B 39ms
38ms Image
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://vegashero2.com/dimg/language/1680270471572_en.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/de/registration

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1297083b34d4fa90eefbbb7064f1fee68d8ee8be06dd5ecd604647e77a11c079

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"b248af412d175cb652ba9c4c3d72b9c7"
age: 953528
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/svg+xml
last-modified: Fri, 31 Mar 2023 13:47:51 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 17BBFBA40C914500
cf-ray: 9a012a183a2b33a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 628.dbaeb59379a9209b.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 3 KB
1 KB 88ms
88ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/628.dbaeb59379a9209b.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8f3587faab98b8525cb614eb27e89920940357327131b2b058d9ff6c4b53f8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"2e7881eba974de6f49da97ad62b782c5"
age: 115
cf-ray: 9a012a18bbb533a5-TXL
expires: Mon, 17 Nov 2025 22:02:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 4790.4a5832e2ec64368a.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 1010 B
917 B 76ms
76ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/4790.4a5832e2ec64368a.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd8ada1dee2023e3c855671ad4c7d64b45f62d51e3da66e094969c15a6f3ff40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"00b9e5c5e1231e84d41f8d966b399a06"
age: 115
cf-ray: 9a012a18bbc533a5-TXL
expires: Mon, 17 Nov 2025 22:02:12 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 srw Show response
tournaments-gateway-prod.platform-mega.com/widgets/ 248 B
742 B 88ms
56ms Fetch
application/json 185.207.196.148
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://tournaments-gateway-prod.platform-mega.com/widgets/srw?projectId=c86f7304-6c62-4151-a049-8adda1537075
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.196.148 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b460f058bde06aad8389291233b4cebee09130bfdd0795e956b9efd09dfb730

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

x-request-id: b8f79733-a8bd-49c6-87e7-255655b057d5
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 8
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MHZ964y7HqpQARWNYvooL0wjGJhcqQ7b%2BiMLP7d29DlWFOcTNPM91p0VJm6vhOvPVLWnzYmbb6tKpjV1vbwTyKIzssFiwbIyJBWm5dLkD6K9K0hJPKFUID9AmD0Sji%2FgAemacLutHqE%3D"}]}
cf-ray: 9a012a191b33e522-TXL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/json; charset=utf-8
server: cloudflare
priority: u=1,i

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 423 KB
143 KB 78ms
78ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZEKWJMERCE&cx=c&gtm=4e5bd0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KC48WXM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63646d4acf954ffbc8502e5af68473eee3e13784b5ef135767d9c56ffb6b31e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Mon, 17 Nov 2025 18:06:52 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146594
date: Mon, 17 Nov 2025 18:06:52 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 tag-manager.js Show response
tm.ads.sportradar.com/dist/ 326 KB
33 KB 146ms
58ms Script
application/javascript 2a02:26f0:7100::210:139
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAABAQ
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::210:139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 9f7d92445cd4b4fa750089f3d63de12ed13a1efbbf5735877bedb58de43eecb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

cache-control: max-age=900, public
content-encoding: gzip
apigw-requestid: UMtu3g5DDoEEP4w=
content-length: 33775
x-amz-cf-id: Y1KbG5uN70AM6JAylVNWRhKB9N4TcSGIMiRd_RPrp9vVEp5js7NouA==
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
content-disposition: inline
vary: Accept-Encoding
x-amz-cf-pop: FRA60-P12

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 192ms
40ms Script
application/x-javascript 2600:9000:20b4:a200:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:a200:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

x-amz-cf-id: 3pbIhed0n3bG75fACqN82__3msYPUnyeLdkht-mPyx3JBdOjwu-xFg==
cache-control: public, max-age=3600
content-encoding: gzip
age: 1366
via: 1.1 033f456f54ceb7135f57b018b334dfdc.cloudfront.net (CloudFront)
expires: Mon, 17 Nov 2025 18:44:06 GMT
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 6162
date: Mon, 17 Nov 2025 17:44:06 GMT
content-type: application/x-javascript
last-modified: Mon, 17 Nov 2025 17:43:56 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: AMS58-P4

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
32 KB 99ms
25ms Script
application/javascript 2a0b:7e00:202:2701::5
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/registration?mid=249325_1747105&fluid=4a9f395d-a48b-4f3a-984e-5c80aec6e0ff&clickid=wu40a3h
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:7e00:202:2701::5 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software: nginx /
Resource Hash: 59938868870ce60b8576506d0211346d8a85329a9d54997c39d921389c493b34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

x-cache-status: HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"cbd67ec72136561be113efd03055f4f4"
x-amz-request-id: tx0000051ce1f901fbd2a21-00685bc640-32aa13db-default
access-control-allow-origin: *
date: Mon, 17 Nov 2025 18:06:52 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Wed, 25 Jun 2025 09:36:45 GMT

GET
H2 200 / Show response
track.adform.net/Serving/Cookie/ 73 B
653 B 142ms
25ms Script
text/javascript 37.157.6.243
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KC48WXM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET,POST
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: *
server: nginx

GET
H2 200 rr_vegashero.js Show response
admaxium.com/scripts/ 328 B
787 B 303ms
255ms Script
text/javascript 2606:4700::6812:13e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://admaxium.com/scripts/rr_vegashero.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KC48WXM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1284e157231f911bf058d00f66c9458a75b29ae75e991e6b4fb6b95b343f88ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

x-request-id: d87286ae-f8e0-494e-a5d2-32751b7a3034
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"1284e157231f911bf058d00f66c9458a"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: text/javascript; charset=utf-8
x-runtime: 0.037399
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9a012a196d6de567-TXL
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

GET
H2

200

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=dsp&segment_key=dsp-36023&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=dsp&segment_key=dsp-36023&value=&_bee_ppp=1

43 B
575 B

52ms
43ms

Image
image/gif

54.220.208.29
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=dsp&segment_key=dsp-36023&value=&_bee_ppp=1

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/de/registration

Protocol

Server

54.220.208.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-208-29.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif
server: gunicorn

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: https://segment.prod.bidr.io/associate-segment?buzz_key=dsp&segment_key=dsp-36023&value=&_bee_ppp=1
content-length: 0
date: Mon, 17 Nov 2025 18:06:52 GMT
server: gunicorn

GET
H3 404 item Show response
vegashero2.com/de/api/v3/seo/ 75 B
1 KB 143ms
143ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/seo/item?page=registration

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8544fd687b99eb9e3f1104f315dfe557b49bb3440e1ad50f9afe6adada2032b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: 35quALkrcnOBCZ-J7bdj8qeiJzyaxNORTnR2_fh5
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: e70879b1-fc12-4bc3-a6b6-10a151a39d0c
content-encoding: br
cf-cache-status: DYNAMIC
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 18
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a195d9033a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H3 200 4108.0d776f442a780915.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 5 KB
2 KB 75ms
75ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/4108.0d776f442a780915.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39a5213f31f24d94ac52bea7e3be8e06668b2a9fdd629921e61670a7e2b92c10

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"4c3a3cb93bdaea081a2afeacaea834fe"
age: 115
cf-ray: 9a012a195d9333a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 5680.5704daea6eafbb39.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 10 KB
3 KB 123ms
123ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/5680.5704daea6eafbb39.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f84025664b9326f19e8e11d05175b63c152b2c53e54074885af9038e6c37cb3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"8b7bae021dcb760f461a1ac79e36412a"
age: 115
cf-ray: 9a012a195d9833a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 3757.fae7d67405013743.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 10 KB
3 KB 158ms
158ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/3757.fae7d67405013743.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ccf3a72c060c9b6cc38f9a110b8ac3e01c7bee9f5baf61fffca60c3098616db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"3b9438b6d9e33a60c07b2ec95ac1630a"
age: 115
cf-ray: 9a012a195d9a33a5-TXL
expires: Mon, 17 Nov 2025 22:02:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 3469.bdb98ca5ee63c2c6.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 537 B
651 B 110ms
110ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/3469.bdb98ca5ee63c2c6.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d9220b905a8b59cb801c869182a28400acf41d5e3bdf6b2bed411111365aa7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"0d7232f3fe318999612f1dc16835f179"
age: 115
cf-ray: 9a012a195da033a5-TXL
expires: Mon, 17 Nov 2025 22:02:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 3192.29513aac15704b3b.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 55 KB
12 KB 126ms
126ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/3192.29513aac15704b3b.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90d663d204e12d5bec92c56fd5e719af645f1bb528facc735f7df6f34e17d524

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"a889dd4e5c9444e96228cd02f53288ea"
age: 115
cf-ray: 9a012a195da433a5-TXL
expires: Mon, 17 Nov 2025 22:02:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 4132.eb34895ebc2e5907.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 24 KB
6 KB 99ms
98ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/4132.eb34895ebc2e5907.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5def9c0967358d1ebe20335b6dda40c97e30e03322cb425662bd5603145afb98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"a4d8228217c77469b4de9483926dbb60"
age: 115
cf-ray: 9a012a195da833a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 6225.caf57fcb9918a31f.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 531 B
651 B 75ms
75ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/6225.caf57fcb9918a31f.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9a2ff5231c92e5f62f0c31ffc734d1aa35840bc10c5ee3dc208a0a1f5d619a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"10a538c07abaedc32c8a0b81a912a307"
age: 115
cf-ray: 9a012a195da933a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 315.45abdcfd62738c82.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 35 KB
9 KB 156ms
155ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/315.45abdcfd62738c82.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0024e99f8ce228cde6182758e895dbab3f2ce25e1c12b2fca576fa58723af21e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"16bd736119c68c6a847e8062f4f2fccf"
age: 115
cf-ray: 9a012a195dab33a5-TXL
expires: Mon, 17 Nov 2025 22:02:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 8526.5b817f02af490667.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 8 KB
3 KB 129ms
129ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/8526.5b817f02af490667.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c204e62ee9676201fe7b784694aab0b2aee7a7be1522698da50ff01f6ba146a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"fd60af6b9e23218339eb1fde5aa7ce90"
age: 115
cf-ray: 9a012a195dac33a5-TXL
expires: Mon, 17 Nov 2025 22:02:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 9531.964b2374cd9dc2f5.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 17 KB
5 KB 161ms
161ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/9531.964b2374cd9dc2f5.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 895dd08edd1842f3719e4abb5ba5aa9a0ef6c83280ff629df00e8725ac93f037

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c146e1af433e1f5a055ef8e0ee8148d4"
age: 115
cf-ray: 9a012a195daf33a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 7499.c8afe877282fa7fb.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 8 KB
2 KB 133ms
133ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/7499.c8afe877282fa7fb.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4356c4839535096156a4486e6bf517d276dc781cd9b738a781bbc3427c48e254

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"74d772b282f81986d71dafa3ef9e7034"
age: 115
cf-ray: 9a012a195db033a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 5529.a745572d253c3aac.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 2 KB
1 KB 133ms
133ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/5529.a745572d253c3aac.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f141857444f27a2ed17ff685c8eefb4b981509a3905d179a8d4b2fbf829d108

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"004cdbb451f2469a240725ed7f8a7a4a"
age: 115
cf-ray: 9a012a195db233a5-TXL
expires: Mon, 17 Nov 2025 22:02:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 8060.212d124b4fedfcb0.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 127 KB
27 KB 133ms
132ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/8060.212d124b4fedfcb0.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e577b138d1ff351b477dc463444dce66861936725d211807f050b7b7745905f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"45258514ff20c7d0bce8fb3b85b1b889"
age: 115
cf-ray: 9a012a195db333a5-TXL
expires: Mon, 17 Nov 2025 22:02:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 1418.e2459af38b42c1fe.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 13 KB
5 KB 146ms
146ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/1418.e2459af38b42c1fe.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03da69a6da86457efff6d663c4d794804aade9192e07c1658206c1b8b30b241

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"d7899ce60e2346c8e09ecad3d234221d"
age: 115
cf-ray: 9a012a195db633a5-TXL
expires: Mon, 17 Nov 2025 22:02:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 116.3a477d4e0092f372.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 59 KB
13 KB 132ms
132ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/116.3a477d4e0092f372.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d4549c9c5bb9014fb11071f6d71e10d505cf9c5297e6983181e10cd53f4fb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"f50a54aa6d618a1822a16d5ebc096f89"
age: 115
cf-ray: 9a012a195dba33a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 8751.44c622af02fe285a.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 8 KB
3 KB 143ms
143ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/8751.44c622af02fe285a.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a072838e812ef83ad812182093a7b7eff6655c6aa437a5d61559a2b155ac9baa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"890f2754b4467dd890d599c265d10e80"
age: 115
cf-ray: 9a012a195dbd33a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 2893.74cd7bf3d6762e7b.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 34 KB
7 KB 156ms
156ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/2893.74cd7bf3d6762e7b.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 046c5ee81a3e091c67e61b79bb5d7389bb636af8cb502e5c4aa8ba2490f91103

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"772c9544366fcfe112b204d4dd3832de"
age: 115
cf-ray: 9a012a195dbf33a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 9631.b3fd4577081463d7.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 1 KB
1 KB 131ms
131ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/9631.b3fd4577081463d7.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adedbdf5426af7120a28c66dbeb8f3f2d1548b29370600b4a64a2d8867ff4e78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"0a5d2a8ee965bc44b4566964c687f9c7"
age: 115
cf-ray: 9a012a196dc233a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 2640.e641fbdbba306127.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 23 KB
6 KB 87ms
87ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/2640.e641fbdbba306127.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0294daa17eb730398a656f3fc7969852dff41dd3378a3aa7984d4a5812e4c205

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"2a6efd3eb97174d4b3bb0b0b18882e7c"
age: 116
cf-ray: 9a012a196dc633a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 69.891c38aa51761f02.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 174 B
424 B 132ms
131ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/69.891c38aa51761f02.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccb7fe373694182c1f1d6c6548638fdcb17a630f7bce2298a7486281ee48295b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"e09b8b01940a87c573f4bb25aef76d65"
age: 115
cf-ray: 9a012a196dc733a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 9903.028984b3725b8646.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 6 KB
3 KB 143ms
143ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/9903.028984b3725b8646.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61a0b4d2a1839a01a943343cd8628f051dc02bdf9c61efd2a602264805c5fa3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"12183045ebcaec7dce93015dda44a602"
age: 115
cf-ray: 9a012a196dce33a5-TXL
expires: Mon, 17 Nov 2025 22:02:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 4603.8f03778a76db7b4c.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 577 B
693 B 131ms
131ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/4603.8f03778a76db7b4c.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceda53a1d6d7a245271072e6306ab3ecad53be80d39eafdd3e6c3b7911df21ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"fb9587ad8e3196400f2f7d112e651499"
age: 115
cf-ray: 9a012a196dcf33a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 5887.38dfe8f4972123d7.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 574 B
677 B 81ms
80ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/5887.38dfe8f4972123d7.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 319bccafc8f368496df876b9fb77ba025b28e2c2acf39f5819aa26691a9e6a21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"7aaa35391fb03aa282b57b031ed215df"
age: 115
cf-ray: 9a012a196dd033a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 8426.9b51f1b543630185.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 582 B
683 B 107ms
107ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/8426.9b51f1b543630185.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90a9bc0dd3483b43bc6a935e866a0dbb8b6efa8f0a75e70efddd103751b386fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"dc27dc9440398fd3ab75c7d884ff85c0"
age: 115
cf-ray: 9a012a196dd333a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 9777.0d81ee5130895f43.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 7 KB
3 KB 130ms
130ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/9777.0d81ee5130895f43.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97678b8ddc9c4cf7396905777e67898037d1226d01789daf394d368e29a6ae01

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"8fa1f5aef7c545652b6942a446e3d4aa"
age: 115
cf-ray: 9a012a196dd433a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 2068.23444f5a8034a9d3.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 4 KB
2 KB 131ms
130ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/2068.23444f5a8034a9d3.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 005bb91e5fd75f1a2334486d8b15dffbea73c5e9e5fd455051044c6d8db2cfe7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"4bee8b12496169ffbf2aacabbdc8937e"
age: 115
cf-ray: 9a012a196dd533a5-TXL
expires: Mon, 17 Nov 2025 22:02:13 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 7374.72245cff5a9b8347.js Show response
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 95 KB
21 KB 68ms
68ms Script
application/javascript 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/7374.72245cff5a9b8347.js
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/runtime.0935afd84428248f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53576d8269d499ff8d1873b5ee81d77f812e8934510028162a970ebebb3ffa83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://vegashero2.com
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6de2e1672ce089fcbda061482d689f92"
age: 115
cf-ray: 9a012a196dd733a5-TXL
expires: Mon, 17 Nov 2025 22:03:32 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Mon, 17 Nov 2025 09:57:24 GMT
server: cloudflare
priority: u=1,i=?0
vary: Accept-Encoding

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/02fva/0x4AAAAAABfM5zGQSKJYP40V/auto/fbE/new/ Frame F706 0
0 47ms
29ms Document
text/html 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/02fva/0x4AAAAAABfM5zGQSKJYP40V/auto/fbE/new/normal?lang=auto

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.94.41 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'nonce-RIFnWQRbO4Rz9IpA' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms

Request headers

Referer: https://vegashero2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 9a012a19afd7e519-TXL
content-encoding: br
content-security-policy: default-src 'none'; script-src 'nonce-RIFnWQRbO4Rz9IpA' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 17 Nov 2025 18:06:52 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority: u=0,i
referrer-policy: same-origin
server: cloudflare
server-timing: cfExtPri

GET
H3 200 info Show response
vegashero2.com/de/api/v3/system/ 351 B
2 KB 111ms
111ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/system/info

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73fce1a83732acb53b2be9474670ff94bbb61ba9546c72eeceeac3e066501ac1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: 97lTyPdky6OmVw5ld9DbP05dFnJYBm3wtdxNE4O8
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: 3ede55eb-af37-407a-9055-0e3916bc7e25
content-encoding: br
cf-cache-status: HIT
age: 10
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402862959
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:06:42 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=86400
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 23
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a199e4a33a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H3 200 countries Show response
vegashero2.com/de/api/v3/registration/ 26 KB
4 KB 105ms
104ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/registration/countries?externalAffiliateId=249325&limit=300&offset=0

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34a5ff75a8cb066e3553351ebd71024112ea62a608758194b89b16b3d581b12d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: gjwss8OtTFZgTlmQHNMNq2ilOLyGW4gAQW6muTEy
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: 992c870b-a7a4-476b-aa9a-2354c6e9fba9
content-encoding: br
cf-cache-status: HIT
age: 2598
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763400274274
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 17:23:34 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=86400
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 1031
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a199e5033a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H3 200 item Show response
vegashero2.com/de/api/v3/footer/ 381 B
2 KB 113ms
113ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/footer/item

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1922e927c2d1c26d7de13b03c7786b55557723c52d546d5c288137dfb475bff5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: ANi-JEy7xgKI1jya_03cRHtF5gq5sB-uIzxYrmLr
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: 06cf0d81-9900-4850-810c-1074b6afcbed
content-encoding: br
cf-cache-status: HIT
age: 115
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763402757784
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 18:04:57 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=86400
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 30
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a19ae6733a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

POST
H3 200 resolve Show response
vegashero2.com/de/api/v3/comrade/ 405 B
1 KB 140ms
139ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/comrade/resolve

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ef6555df5b46fe7c29fe4b3e32b0a6d97c348179e322bcf7230ec10edbf74a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: bwGLH67Sj-gqW9onnZSjLGQKs5aQh1U5Y22nkLbH
Content-Type: application/json
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: 3dce8e55-92a7-4b32-9a79-bf84d4280b31
content-encoding: br
cf-cache-status: DYNAMIC
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 22
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a19ae6b33a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H3 200 refuse-art.webp
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/images/registration/ 45 KB
45 KB 113ms
112ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/images/registration/refuse-art.webp
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5481edb09453aaf142452e54ed81070a59563686bcc880babb2f8edb0927e4d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "fc99521e1cc86d6134ea9ba20e1930ea"
age: 26533
expires: Mon, 17 Nov 2025 13:58:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
last-modified: Mon, 17 Nov 2025 09:57:33 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a19ae6d33a5-TXL
accept-ranges: bytes
content-length: 46148
server: cloudflare

GET
H3 200 arrow-down.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/ 386 B
737 B 67ms
66ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/arrow-down.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b35986948a6b74b2598f332f761cfa848c058fe9d195b3d2c61f92aec7f5e1c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "b0bbf470960d8c0f4f90d896c7f94d43"
age: 29320
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:12 GMT
cf-polished: origFmt=png, origSize=969
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="arrow-down.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:25 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a19ae7133a5-TXL
accept-ranges: bytes
content-length: 386
server: cloudflare

GET
H3 200 arrow-down-hover.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/ 412 B
767 B 100ms
99ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/arrow-down-hover.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f00a4002c54d02d64c663b997811dca43e094faafff0e218ec719238fe512e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "94050bf5b8157c5eafa369314904c3f3"
age: 29320
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:12 GMT
cf-polished: origFmt=png, origSize=1025
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="arrow-down-hover.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:25 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a19ae7633a5-TXL
accept-ranges: bytes
content-length: 412
server: cloudflare

GET
H3 200 arrow-down-active.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/ 410 B
765 B 129ms
127ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/arrow-down-active.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eb52f0a6b7bea08eaec4f90db8a7547a0d1dc57fb5ccc898c77edf8b2d0e57f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "42110dfda0033f91610e39d3b436bbbf"
age: 29320
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:12 GMT
cf-polished: origFmt=png, origSize=1011
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="arrow-down-active.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:25 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a19ae7b33a5-TXL
accept-ranges: bytes
content-length: 410
server: cloudflare

GET
H3 200 arrow-left.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/ 438 B
790 B 125ms
123ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/arrow-left.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f218f0b8a7dbbdf1f5a8189b47c661eb4af0b084772bf9eebeca58e36a676e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "58ab75f5d05617b06e35e360fa74fd9d"
age: 29223
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:45 GMT
cf-polished: origFmt=png, origSize=661
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="arrow-left.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:25 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a19ae7d33a5-TXL
accept-ranges: bytes
content-length: 438
server: cloudflare

GET
H3 200 arrow-left-hover.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/ 448 B
804 B 113ms
112ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/arrow-left-hover.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f886686a13e43bd2e9f2d487db890a39df44bbdd2543213673654c3e858967

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "26180b91f6733b197c867948e6ce9c3d"
age: 29223
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:45 GMT
cf-polished: origFmt=png, origSize=991
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="arrow-left-hover.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:25 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a19ae7e33a5-TXL
accept-ranges: bytes
content-length: 448
server: cloudflare

GET
H3 200 arrow-left-active.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/ 468 B
824 B 106ms
105ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/arrow-left-active.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9482dc5dbc6af298b7c0264630fdf6370c078b2b4096c542a22d53643df4706

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "c76b45c6d666ae51d50de4e21714b441"
age: 29223
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:45 GMT
cf-polished: origFmt=png, origSize=655
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="arrow-left-active.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:25 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a19ae8033a5-TXL
accept-ranges: bytes
content-length: 468
server: cloudflare

GET
H3 200 close-eye.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/ 832 B
1 KB 118ms
117ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/close-eye.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a14947bcda48b783a71090180c6e2ed10165133fabeda696a78792369f09c0d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "aa70a784468321877e0936e96ee795ef"
age: 29192
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:52 GMT
cf-polished: origFmt=png, origSize=1657
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="close-eye.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:26 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a19ae8133a5-TXL
accept-ranges: bytes
content-length: 832
server: cloudflare

GET
H3 200 close-eye-hover.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/ 974 B
1 KB 155ms
153ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/close-eye-hover.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46153a68b3882e0cf12377195f465d70f4153f4062cb0d4c46b93f3850213342

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "9f6ce6e49158c93f9060b9ad4cecfc04"
age: 29192
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:52 GMT
cf-polished: origFmt=png, origSize=1749
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="close-eye-hover.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:25 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a19ae8633a5-TXL
accept-ranges: bytes
content-length: 974
server: cloudflare

GET
H3 200 close-eye-active.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/ 478 B
832 B 69ms
67ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/close-eye-active.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0d54d1989c2a6391c0953d4ed0095ad0afe944da154e1c1fa44ecf8c2833940

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "129cb52cb5bf17c7e1d6504794eff1bb"
age: 29192
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:52 GMT
cf-polished: origFmt=png, origSize=1067
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="close-eye-active.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:25 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a19ae8833a5-TXL
accept-ranges: bytes
content-length: 478
server: cloudflare

GET
H3 200 logotype.webp
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/images/ 8 KB
9 KB 114ms
112ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/images/logotype.webp
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 880ef04dd777a18769e0be495de3e6c962eed8c95774f39c260e7d6abb7d88fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "54604ad90f451c4b8d637fc6df69fcbe"
age: 27420
expires: Mon, 17 Nov 2025 13:59:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
last-modified: Mon, 17 Nov 2025 09:57:32 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a19ae8c33a5-TXL
accept-ranges: bytes
content-length: 8542
server: cloudflare

GET
H3 200 bg-header-desk.1f7a7a4b73748047.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 16 KB
16 KB 123ms
121ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/bg-header-desk.1f7a7a4b73748047.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2be04bc76bfb9ee25a5034e3ec55abad50ff295759e93516edfbe2bb0e5f6348

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "2c2f07ddc4a9ec6fafc992ebf3987817"
age: 115
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 22:00:40 GMT
cf-polished: origFmt=png, origSize=18823
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="bg-header-desk.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:35 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a19ae8e33a5-TXL
accept-ranges: bytes
content-length: 16118
server: cloudflare

GET
H3 200 grey-line.6891e85fc6d12e7d.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 14 KB
15 KB 107ms
106ms Image
image/png 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/grey-line.6891e85fc6d12e7d.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/styles.ae7eaa0aaba7e744.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3d87eeed2079bc5a48c77feed939710a110db9fd6d64dcc982a1fbe2ea60b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/styles.ae7eaa0aaba7e744.css

Response headers

cf-cache-status: HIT
etag: "c572f48fd2f0a900d80c9377cc1c70cb"
age: 279
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 21:58:21 GMT
cf-polished: origSize=17652, status=webp_bigger
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/png
last-modified: Mon, 17 Nov 2025 09:57:35 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a19ae9033a5-TXL
accept-ranges: bytes
content-length: 14665
server: cloudflare

GET
H3 200 loading.021ae05bc8a92b27.svg
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 896 B
609 B 136ms
135ms Image
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/loading.021ae05bc8a92b27.svg
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/styles.ae7eaa0aaba7e744.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8246381b527647512866b22a99203ca644b689ba2a7bab6962c6010e3027e3c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/styles.ae7eaa0aaba7e744.css

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"3fd7a6d2223c6e4e485c644b2c47609c"
cf-ray: 9a012a19ae9133a5-TXL
expires: Mon, 17 Nov 2025 21:59:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/svg+xml
last-modified: Mon, 17 Nov 2025 09:57:35 GMT
server: cloudflare
priority: u=3,i
vary: Accept-Encoding

GET
H2 200 2067e00e0648a61d680a7ce86b66db07daed071c.js Show response
gamification-widgets.platform-mega.com/srw/ 698 KB
699 KB 27ms
26ms Script
text/plain 185.207.196.148
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://gamification-widgets.platform-mega.com/srw/2067e00e0648a61d680a7ce86b66db07daed071c.js
Requested by: Host: gamification-widgets.platform-mega.com
URL: https://gamification-widgets.platform-mega.com/loader/f441a99041550f4bd8814026cde766e7f8782955.js?widgetName=srw&projectId=c86f7304-6c62-4151-a049-8adda1537075&gatewayUrl=https%3A%2F%2Ftournaments-gateway-prod.platform-mega.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.207.196.148 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b4359d036e41e89a9557d63a0dbc80d7ed971853c5079d8001fa7bfadb5e992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cf-cache-status: HIT
etag: "c971c2bc8575861815cd05b329ae5467"
age: 2106
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=AHC2b5%2Fhb3yx2%2FU%2FpDKJAwbNQnzcJdZnDZfymgYQBOTRPC7sHXN1DqW%2B%2FgVOxKnSjS3Ksq7H0xKZAj2qPpc5qKS3csxhaKX%2FbHwh87RHB%2FAOi%2Fen79jmfIvGxKEVEp%2FitG2I2A%3D%3D"}]}
cf-ray: 9a012a19a97ee51f-TXL
accept-ranges: bytes
content-length: 714636
date: Mon, 17 Nov 2025 18:06:52 GMT
last-modified: Tue, 11 Nov 2025 08:59:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=3855065&ADFPageName=vegashero.com%2Fde&ADFdivider=%7C&ord=67265845293&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJkZSJ9XX0&loc=https%3A%2F%2Fvegashero2.com%2...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3855065&ADFPageName=vegashero.com%2Fde&ADFdivider=%7C&ord=67265845293&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJkZSJ9XX0&loc=https%3A%2F%2Fvegashero2....

819 B
1 KB

26ms
26ms

Script
text/javascript

37.157.5.87
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3855065&ADFPageName=vegashero.com%2Fde&ADFdivider=%7C&ord=67265845293&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJkZSJ9XX0&loc=https%3A%2F%2Fvegashero2.com%2Fde%2Fregistration&CPref=https%3A%2F%2Fvegashero2.com%2Fregistration&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/de/registration

Protocol

Server

37.157.5.87 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

3d3ed8cb93e0c8f6bb6cb7d4d55bf84b2e1c818ef500435783f21013dcf7bd45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET,POST
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: *
server: nginx

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3855065&ADFPageName=vegashero.com%2Fde&ADFdivider=%7C&ord=67265845293&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJkZSJ9XX0&loc=https%3A%2F%2Fvegashero2.com%2Fde%2Fregistration&CPref=https%3A%2F%2Fvegashero2.com%2Fregistration&Set1=de-DE%7Cde-DE%7C1600x1200%7C24
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
expires: -1
access-control-allow-origin: *
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Mon, 17 Nov 2025 18:06:52 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

POST
H2 204 collect Show response
region1.google-analytics.com/g/ 0
556 B 113ms
35ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZEKWJMERCE&gtm=45je5bd0v9222143383z89222132402za200zb9222132402zd9222132402&_p=1763402811367&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&cid=377540365.1763402812&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115583767~115616986~115938465~115938468~116217636~116217638&sid=1763402812&sct=1&seg=0&dl=https%3A%2F%2Fvegashero2.com%2Fde%2Fregistration&dr=https%3A%2F%2Fvegashero2.com%2Fregistration&dt=Vegashero&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1317
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:106:0
report-to: {"group":"ascnsrsggc:106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:106:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://vegashero2.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:106:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect Show response
region1.google-analytics.com/g/ 0
57 B 104ms
35ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZEKWJMERCE&gtm=45je5bd0v9222143383z89222132402za200zb9222132402zd9222132402&_p=1763402811367&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&cid=377540365.1763402812&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=2&tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115583767~115616986~115938465~115938468~116217636~116217638&sid=1763402812&sct=1&seg=0&dl=https%3A%2F%2Fvegashero2.com%2Fde%2Fregistration&dr=https%3A%2F%2Fvegashero2.com%2Fregistration&dt=Vegashero&en=clickEvent_popup_show&ep.action=Popup&ep.label=languageSwitcher&ep.eventType=manual&ep.eventName=popup_show&_et=18&up.visitorId=wrX_BHpB_DdFqjAKJwKTp&tfd=1339
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:106:0
report-to: {"group":"ascnsrsggc:106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:106:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://vegashero2.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:106:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 bb8fd6ea-93bd-4657-95e0-6359134ccbba-download.svg
vegashero2.com/dimg/v2/footer/ 1 KB
993 B 40ms
39ms Image
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://vegashero2.com/dimg/v2/footer/bb8fd6ea-93bd-4657-95e0-6359134ccbba-download.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/de/registration

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3adbdddf7adeffac841141bbc84c8a2816c32dc35bdc6c86153cf457f10553b8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"7913558763d794544ed4807ea268a037-1"
age: 953787
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/svg+xml
last-modified: Mon, 16 Jun 2025 11:27:35 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
content-security-policy: block-all-mixed-content
x-front-cache-status: HIT
x-amz-request-id: 1875587AE3FF8141
cf-ray: 9a012a1a68f533a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 collect Show response
region1.google-analytics.com/g/ 0
57 B 84ms
37ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZEKWJMERCE&gtm=45je5bd0v9222143383za200zb9222132402zd9222132402&_p=1763402811367&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&gdid=dMmY1Mm&cid=377540365.1763402812&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=AEA&_s=3&tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115583767~115616986~115938465~115938468~116217636~116217638&sid=1763402812&sct=1&seg=0&dl=https%3A%2F%2Fvegashero2.com%2Fde%2Fregistration&dr=https%3A%2F%2Fvegashero2.com%2Fregistration&dt=Vegashero&en=scroll&epn.percent_scrolled=90&_et=2&tfd=1363
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:106:0
report-to: {"group":"ascnsrsggc:106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:106:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://vegashero2.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:106:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 list Show response
vegashero2.com/de/api/v3/promotion/ 15 KB
6 KB 68ms
68ms XHR
application/json 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/de/api/v3/promotion/list?affiliateExternalId=249325&category=welcome

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dac9a6ad1e8bc32ca4f902ea2461f6a2e6b2fa3ba92081fb016637a12054694

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
X-Content-Type-Options	nosniff, nosniff always
X-Frame-Options	SAMEORIGIN always
X-Xss-Protection	0, 1; mode=block always

Request headers

Referer: https://vegashero2.com/de/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-request-client-id: FeUvcBMZ9gMThLBPEgXOXSNVLEEfh4EhGt9thcTq
visitor-id: wrX_BHpB_DdFqjAKJwKTp

Response headers

x-request-id: ddee0678-ee65-43bd-9b8f-ed5be055916f
content-encoding: br
cf-cache-status: HIT
age: 2598
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff, nosniff always
alt-svc: h3=":443"; ma=86400
cf-ttl: 1763400274316
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 17 Nov 2025 17:23:34 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN always
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains; preload always
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://m.cvoz8476l.com https://m.j67z85nx4.com https://static.j67z85nx4.com https://pgf-euy2bt.com https://pgwhois.com https://m.pgwhois.com https://static.pgwhois.com https://static.pgf-euy2bt.com https://m.pgf-euy2bt.com https://in.hotjar.com https://ws5.hotjar.com wss://ws5.hotjar.com https://pg-nmga.com https://m.pg-nmga.com https://static.pg-nmga.com https://pgf-nmu2nd.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://secure.mifinity.com https://demo.mifinity.com https://cdn.switchpayments.com https://1-vbus-eu.ladesk.com https://vars.hotjar.com; img-src 'self' data: https://dev.visualwebsiteoptimizer.com https://my.rtmark.net https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.google.de; manifest-src 'self'; media-src 'self'; report-uri https://60ab6379c3b8cdd26efe1969.endpoint.csper.io/; worker-src 'self';
cache-control: s-maxage=86400
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 107
referrer-policy: no-referrer, no-referrer-when-downgrade
x-download-options: noopen
cf-ray: 9a012a1a99a933a5-TXL
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block always
server: cloudflare

GET
H2 200 tracker.js Show response
tracker.ads.sportradar.com/dist/ 27 KB
7 KB 83ms
47ms Script
application/javascript 2a02:26f0:7100::210:139
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://tracker.ads.sportradar.com/dist/tracker.js
Requested by: Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAABAQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::210:139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2522e3f24f318e5c2d998482e9dbb933566aa4eb8b55bccbfff48c91505d27ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=900, public
content-encoding: gzip
etag: "aabe4acdb23c936870089af58cfefc81"
accept-ranges: bytes
content-length: 6455
x-amz-cf-id: YJXHyxEzXlmlDSzA7QtecL8oJDxObRLBTAZEvx2GBO6EdR41d9GNeA==
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Fri, 08 Aug 2025 07:29:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P13
x-amz-server-side-encryption: AES256

GET
H2

200

pixel Show response
a.sportradarserving.com/ul_cb/
Redirect Chain

https://a.sportradarserving.com/pixel?type=js&aid=3187&id=1002227
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=3187&id=1002227

1 KB
2 KB

50ms
49ms

Script
text/javascript

35.214.183.184
GOOGLE-2

General

Check archive.org

Download Go to

Full URL: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=3187&id=1002227
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H2
Server: 35.214.183.184 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 184.183.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 8a0204f9fcb4ce6b0e0c448a963717c4aa1b589d60a1d59360a38d9d5c4d0adf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1527
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: text/javascript; charset=UTF-8

Redirect headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=3187&id=1002227
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 18:06:52 GMT

GET
H3 200 casino.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/images/registration/ 4 KB
4 KB 86ms
85ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/images/registration/casino.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bfa108a175ecc62b8a557edb1bb1b0f8a618149a5b42743139a0b96685a1bf5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "f717b3a5274e4c3e9c799737d599901e"
age: 26533
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:52 GMT
cf-polished: origFmt=png, origSize=3953
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="casino.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:33 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a1b4bab33a5-TXL
accept-ranges: bytes
content-length: 3688
server: cloudflare

GET
H3 200 sport.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/images/registration/ 3 KB
4 KB 62ms
61ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/images/registration/sport.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70c67c009a651e7caa03f7b09dcd6ac8a7daa7e75b6806a039f0b771bad0296b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "30f26dbd3e7b83f232f60b4a04a66991"
age: 26533
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:52 GMT
cf-polished: origFmt=png, origSize=3959
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="sport.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:33 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a1b4bb233a5-TXL
accept-ranges: bytes
content-length: 3580
server: cloudflare

GET
H3 200 promo.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/images/registration/ 3 KB
3 KB 103ms
103ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/images/registration/promo.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 004c7d3fd8f5d37fe5a229c662eb920702d5adae0136473a65650cc9fe98da2e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "14a7dc18511a8587fdb0f6e0c06bb766"
age: 26533
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:52 GMT
cf-polished: origFmt=png, origSize=3368
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="promo.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:33 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a1b4bb533a5-TXL
accept-ranges: bytes
content-length: 3044
server: cloudflare

GET
H3 200 without-bonus.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/images/registration/ 3 KB
3 KB 119ms
118ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/images/registration/without-bonus.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f5d0c4cfab5775f118873a913e08186463514be404d85e884ede60f806f80cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "1b135e26fe493ca89e560e84cc56b533"
age: 26533
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:52 GMT
cf-polished: origFmt=png, origSize=3471
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="without-bonus.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:33 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a1b4bb933a5-TXL
accept-ranges: bytes
content-length: 3110
server: cloudflare

GET
H3 200 promotions.png
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/ 768 B
1 KB 73ms
72ms Image
image/webp 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/assets/icons/icons-color/promotions.png
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa2e9b3c8836c24b40cb49b5cfc01771f853dc3e0fbd2da1729da44cfc652d2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cf-cache-status: HIT
etag: "d55073e8a9afaca85f18fed4f08626e0"
age: 29320
cf-bgj: imgq:85,h2pri
expires: Mon, 17 Nov 2025 13:58:12 GMT
cf-polished: origFmt=png, origSize=1857
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/webp
content-disposition: inline; filename="promotions.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 17 Nov 2025 09:57:27 GMT
priority: u=3,i
cache-control: public, max-age=14400
cf-ray: 9a012a1b4bbd33a5-TXL
accept-ranges: bytes
content-length: 768
server: cloudflare

GET
H2 200 sync
rtg.admaxium.com/ 43 B
319 B 157ms
146ms Image
image/gif 2606:4700::6812:13e
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://rtg.admaxium.com/sync?ref=https%3A%2F%2Fvegashero2.com%2Fregistration&lp=https%3A%2F%2Fvegashero2.com%2Fde%2Fregistration&sh=1200&sw=1600&requestedAt=1763402812679

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/de/registration

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

x-request-id: f1381005-f7da-4995-8d3c-923e00441fd4
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif
content-disposition: inline; filename="pixel.gif"; filename*=UTF-8''pixel.gif
x-runtime: 0.004732
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: no-cache
content-transfer-encoding: binary
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9a012a1b5c2ae567-TXL
content-length: 43
x-xss-protection: 0
server: cloudflare

GET
H/1.1 200
OK ca.html Show response
20872977p.rfihub.com/ Frame 4760 5 KB
6 KB 138ms
35ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Download Go to

Full URL: https://20872977p.rfihub.com/ca.html?ver=9&rb=55629&ca=20872977&_o=55629&_t=20872977&pe=https%3A%2F%2Fvegashero2.com%2Fde%2Fregistration&pf=https%3A%2F%2Fvegashero2.com%2Fregistration&ra=16429135775957737
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 24c0b7b638e83fd66fbd29175f2a7f4cb075f1ac520d19a6e2f32bb8f0a92a88

Request headers

Referer: https://vegashero2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Content-Length: 4955
Content-Type: text/html;charset=utf-8
Date: Mon, 17 Nov 2025 18:06:52 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

OPTIONS
H3 204 time-sync
tournaments-gateway-prod.platform-mega.com/ Frame 0
0 49ms
49ms Preflight 185.207.196.148
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://tournaments-gateway-prod.platform-mega.com/time-sync
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.196.148 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authentication,content-type
Access-Control-Request-Method: GET
Origin: https://vegashero2.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authentication,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 9a012a1b7b6ee522-TXL
date: Mon, 17 Nov 2025 18:06:52 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
priority: u=1,i
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=5SqPvW%2FGAuTNQeL5bBLAJu7qHkWddFoqQuq5br2kVgBXRet3YBbsIDHKp5Lpj6RF8P%2FQ4SvJ9H9PNhxCURZAZhOS%2BDSGkrqrpUbE%2BUFjy%2F%2BXRhiZ0r9sw1q0EcSq%2FbwCa5skMQ%2BRnPw%3D"}]}
server: cloudflare
server-timing: cfExtPri
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 2

GET
H3 200 time-sync Show response
tournaments-gateway-prod.platform-mega.com/ 140 B
632 B 59ms
59ms Fetch
application/json 185.207.196.148
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://tournaments-gateway-prod.platform-mega.com/time-sync
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.196.148 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ca3444d424dbd27b837c82a4b17692bab71a6a4cba4058a698d283f32e7ba7

Request headers

Referer: https://vegashero2.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
authentication: eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHRlcm5hbEJyYW5kSWQiOiI5OTY2OThhZS03OTIwLTRhYTYtOTgyOS1hN2MxMTk4ZWE5OGQiLCJjdXJyZW5jeSI6IkVVUiIsImNvdW50cnkiOiJERSIsInB1YmxpY1BsYXRmb3JtSWQiOiIyM2ZmOWRlMC00OTM0LTQ5MDktOTUyMC02NTgzMTliOGY5ZmUiLCJpYXQiOjE3NjM0MDI2OTYsImV4cCI6MTc2MzQ4OTA5Nn0.Wzx1WUE7VhN2PpXu0UgGFVadUlakNgk_o043FEHk_tCS06gF2OwN8LMnuB0CUBbo8Arpmf42u-PX9-dkh5A-UhpYnnEiBSOsbxVGseZqgUteuM71o9ZhG0f2FNS4kaCxnnMqT0fN3bmALHsV_a6YVUvWJXzCKIZ_mMLxtnyHqwhkESLY7HtDxdCmggQrz6w2rKwxZFNDZ-L35JV_qNsGlIj_A0oO0nr6jF7KORjmzPdjkvg_oP3IE_ufIpCjEedhSAdFQbQaDnmMFSrDsZXdSZS4FBCTS1wNNmUFa9kKnnS7_bAXTdMTpRFfR0wYta4lyi13EL1Gcwt-tyPnh2Y8EA
Content-Type: application/json

Response headers

x-request-id: ad0fc63f-1f95-41ab-a8f8-34e493179014
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 13
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Nn3yq2b1coEYyHhwqOu%2FqUqgcQDSQ9Ddssuxl1hjXZwmDPMK5F8uTzQIkbRKyykj0ReowI8fPt08C5TrbYDUE7aQ%2FWcEmDrjO9v1%2FUk4stTtcwY3SsbFxcQ7e3f3KKfu0TQljymzlX4%3D"}]}
cf-ray: 9a012a1bcc6fe522-TXL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/json; charset=utf-8
server: cloudflare
priority: u=1,i

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 3FB3 4 KB
2 KB 100ms
25ms Document
text/html 37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/Serving/TrackPoint/?pm=3855065&ADFPageName=vegashero.com%2Fde&ADFdivider=%7C&ord=67265845293&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwaWQiOiJkZSJ9XX0&loc=https%3A%2F%2Fvegashero2.com%2Fde%2Fregistration&CPref=https%3A%2F%2Fvegashero2.com%2Fregistration&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

f2ae3158daef483eaa221b920ee478c2bda0757f3880ce6bddb66a477e9da203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vegashero2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 17 Nov 2025 18:06:52 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
605 B 107ms
26ms Image
image/gif 37.157.5.49
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=3222801662044230557&stamp=G95mV9-78LIDvP-67D9Y4w2

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/de/registration

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.5.49 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: private
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 sp-3.8.0.js Show response
tracker.ads.sportradar.com/dist// 72 KB
24 KB 36ms
36ms Script
application/javascript 2a02:26f0:7100::210:139
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://tracker.ads.sportradar.com/dist//sp-3.8.0.js
Requested by: Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::210:139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdcfff76b1a267221f3557b2eeb6b4b28f87eceefae0e25f328ef63c0cb1778f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=900, public
content-encoding: gzip
etag: "902739d7e2c1e6b737f4f675c76baa27"
accept-ranges: bytes
content-length: 23984
x-amz-cf-id: 9Vm1rPJcVl9xYwPFNmuAk4H13D0oVrTJHNTQU8YtGWs1kJq2KsmKhQ==
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/javascript
last-modified: Fri, 08 Aug 2025 07:29:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P13
x-amz-server-side-encryption: AES256

GET
H2 200 plf
c1.adform.net/imatch/ Frame 3FB3 0
384 B 29ms
24ms Image
text/plain 37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Mon, 17 Nov 2025 18:06:52 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame 3FB3 43 B
199 B 155ms
48ms Image
image/gif 52.17.172.159
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=3222801662044230557&Expiration=1764612412
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.17.172.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-172-159.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 3FB3 0
235 B 108ms
40ms Image
text/plain 95.100.184.137
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=3222801662044230557
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.184.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-184-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Expires: Sun, 16 Nov 2025 18:06:52 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Date: Mon, 17 Nov 2025 18:06:52 GMT
Connection: keep-alive

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 3FB3 0
214 B 137ms
31ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=3222801662044230557
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 , Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: d648bb3ffc4646e95f19f49a648b3846
Pragma: no-cache

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame 3FB3 0
59 B 105ms
28ms Image
text/plain 52.29.115.198
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3222801662044230557&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.115.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-115-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: text/plain; charset=UTF-8
content-length: 0

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 3FB3 43 B
114 B 140ms
38ms Image
image/gif 149.202.238.105
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=3222801662044230557&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 149.202.238.105 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip105.ip-149-202-238.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: image/gif

GET
H/1.1 200
OK u
user-sync.fwmrm.net/ad/ Frame 3FB3 43 B
504 B 168ms
33ms Image
image/gif 3.69.181.172
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://user-sync.fwmrm.net/ad/u?mode=user-register&dspid=55&dspuid=3222801662044230557
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.69.181.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-181-172.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2ddeade3a8991666b89f2a0c3aaba4508852838488781e260d45bc886f1172a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Cache-Control: no-store
Pragma: no-cache
Connection: keep-alive
Expires: 0
X-Fw-Request-Id: umv1515_1763402812589530607
Content-Length: 43
Keep-Alive: timeout=300
Date: Mon, 17 Nov 2025 18:06:52 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Content-Type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 3FB3 43 B
92 B 143ms
37ms Image
image/gif 35.214.136.108
GOOGLE-2

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=3222801662044230557
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3FB3
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3222801662044230557&expiration=1764612412
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3222801662044230557&expiration=1764612412&C=1

43 B
720 B

45ms
45ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3222801662044230557&expiration=1764612412&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H3
Server: 104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oUrGACyAsdfHSoMZ2AuYYBOOBY%2BAW%2FfVfsQUA7E%2FoFor%2BJtd%2FrDQitXPQlR5Oisf8yXzMgeF2H4bINKG2p9cyBj2M3XH07aXFNX9ktu4wnMCAptijQ%3D%3D"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif
vary: accept-encoding
priority: u=1,i
cache-control: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 9a012a1ca8d3e508-TXL
content-length: 43
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=C%2BLbxxEw05xWuZ7eauefJNlidlGdTSUOiP3WKtPakPm%2FIOF4EqCygQ04%2B6IyELDgpQYOqQiRltsxMDIqMZ%2FtkQbTEWQJCVyktNqoSgwxE0MyxiZbrw%3D%3D"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Mon, 17 Nov 2025 18:06:52 GMT
vary: accept-encoding
priority: u=1,i
cache-control: no-cache
location: /rum?cm_dsp_id=111&external_user_id=3222801662044230557&expiration=1764612412&C=1
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 9a012a1c6820e508-TXL
content-length: 0
server: cloudflare

GET
H/1.1 200
OK info
uipglob.semasio.net/adform/1/ Frame 3FB3 42 B
239 B 115ms
33ms Image
image/gif 77.243.51.122
NETIC-AS Netic A/S

General

Check archive.org

Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=3222801662044230557&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.51.122 Aalborg, Denmark, ASN42697 (NETIC-AS Netic A/S, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

access-control-allow-origin: *
routing-server-id: -1
uip-response-status: Ok
frontend-id: 6
date: Mon, 17 Nov 2025 18:06:52 GMT
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 3FB3 0
344 B 130ms
35ms Image
text/plain 3.120.214.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=3222801662044230557&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Content-Length: 0
Date: Mon, 17 Nov 2025 18:06:52 GMT
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

204

pixel.gif
load77.exelator.com/ Frame 3FB3
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3222801662044230557
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3222801662044230557&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

0
93 B

426ms
132ms

Image
text/plain

50.16.197.56
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

server-timing: total;dur=0.000
date: Mon, 17 Nov 2025 18:06:53 GMT
etag: "691b09ce-0"
server: nginx

Redirect headers

cache-control: no-cache
location: https://load77.exelator.com/pixel.gif
access-control-allow-credentials: true
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/gif
x-powered-by: Undertow/1
server: nginx

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame 3FB3 0
98 B 111ms
39ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=3222801662044230557
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 17 Nov 2025 18:06:52 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 3FB3 49 B
268 B 156ms
45ms Image
image/gif 54.220.174.14
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://sync.crwdcntrl.net/qmap?c=6466&tp=ADFM&tpid=3222801662044230557

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.220.174.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-174-14.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache
pragma: no-cache
expires: 0
access-control-allow-origin: *
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 49
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 3FB3 43 B
278 B 139ms
42ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3222801662044230557
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 193.32.248.216
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 17 Nov 2025 18:06:51 GMT
content-type: image/gif
vary: Accept

GET
H2

200

/
dsp-cookie.adfarm1.adition.com/ Frame 3FB3
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=3222801662044230557
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12025111718a3bbc8e93450a514fad&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=aeb7746fbf805e00f1e60c7c6133e89b&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNTExMTcxOGEzYmJjOGU5MzQ1MGE1MTRmYWQ&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESENzwwPbnVgEfLC3SPB7cYec&gdpr_consent=&gdpr=0&google_cver=1
https://dsp-cookie.adfarm1.adition.com/?ssp=6&gdpr_consent=&gdpr=1

0
170 B

99ms
30ms

Image
text/plain

80.82.210.217
MYLOC-AS WIIT AG

General

Check archive.org

Download Go to Show image

Full URL: https://dsp-cookie.adfarm1.adition.com/?ssp=6&gdpr_consent=&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Server: 80.82.210.217 Wuppertal, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

content-length: 0
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Mon, 17 Nov 2025 18:06:53 GMT
x-envoy-upstream-service-time: 0
server: envoy

Redirect headers

Transfer-Encoding: chunked
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Location: https://dsp-cookie.adfarm1.adition.com/?ssp=6&gdpr_consent=&gdpr=1
Pragma: no-cache
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *
Date: Mon, 17 Nov 2025 18:06:53 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Mon, 17 Nov 2025 18:06:53 GMT
Server: nginx

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 3FB3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzIyMjgwMTY2MjA0NDIzMDU1Nw
https://c1.adform.net/serving/cookie/match/?party=1&google_error=3

35 B
590 B

30ms
24ms

Image
image/gif

37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_error=3

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Protocol

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

cache-control: no-cache, must-revalidate
location: https://c1.adform.net/serving/cookie/match/?party=1&google_error=3
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 267
date: Mon, 17 Nov 2025 18:06:52 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET getuid
secure.adnxs.com/ Frame 3FB3 0
0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 3FB3 0
252 B 106ms
32ms Image
text/html 103.231.98.109
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3222801662044230557

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.231.98.109 , Japan, ASN62713 (AS-PUBMATIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H2 200 plf
c1.adform.net/imatch/ Frame 3FB3 0
384 B 26ms
24ms Image
text/plain 37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Mon, 17 Nov 2025 18:06:52 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 3FB3 43 B
445 B 155ms
31ms Image
image/gif 18.173.205.128
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-128.fra56.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

Age: 84844
Connection: keep-alive
Via: 1.1 4966f878e5166e8661305465727dd124.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
Content-Length: 43
X-Amz-Cf-Id: aCpm516fxIQjanYhSjLVCcDMH_op6HJW2wHSMpaN0EnMJ4QAziGHPg==
Date: Sun, 16 Nov 2025 18:32:48 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.24.0
X-Amz-Cf-Pop: FRA56-P12

GET
H3

200

p
a.audrte.com/ Frame 3FB3
Redirect Chain

https://a.audrte.com/a?adform_uid=3222801662044230557
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWkzZ2k2bXUtYjh3YlNJMEtUY1NCODEwaURnaEhKdy1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1...
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bWkzZ2k2bXUtYjh3YlNJMEtUY1NCODEwaURnaEhKdy1hZA%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&aruid=mi3gi6mu-b8wbSI0KTcSB810iDghHJw-ad&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
87 B

47ms
46ms

Image
image/png

34.102.136.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H3
Server: 34.102.136.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.136.102.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
date: Mon, 17 Nov 2025 18:06:53 GMT
x-cloud-trace-context: d5094e113d8c13a940793022af81c1ee
content-type: image/png
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server: Google Frontend

Redirect headers

location: https://a.audrte.com:443/p
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: text/html
x-cloud-trace-context: 6c662c2d84e6c7d9b4275665747ac03e
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server: Google Frontend

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 3FB3
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=3222801662044230557&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=3222801662044230557&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=05141824773391845900504280628775553245&noredirect=1

35 B
590 B

29ms
24ms

Image
image/gif

37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=05141824773391845900504280628775553245&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Protocol

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=05141824773391845900504280628775553245&noredirect=1
dcs: dcs-prod-irl1-1-v081-0d6540120.edge-irl1.demdex.com 5 ms
pragma: no-cache
x-tid: NOc42JEIRA0=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 17 Nov 2025 18:06:53 GMT

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 3FB3 0
307 B 102ms
29ms Image
text/plain 3.122.165.18
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=3222801662044230557
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.165.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-165-18.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: GET, OPTIONS
expires: 0
access-control-allow-origin: *
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date: Mon, 17 Nov 2025 18:06:52 GMT
server: AAWebServer
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 3FB3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://c1.adform.net/serving/cookie/match/?party=1049&cid=7573757407285344620

35 B
599 B

30ms
27ms

Image
image/gif

37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1049&cid=7573757407285344620

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Protocol

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

Location: https://c1.adform.net/serving/cookie/match/?party=1049&cid=7573757407285344620
Content-Length: 0
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Date: Mon, 17 Nov 2025 18:06:52 GMT
Server: nginx
Connection: keep-alive

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 3FB3
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=awnApot71Vl3CQ5

35 B
590 B

28ms
22ms

Image
image/gif

37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=awnApot71Vl3CQ5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Protocol

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: no-cache, must-revalidate
location: https://c1.adform.net/serving/cookie/match?party=1084&cid=awnApot71Vl3CQ5
pragma: no-cache
via: 1.1 google
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 17 Nov 2025 18:06:52 GMT
server: PingMatch/v2.0.30-837-g97d465c#main edge-prod-euw1-9f0f@europe-west1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3FB3 70 B
149 B 144ms
46ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

content-length: 70
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif
server: Kestrel

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame 3FB3 43 B
1 KB 176ms
53ms Image
image/gif 141.95.98.64
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=3222801662044230557

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 3FB3
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3670500618
https://c1.adform.net/serving/cookie/match/?party=1145&cid=3kXntUEVQNUrvNh6DdFf/e

35 B
590 B

41ms
39ms

Image
image/gif

37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1145&cid=3kXntUEVQNUrvNh6DdFf/e

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Protocol

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
location: https://c1.adform.net/serving/cookie/match/?party=1145&cid=3kXntUEVQNUrvNh6DdFf/e
pragma: no-cache
via: 1.1 google
expires: Tue, 03 Jul 2001 06:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
date: Mon, 17 Nov 2025 18:06:52 GMT
last-modified: Mon, 17 Nov 2025 18:06:52 GMT
vary: Origin
server: Weborama Collect Frontend

GET
H2 200 um
sync.teads.tv/ Frame 3FB3 23 B
281 B 141ms
56ms Image
image/gif 2a04:4e42:600::644
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=3222801662044230557
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: pekko-http/1.1.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

x-user-geo: EU-WEST-1
cache-control: max-age=0, no-cache, no-store
x-timer: S1763402813.946543,VS0,VE25
x-check-cacheable: NO
via: 1.1 varnish
accept-ranges: bytes
x-cache: MISS
content-length: 23
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif
x-served-by: cache-fra-eddf8230173-FRA
server: pekko-http/1.1.0
x-cache-hits: 0
traffic-path: DUBDC2, FRA, Europe

GET
H2 204 /
s.ad.smaato.net/c/ Frame 3FB3 0
66 B 113ms
35ms Image
text/plain 34.1.242.226
GOOGLE-2

General

Check archive.org

Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=3222801662044230557
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.1.242.226 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 226.242.1.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

via: 1.1 google
date: Mon, 17 Nov 2025 18:06:52 GMT
cache-control: no-cache, must-revalidate

GET
H2 200 3222801662044230557
match.contentexchange.me/adform/ Frame 3FB3 0
49 B 153ms
52ms Image
text/plain 91.185.218.28
MNSHA-AS Mainstre...

General

Check archive.org

Download Go to Show image

Full URL: https://match.contentexchange.me/adform/3222801662044230557?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.185.218.28 , Slovenia, ASN51859 (MNSHA-AS Mainstream doo Beograd, RS),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

date: Mon, 17 Nov 2025 18:06:52 GMT
server: nginx/1.24.0
content-length: 0

GET
H2 200 set_user_agent_id_mapping
cookie-matching.mediarithmics.com/v1/ Frame 3FB3 70 B
180 B 145ms
37ms Image
image/png 54.36.150.183
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL

https://cookie-matching.mediarithmics.com/v1/set_user_agent_id_mapping?dom_token=adform25&identifier=3222801662044230557

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.36.150.183 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip183.ip-54-36-150.eu

Software

Resource Hash

f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=63072000;includeSubDomains;preload
content-length: 70
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/png

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 3FB3 35 B
99 B 121ms
39ms Image
image/gif 37.187.82.52
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.onaudience.com/?mapped=3222801662044230557&partner=68
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.82.52 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns31746890.ip-37-187-82.eu
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

content-type: image/gif
content-length: 35

GET
H2 200 xuid
eb2.3lift.com/ Frame 3FB3 37 B
140 B 88ms
29ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=3222801662044230557&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif

GET
H2 204 put
e1.emxdgt.com/ Frame 3FB3 0
44 B 140ms
32ms Image
text/plain 35.156.243.179
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=3222801662044230557
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.243.179 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-243-179.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

date: Mon, 17 Nov 2025 18:06:52 GMT
server: awselb/2.0

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 3FB3 35 B
99 B 124ms
40ms Image
image/gif 37.187.82.52
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=290&mapped=3222801662044230557
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.187.82.52 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns31746890.ip-37-187-82.eu
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

content-type: image/gif
content-length: 35

GET
H2 200 /
onetag-sys.com/match/ Frame 3FB3 0
232 B 96ms
29ms Image
text/plain 51.89.9.251
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=220&uid=3222801662044230557

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
date: Mon, 17 Nov 2025 18:06:52 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 3FB3 0
384 B 27ms
25ms Image
text/plain 37.157.2.235
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://c1.adform.net/imatch/pixels?bt=0&uid=3222801662044230557&agencyId=7946&advertiserId=2226470&src=tp&rnd=7408

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Mon, 17 Nov 2025 18:06:52 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

OPTIONS
H3 204 icons
tournaments-gateway-prod.platform-mega.com/tournament-widget/ Frame 0
0 51ms
51ms Preflight 185.207.196.148
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://tournaments-gateway-prod.platform-mega.com/tournament-widget/icons
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.196.148 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authentication,content-type
Access-Control-Request-Method: GET
Origin: https://vegashero2.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authentication,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 9a012a1c4e2de522-TXL
date: Mon, 17 Nov 2025 18:06:52 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
priority: u=1,i
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=WEZqap%2Bq%2BiNtwigLnCVgv7J9EKxpEsaWFXZ1TFlBZ8c4v4411%2BJfRpgbfjwy9INe1DwPJxBG%2BocFhxctlNbyZh6pHZEFTU2Bb9UnQzRpH%2FiKlJT9loUY4zhcsoJ5ZRd%2BY0UhHnu6RtE%3D"}]}
server: cloudflare
server-timing: cfExtPri
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 4

OPTIONS
H3 204 tournaments
tournaments-gateway-prod.platform-mega.com/ Frame 0
0 52ms
52ms Preflight 185.207.196.148
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://tournaments-gateway-prod.platform-mega.com/tournaments
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.196.148 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authentication,content-type
Access-Control-Request-Method: GET
Origin: https://vegashero2.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authentication,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 9a012a1c4e31e522-TXL
date: Mon, 17 Nov 2025 18:06:52 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
priority: u=1,i
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=gKKugfPrziO3SBESP%2BYTTBUU4dKHZuzdzf%2FWxr4tE1N0y3GTQgONreTSiurGau3ePuXRLjg3KqMWNxcXqqhCk6JSHBoS02RXNKMMDdsHRRrqU7llnyqjfzbQ2QHIgxm9branFN1f1MI%3D"}]}
server: cloudflare
server-timing: cfExtPri
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 4

OPTIONS
H3 204 translations
tournaments-gateway-prod.platform-mega.com/tournament-widget/locales/de/ Frame 0
0 46ms
46ms Preflight 185.207.196.148
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://tournaments-gateway-prod.platform-mega.com/tournament-widget/locales/de/translations
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.196.148 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authentication,content-type
Access-Control-Request-Method: GET
Origin: https://vegashero2.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authentication,content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 9a012a1c4e32e522-TXL
date: Mon, 17 Nov 2025 18:06:52 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
priority: u=1,i
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=QcHsQ2TfEdQO%2F6Ed67YcDrdt43zAkmiRZStzMIO6tn2hVlwJJbFLQ8sg58f06aHYTJlQOQvGFc48Du8F5wthrUCtbClQEpbSn%2BtHOAco41BZJH5FzKwKv3SviF0s70BqeGot0KX%2BIE0%3D"}]}
server: cloudflare
server-timing: cfExtPri
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 2

GET
H3 200 icons Show response
tournaments-gateway-prod.platform-mega.com/tournament-widget/ 4 KB
2 KB 85ms
84ms Fetch
application/json 185.207.196.148
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://tournaments-gateway-prod.platform-mega.com/tournament-widget/icons
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.196.148 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e4b3b126009a3cb3f083a6f74f717cd2c82f486cd66839ea2f810a767784ada

Request headers

Referer: https://vegashero2.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
authentication: eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHRlcm5hbEJyYW5kSWQiOiI5OTY2OThhZS03OTIwLTRhYTYtOTgyOS1hN2MxMTk4ZWE5OGQiLCJjdXJyZW5jeSI6IkVVUiIsImNvdW50cnkiOiJERSIsInB1YmxpY1BsYXRmb3JtSWQiOiIyM2ZmOWRlMC00OTM0LTQ5MDktOTUyMC02NTgzMTliOGY5ZmUiLCJpYXQiOjE3NjM0MDI2OTYsImV4cCI6MTc2MzQ4OTA5Nn0.Wzx1WUE7VhN2PpXu0UgGFVadUlakNgk_o043FEHk_tCS06gF2OwN8LMnuB0CUBbo8Arpmf42u-PX9-dkh5A-UhpYnnEiBSOsbxVGseZqgUteuM71o9ZhG0f2FNS4kaCxnnMqT0fN3bmALHsV_a6YVUvWJXzCKIZ_mMLxtnyHqwhkESLY7HtDxdCmggQrz6w2rKwxZFNDZ-L35JV_qNsGlIj_A0oO0nr6jF7KORjmzPdjkvg_oP3IE_ufIpCjEedhSAdFQbQaDnmMFSrDsZXdSZS4FBCTS1wNNmUFa9kKnnS7_bAXTdMTpRFfR0wYta4lyi13EL1Gcwt-tyPnh2Y8EA
Content-Type: application/json

Response headers

x-request-id: 8ef5ccf3-d088-4cb7-a5c2-ea1baab2f858
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 27
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=52SmQ%2Fv3HOyqceW8YrPtKBngnRjqdaGxeeWqqBMZkABawfFZFekkQgBZTrko3yRlaCohqoIrCUE%2BigxgzQ%2F5LjXQAU0XSLmfqSx0ZP0EXYU678nsakuRK%2FgEg%2FqB3eYMcHwBEeiQs78%3D"}]}
cf-ray: 9a012a1c9f42e522-TXL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/json; charset=utf-8
server: cloudflare
priority: u=1,i

GET
H3 200 tournaments Show response
tournaments-gateway-prod.platform-mega.com/ 238 KB
4 KB 170ms
170ms Fetch
application/json 185.207.196.148
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://tournaments-gateway-prod.platform-mega.com/tournaments
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.196.148 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b46fe54b974272ee7e091746bda42c14d9b697309bc311e58cfb66178a64b2be

Request headers

Referer: https://vegashero2.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
authentication: eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHRlcm5hbEJyYW5kSWQiOiI5OTY2OThhZS03OTIwLTRhYTYtOTgyOS1hN2MxMTk4ZWE5OGQiLCJjdXJyZW5jeSI6IkVVUiIsImNvdW50cnkiOiJERSIsInB1YmxpY1BsYXRmb3JtSWQiOiIyM2ZmOWRlMC00OTM0LTQ5MDktOTUyMC02NTgzMTliOGY5ZmUiLCJpYXQiOjE3NjM0MDI2OTYsImV4cCI6MTc2MzQ4OTA5Nn0.Wzx1WUE7VhN2PpXu0UgGFVadUlakNgk_o043FEHk_tCS06gF2OwN8LMnuB0CUBbo8Arpmf42u-PX9-dkh5A-UhpYnnEiBSOsbxVGseZqgUteuM71o9ZhG0f2FNS4kaCxnnMqT0fN3bmALHsV_a6YVUvWJXzCKIZ_mMLxtnyHqwhkESLY7HtDxdCmggQrz6w2rKwxZFNDZ-L35JV_qNsGlIj_A0oO0nr6jF7KORjmzPdjkvg_oP3IE_ufIpCjEedhSAdFQbQaDnmMFSrDsZXdSZS4FBCTS1wNNmUFa9kKnnS7_bAXTdMTpRFfR0wYta4lyi13EL1Gcwt-tyPnh2Y8EA
Content-Type: application/json

Response headers

x-request-id: da79c74b-cf6d-4b4a-9c1e-0d227b3f9aae
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 114
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=HndErOay5WTRlj6vXsb1h4alZTis9WEmJ5AchIiXlHb4znZSZaLpUSaeoAm%2BAgNBGuMmomiL76bjohmsC4bsAZNzWUjpid5DB7YyJ5%2BeXuFwXW9Kq3iOawENIhtLelcpfJdxS%2Fn%2BN%2FY%3D"}]}
cf-ray: 9a012a1c9f45e522-TXL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: application/json; charset=utf-8
server: cloudflare
priority: u=1,i

GET
H3 200 translations Show response
tournaments-gateway-prod.platform-mega.com/tournament-widget/locales/de/ 10 KB
4 KB 103ms
102ms Fetch
application/json 185.207.196.148
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://tournaments-gateway-prod.platform-mega.com/tournament-widget/locales/de/translations
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.196.148 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e02f15c0519642e214882ea4646d5629446baf98ff3fc5ac681404e16740404b

Request headers

Referer: https://vegashero2.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
authentication: eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHRlcm5hbEJyYW5kSWQiOiI5OTY2OThhZS03OTIwLTRhYTYtOTgyOS1hN2MxMTk4ZWE5OGQiLCJjdXJyZW5jeSI6IkVVUiIsImNvdW50cnkiOiJERSIsInB1YmxpY1BsYXRmb3JtSWQiOiIyM2ZmOWRlMC00OTM0LTQ5MDktOTUyMC02NTgzMTliOGY5ZmUiLCJpYXQiOjE3NjM0MDI2OTYsImV4cCI6MTc2MzQ4OTA5Nn0.Wzx1WUE7VhN2PpXu0UgGFVadUlakNgk_o043FEHk_tCS06gF2OwN8LMnuB0CUBbo8Arpmf42u-PX9-dkh5A-UhpYnnEiBSOsbxVGseZqgUteuM71o9ZhG0f2FNS4kaCxnnMqT0fN3bmALHsV_a6YVUvWJXzCKIZ_mMLxtnyHqwhkESLY7HtDxdCmggQrz6w2rKwxZFNDZ-L35JV_qNsGlIj_A0oO0nr6jF7KORjmzPdjkvg_oP3IE_ufIpCjEedhSAdFQbQaDnmMFSrDsZXdSZS4FBCTS1wNNmUFa9kKnnS7_bAXTdMTpRFfR0wYta4lyi13EL1Gcwt-tyPnh2Y8EA
Content-Type: application/json

Response headers

x-request-id: 81a5fe69-317c-412a-9ca7-b0ba31b74ed0
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 49
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=usxtYyJ1Vr%2FfGHIOolfBJvbMz6e85dsb1E%2FhUNHPz9TyexXoco7JGGDvy5IrQEjgEmq%2FF24sRppD1oj7HVxzANSLXdoXENHnU%2Ftp0ctjjBkHltkvAAZYUUFweieCYtCQur1o0MZJ7jk%3D"}]}
cf-ray: 9a012a1c9f32e522-TXL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: application/json; charset=utf-8
server: cloudflare
priority: u=1,i

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame 4760
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588536831758359&referrer=https%3A%2F%2Fvegashero2.com%2Fregistration&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=66c9be0f-5d9b-47b5-bba3-23e96e2025d4%3A1763402813.0041907&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D66c9be0f-5d9b-47b5-bba3-23e96e2...
https://idsync.rlcdn.com/501709.gif?partner_uid=66c9be0f-5d9b-47b5-bba3-23e96e2025d4%3A1763402813.0041907&_=1763402813.0052736

0
42 B

41ms
40ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=66c9be0f-5d9b-47b5-bba3-23e96e2025d4%3A1763402813.0041907&_=1763402813.0052736
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 17 Nov 2025 18:06:53 GMT

Redirect headers

Location: https://idsync.rlcdn.com/501709.gif?partner_uid=66c9be0f-5d9b-47b5-bba3-23e96e2025d4%3A1763402813.0041907&_=1763402813.0052736
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date: Mon, 17 Nov 2025 18:06:53 GMT
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 4760
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0NDU4ODUzNjgzMTc1ODM1OQ==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_error=1

42 B
935 B

125ms
38ms

Image
image/gif

193.0.160.131
ROCKETFUEL

General

Check archive.org

Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_error=1
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: HTTP/1.1
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

Cache-Control: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 42
Date: Mon, 17 Nov 2025 18:06:53 GMT
Content-Type: image/gif
Server: Jetty(9.4.51.v20230217)

Redirect headers

cache-control: no-cache, must-revalidate
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_error=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 269
date: Mon, 17 Nov 2025 18:06:52 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET setuid
ib.adnxs.com/ Frame 4760 0
0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 4760
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5144588536831758359&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5144588536831758359&redir=

42 B
718 B

68ms
65ms

Image
image/gif

52.214.80.236
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5144588536831758359&redir=

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/de/registration

Protocol

Server

52.214.80.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-80-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v081-09daeb0f1.edge-irl1.demdex.com 16 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: Pi7Qt+kgTmg=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5144588536831758359&redir=
dcs: dcs-prod-irl1-2-v081-0ef6de006.edge-irl1.demdex.com 0 ms
pragma: no-cache
x-tid: 6/XVG9xxQPc=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 17 Nov 2025 18:06:52 GMT

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 4760 0
252 B 108ms
30ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Download Go to Show image

Full URL

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5144588536831758359&r=

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/de/registration

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 4760 43 B
278 B 111ms
37ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5144588536831758359&r=
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 193.32.248.216
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif
vary: Accept

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 4760
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5144588536831758359&bid=omt9pi0

0
344 B

37ms
35ms

Image
text/plain

3.120.214.218
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5144588536831758359&bid=omt9pi0
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: HTTP/1.1
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

Content-Length: 0
Date: Mon, 17 Nov 2025 18:06:52 GMT
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5144588536831758359&bid=omt9pi0
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date: Mon, 17 Nov 2025 18:06:52 GMT
Server: Jetty(9.4.51.v20230217)

GET
H2 200 cksync.php
contextual.media.net/ Frame 4760 43 B
493 B 313ms
222ms Image
image/gif 23.59.16.30
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5144588536831758359

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/de/registration

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.59.16.30 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-59-16-30.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
pragma: no-cache
expires: Mon, 17 Nov 2025 18:06:53 GMT
alt-svc: h3=":443"; ma=93600
content-length: 43
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/gif
vary: Accept-Encoding

GET
H2 200 /
wt.rqtrk.eu/ Frame 4760 43 B
350 B 112ms
32ms Image
image/gif 57.129.18.111
OVH OVH SAS

General

Check archive.org

Download Go to Show image

Full URL: https://wt.rqtrk.eu/?pid=afd6afd5-a807-471d-940d-aa3c19fc7dca&src=www&type=100&sid=1&cb=5xSBip--_WEP&uid=5144588536831758359&url=https%3A%2F%2Fvegashero2.com%2Fregistration&gdpr=&gdpr_pd=0&gdpr_consent=
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 57.129.18.111 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy-eu-013.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

cache-control: no-cache,private
pragma: no-cache
x-envoy-upstream-service-time: 0
expires: Mon, 17 Nov 2025 18:06:51 GMT
content-length: 43
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif
server: istio-envoy

GET
H/1.1 200
OK 90096
i.liadm.com/s/ Frame 4760 0
208 B 579ms
134ms Image
text/plain 3.230.248.29
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL

https://i.liadm.com/s/90096?bidder_id=246506&bidder_uuid=5144588536831758359

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/de/registration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.230.248.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-248-29.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 0
Date: Mon, 17 Nov 2025 18:06:53 GMT
trace-id: 2253cd65f4369dba
Request-Time: 0
Connection: keep-alive

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4760
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5144588536831758359&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5144588536831758359&forward=&C=1

43 B
718 B

46ms
46ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5144588536831758359&forward=&C=1
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H3
Server: 104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wcP%2BY5DDjlsYrgOQMrCxOD1WUMes3G18%2ByunAp6OpVFuPBM%2FE8zpmMkbtW6CNniFkpSCa9NftYjatoxQCqyT4H5hS0Muayyg7DW3S9E3OBeS64KfKw%3D%3D"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif
vary: accept-encoding
priority: u=1,i
cache-control: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 9a012a1ca8efe508-TXL
content-length: 43
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=yqA9jfdjKfAwHEK2PD0Hb5mzzxEwROpXIgJrqPf3sgOb2a4Z%2F40%2BjxuIoM%2F%2FkeANxoEFLow2fdEQ6snA%2BcKh%2BK%2FPCmXqfT%2BmAqNYViHDecgBFiApvw%3D%3D"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Mon, 17 Nov 2025 18:06:52 GMT
vary: accept-encoding
priority: u=1,i
cache-control: no-cache
location: /rum?cm_dsp_id=57&external_user_id=5144588536831758359&forward=&C=1
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 9a012a1c6825e508-TXL
content-length: 0
server: cloudflare

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame 4760 0
42 B 116ms
43ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5144588536831758359
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 17 Nov 2025 18:06:52 GMT

GET
H2 200 sync
partners.tremorhub.com/ Frame 4760 43 B
175 B 435ms
130ms Image
image/gif 2600:1f10:4ce4:4a02:8e9:90a7:8e89:68ae
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5144588536831758359&r=brlRI8zMj6wL
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f10:4ce4:4a02:8e9:90a7:8e89:68ae Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/gif
server: nginx

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 4760 0
306 B 105ms
29ms Image
text/plain 3.122.165.18
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5144588536831758359
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.165.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-165-18.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-methods: GET, OPTIONS
expires: 0
access-control-allow-origin: *
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date: Mon, 17 Nov 2025 18:06:52 GMT
server: AAWebServer
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type

GET
H2 200 sync
x.bidswitch.net/ Frame 4760 43 B
183 B 121ms
36ms Image
image/gif 35.214.136.108
GOOGLE-2

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5144588536831758359&expires=30&gdpr=&gdpr_consent=&gdpr_pd={GDPR_PD}
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif

GET
H2

200

/
sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/ Frame 4760
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=aRtkPAAEgBXG1wBi

85 B
172 B

40ms
26ms

Image
image/png

151.101.66.49
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=aRtkPAAEgBXG1wBi
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H2
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://20872977p.rfihub.com/

Response headers

x-robots-tag: noindex
cache-control: no-cache
x-timer: S1763402813.066313,VS0,VE0
age: 2064
pragma: no-cache
via: 1.1 varnish
accept-ranges: bytes
x-cache: HIT
content-length: 85
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/png
x-served-by: cache-fra-eddf8230128-FRA
server: Jetty(9.4.35.v20201120)
x-cache-hits: 16637

Redirect headers

x-robots-tag: noindex
cache-control: no-cache
location: https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=aRtkPAAEgBXG1wBi
x-timer: S1763402813.927361,VS0,VE89
pragma: no-cache
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
content-length: 0
date: Mon, 17 Nov 2025 18:06:53 GMT
x-served-by: cache-fra-eddf8230128-FRA
server: Jetty(9.4.35.v20201120)
x-cache-hits: 0

GET
H2 200 sync
x.bidswitch.net/ 43 B
92 B 141ms
38ms Image
image/gif 35.214.136.108
GOOGLE-2

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=c25a64f9-1a57-4b22-9356-919b88cbfad9&cb=ec8695a8-9689-425b-8074-04848480dff6
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ 43 B
183 B 139ms
37ms Image
image/gif 35.214.136.108
GOOGLE-2

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=c25a64f9-1a57-4b22-9356-919b88cbfad9&cb=04745dd9-c82a-4dbd-a26a-105694cd1978
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ 43 B
92 B 141ms
39ms Image
image/gif 35.214.136.108
GOOGLE-2

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=c25a64f9-1a57-4b22-9356-919b88cbfad9&cb=610df633-07fe-4335-b0dc-d397070d68be
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif

GET
H2 200 syncd
x.bidswitch.net/ 43 B
92 B 138ms
36ms Image
image/gif 35.214.136.108
GOOGLE-2

General

Check archive.org

Download Go to Show image

Full URL: https://x.bidswitch.net/syncd?dsp_id=409&user_id=c25a64f9-1a57-4b22-9356-919b88cbfad9&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/de/registration
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Mon, 17 Nov 2025 18:06:52 GMT
content-type: image/gif

GET
H3 200 08507ea2-2c89-4092-b9f4-f11ee168d2ca-flag-2.svg Show response
vegashero2.com/dimg/v2/icon/ 2 KB
1 KB 37ms
37ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/08507ea2-2c89-4092-b9f4-f11ee168d2ca-flag-2.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b4a2aa02b39271d7183eb884748ede18d6563d4cbc4af55b94182ffcf269638

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"986dcdaa8e930bc19a8d8a7f3af9a950-1"
age: 274170
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Nov 2025 13:18:39 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877E4225BDA16DC
cf-ray: 9a012a1d29da33a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 8db7233f-8013-4b32-b9db-bc9972f65441-generalinfo-3.svg Show response
vegashero2.com/dimg/v2/icon/ 702 B
655 B 39ms
39ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/8db7233f-8013-4b32-b9db-bc9972f65441-generalinfo-3.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55cc17000f8c38db85802b0b2d2a0ddfd12856d373f147c3e566fe8ac8bc8b69

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"7abf7fdf28c88e01d24ea7fb3658cc2f-1"
age: 274170
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Jul 2025 13:56:51 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: HIT
x-amz-request-id: 1877CD654DE4D0DA
cf-ray: 9a012a1d29de33a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 2d2da347-6d9b-4089-a638-3806b9f22cdf-generalicon-2.0-3.svg Show response
vegashero2.com/dimg/v2/icon/ 1 KB
1 KB 39ms
39ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/2d2da347-6d9b-4089-a638-3806b9f22cdf-generalicon-2.0-3.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e436aee35d2c8bab46bc01f9ce45a7ebd95011eef3f0e86509ba57fe37a03fda

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"72e7f097a5640187fd88a7365bc645bf-1"
age: 274170
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Jul 2025 13:54:48 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 187770794349F8EA
cf-ray: 9a012a1d29e033a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 1a1b977f-25ab-4a3b-83d5-9b0e89b61c4f-close-2.svg Show response
vegashero2.com/dimg/v2/icon/ 4 KB
1 KB 41ms
40ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/1a1b977f-25ab-4a3b-83d5-9b0e89b61c4f-close-2.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b517d1868a8189c455fe56701aeb55ad0ca064bbf22924633b75b75dfe4e8470

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"63817c851c621f5936060c2ff3de9ac9-1"
age: 274170
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Nov 2025 13:20:05 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877E4225BDF3ADF
cf-ray: 9a012a1d29e133a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 81d8560c-cd3b-4a63-a4ee-40c34591647f-maximize-3.svg Show response
vegashero2.com/dimg/v2/icon/ 2 KB
1 KB 66ms
63ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/81d8560c-cd3b-4a63-a4ee-40c34591647f-maximize-3.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afdd871828f24df4904a44279c98ed53646810b01b2bc7c6996f6628b18fc338

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"adf1d590e92acfb9c83f7b5976b5c765-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Nov 2025 13:18:27 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877E4225C1B3468
cf-ray: 9a012a1d29ea33a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 2891e8f7-29eb-4c93-9ddd-8576ae90b2e4-group.svg Show response
vegashero2.com/dimg/v2/icon/ 2 KB
1 KB 57ms
54ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/2891e8f7-29eb-4c93-9ddd-8576ae90b2e4-group.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a456630e99c4f5700013599e5e7df524162f13bd74865a9e7a832e2acfe43ccb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"a03212b04698adbbaab453fe5d65494a-1"
age: 274170
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Jul 2025 13:55:07 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 18776BC2F1287950
cf-ray: 9a012a1d29f533a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 287c48a3-490c-4eb6-b2ad-03dfaf8b0e5a-minimize-3.svg Show response
vegashero2.com/dimg/v2/icon/ 2 KB
1 KB 34ms
30ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/287c48a3-490c-4eb6-b2ad-03dfaf8b0e5a-minimize-3.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

757c8d89cfb714ce3173a61d018265b104aa5a1a6bcc9a52123c64dd0fea64c1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"f4b93c6fe9cbd593febef2b5f42231a2-1"
age: 274170
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Nov 2025 13:18:17 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877E4225C6C7602
cf-ray: 9a012a1d29f833a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 d7e15f47-c6f8-44a5-800e-cc31990c885e-goldcoin-1.png Show response
vegashero2.com/dimg/v2/icon/ 295 B
660 B 36ms
32ms Fetch
image/png 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/d7e15f47-c6f8-44a5-800e-cc31990c885e-goldcoin-1.png

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

525328b390aaf93e38637e0bf50f4775a1134ea07881be15fca2b2a9193d540a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
cf-bgj: imgq:85,h2pri
etag: "6e58f2af8d0ebf0fb0b0b06cf54fac16-1"
age: 274170
cf-cache-status: HIT
cf-polished: origSize=429, status=vary_header_present
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/png
last-modified: Mon, 29 Sep 2025 14:19:52 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: HIT
cf-ray: 9a012a1d29fb33a5-TXL
x-amz-request-id: 1877CD6563B20853
accept-ranges: bytes
content-length: 295
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 1ce69de0-a3a6-404f-8e63-aad5a23fbdb5-generalpreloader-3.svg Show response
vegashero2.com/dimg/v2/icon/ 1 KB
912 B 61ms
56ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/1ce69de0-a3a6-404f-8e63-aad5a23fbdb5-generalpreloader-3.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

276c8f84076f40cff0dfdf65b848e6f765e2a593b2db5c57d7c841b6ea74a4f4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"af902dc39501ea0bb949382d30b60e26-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Jul 2025 13:57:02 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 18776470127EF21D
cf-ray: 9a012a1d29ff33a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 9ab777fd-d674-4e73-b9bf-1c2d8b12a7c4-up.svg Show response
vegashero2.com/dimg/v2/icon/ 2 KB
1 KB 51ms
47ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/9ab777fd-d674-4e73-b9bf-1c2d8b12a7c4-up.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

366a72ddd55508eac18d99a504340547e1022820d86f9275646bc4a3b0388722

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"606814161aef29627a6086fc6ea3e979-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Nov 2025 13:19:46 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877E4225CAADFC3
cf-ray: 9a012a1d2a0433a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ef0a25e6-3d57-41b4-b150-30c05ae443dd-freespins.svg Show response
vegashero2.com/dimg/v2/icon/ 2 KB
1 KB 57ms
53ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/ef0a25e6-3d57-41b4-b150-30c05ae443dd-freespins.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b05a78c8fd98c2dae6803ba06b384f33acbbeb14a0483253a93c28f29605c84

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"ae46de7ab923cd707c2fc3795ba371d9-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Jul 2025 13:54:36 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 187770794319D6D6
cf-ray: 9a012a1d2a0833a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 d2ffef84-d4f8-4256-b675-b1ed29842b9a-sweepcoin.png Show response
vegashero2.com/dimg/v2/icon/ 1 KB
2 KB 54ms
50ms Fetch
image/png 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/d2ffef84-d4f8-4256-b675-b1ed29842b9a-sweepcoin.png

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0be9782d54f4ef9d9b325bbe266afb129c9b79c20e8992f27a89c46225908457

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
cf-bgj: imgq:85,h2pri
etag: "65bf6d06f5a2e6f123293ff74efd1f9a-1"
age: 274171
cf-cache-status: HIT
cf-polished: origSize=2204, status=vary_header_present
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/png
last-modified: Fri, 26 Sep 2025 12:09:30 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: HIT
cf-ray: 9a012a1d2a0a33a5-TXL
x-amz-request-id: 1877CD6566C144AA
accept-ranges: bytes
content-length: 1523
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 2f93cc68-8070-480f-aea0-3a3a1c03240f-leafesicon-2.0-4.svg Show response
vegashero2.com/dimg/v2/icon/ 5 KB
3 KB 41ms
37ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/2f93cc68-8070-480f-aea0-3a3a1c03240f-leafesicon-2.0-4.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53ab540c1def5924a0a559a6ec502d44a17e9d57f8b915ad32e222c834df1841

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"8426a1fba06476fdbf8c5c17c326fd43-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Jul 2025 13:55:18 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: HIT
x-amz-request-id: 1877796583A8E3D2
cf-ray: 9a012a1d2a0d33a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 aa626660-7f6c-4b32-b560-6e6a85acec94-leafesicon-2.0-.svg Show response
vegashero2.com/dimg/v2/icon/ 5 KB
3 KB 57ms
54ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/aa626660-7f6c-4b32-b560-6e6a85acec94-leafesicon-2.0-.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fd7c13e201daf5e5d1d658812b9859a2fdd6642ba8150830f798d2fe7146371

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"3559f026fd7bab8df30d8709a6b1c5cc-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Jul 2025 13:55:31 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: HIT
x-amz-request-id: 18776EF84886905E
cf-ray: 9a012a1d2a0f33a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 a08d377b-4aea-4567-9077-d47b13bbd869-down.svg Show response
vegashero2.com/dimg/v2/icon/ 2 KB
1 KB 41ms
38ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/a08d377b-4aea-4567-9077-d47b13bbd869-down.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69acd510581c1674185125ca6090e8186c2a13774400a3649afd540b3110b993

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"b5afb77efeb750c59c61a56244faf3c5-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Nov 2025 13:19:38 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877E4225C513CBD
cf-ray: 9a012a1d2a1033a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 774715dc-f28c-4c9d-8d3e-410cf35151cd-left.svg Show response
vegashero2.com/dimg/v2/icon/ 2 KB
1 KB 61ms
58ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/774715dc-f28c-4c9d-8d3e-410cf35151cd-left.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a4ee90afae2f396974f9a3b3a2693e7df222e606b92089bb98541ed8a703b97

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"1e42ebb95800cdaae8fbdbb40bd56694-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Nov 2025 13:19:30 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877E4225C803C75
cf-ray: 9a012a1d2a1233a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 02fc4b9f-e311-4b97-af35-e9dac2f81e83-right.svg Show response
vegashero2.com/dimg/v2/icon/ 2 KB
1 KB 52ms
50ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/02fc4b9f-e311-4b97-af35-e9dac2f81e83-right.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6edaed37bba3c172f71cf94ab3586587681dfb3b978b4433e288c11691fe1652

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"d79cb6dd9d631ea0aaf8f6b71e46823d-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Nov 2025 13:19:19 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877E4225D3BF9A3
cf-ray: 9a012a1d2a1633a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 3024634d-b4d3-4ad5-a52b-ad9a5b58dd53-wins-typebig-row-number0.svg Show response
vegashero2.com/dimg/v2/icon/ 4 KB
2 KB 54ms
51ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/3024634d-b4d3-4ad5-a52b-ad9a5b58dd53-wins-typebig-row-number0.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8dc337434644c2df12bce8df5ec3eea2d93e24808045dcce97d0d80d8523be3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"8b245a233558a58cf8bcb39cc8431e87-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 08:41:00 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877CE71FCC1F077
cf-ray: 9a012a1d2a1933a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 1fe30383-2911-4eee-a296-1177c5c23c5f-iconswinssr-2.0-.svg Show response
vegashero2.com/dimg/v2/icon/ 5 KB
2 KB 62ms
59ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/1fe30383-2911-4eee-a296-1177c5c23c5f-iconswinssr-2.0-.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b9e66bdb86db6e73a61eb9a2a71451a7349af34c8ec42f394a3ad0fcf14705

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"9c8480393436e6bd4a318726fb101ad8-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 07:10:49 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877BAD8DCCC184B
cf-ray: 9a012a1d2a1c33a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 94730be4-5445-41d0-ad3d-bbd7fe5e7924-iconswinssr-2.0--2.svg Show response
vegashero2.com/dimg/v2/icon/ 6 KB
2 KB 56ms
53ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/94730be4-5445-41d0-ad3d-bbd7fe5e7924-iconswinssr-2.0--2.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dba8389b7a569281086c54c688523a92213c3a4da3e58bf0dce03f38407af64

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"0a20fcb87dce8e330a44efbb6ba22cb1-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 07:10:31 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 18773A982E0DC0FB
cf-ray: 9a012a1d2a1f33a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 50795952-3a68-4e83-9449-abacd3a3916c-iconswinssr-2.0--3.svg Show response
vegashero2.com/dimg/v2/icon/ 8 KB
2 KB 64ms
61ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/50795952-3a68-4e83-9449-abacd3a3916c-iconswinssr-2.0--3.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8efe9b073bd85f717da5b0383285116c708ce886027f3b1fd60b9c5b5fcbfe8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"ac9391d67317ab44d5b191557eeca49e-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 07:10:20 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: HIT
x-amz-request-id: 1877CE71FB48D84F
cf-ray: 9a012a1d2a2333a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 a4f89488-ea77-4835-af12-fb6d901c5c9c-wins-typesuper-row-number0.svg Show response
vegashero2.com/dimg/v2/icon/ 4 KB
2 KB 38ms
35ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/a4f89488-ea77-4835-af12-fb6d901c5c9c-wins-typesuper-row-number0.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56a47a60ad2ab7a3dcc615af1cdcb5af1e206f4157c6393413ac43883bf15a0d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"d1ce06daa949edcefaebcfc45843ff27-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 08:41:11 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: HIT
x-amz-request-id: 1877CD6599566F32
cf-ray: 9a012a1d2a2633a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 edfdc2ee-6eea-4215-bdcf-0ac905420cb4-iconswinssr-2.0--4.svg Show response
vegashero2.com/dimg/v2/icon/ 5 KB
2 KB 54ms
51ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/edfdc2ee-6eea-4215-bdcf-0ac905420cb4-iconswinssr-2.0--4.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f8e662acc914b588e9733a612b6fb0d9a135b2e30d45c195b3556fb88fd4392

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"c6080e8bbb9d2c318e8fb72aba8eba2f-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 07:10:07 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877ABED2607C234
cf-ray: 9a012a1d2a2733a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 b30561fa-7d28-48c4-9ff0-f3a9d56a2098-iconswinssr-2.0--5.svg Show response
vegashero2.com/dimg/v2/icon/ 8 KB
3 KB 49ms
46ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/b30561fa-7d28-48c4-9ff0-f3a9d56a2098-iconswinssr-2.0--5.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0648f58da89e09ab936dd44c457b942af57b36c68788c95bb55d5dcadf453dc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"ebf7145c305060e48f6ee5d702455172-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 07:09:57 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 187733D0284A44B7
cf-ray: 9a012a1d2a2933a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 adfa8b44-aa57-40e2-ac09-0e91b17c8179-wins-typenormal-row-number0-1.svg Show response
vegashero2.com/dimg/v2/icon/ 3 KB
2 KB 60ms
58ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/adfa8b44-aa57-40e2-ac09-0e91b17c8179-wins-typenormal-row-number0-1.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bac7415a3566beec04c98643201c02437d82cfcf82d1ec4fe402ca0f5ecfac9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"da3e7b18daf01354d9a11f7917646df3-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 08:39:42 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: HIT
x-amz-request-id: 1877CD65AF9E09C4
cf-ray: 9a012a1d2a2b33a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 031905af-1097-4234-aa90-1383b14d2aa9-wins-typenormal-row-number1.svg Show response
vegashero2.com/dimg/v2/icon/ 4 KB
2 KB 55ms
52ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/031905af-1097-4234-aa90-1383b14d2aa9-wins-typenormal-row-number1.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fbee9b4f42ddf81b20682cba2c64afa843edec28b594f877c21137f87aee8ff

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"1383f83be9b75d11ca495016bc4d0c31-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 08:39:56 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877CBD8ED779192
cf-ray: 9a012a1d2a2d33a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 1b6c03aa-761f-4310-9527-07e22f1046b6-wins-typenormal-row-number2.svg Show response
vegashero2.com/dimg/v2/icon/ 5 KB
2 KB 60ms
57ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/1b6c03aa-761f-4310-9527-07e22f1046b6-wins-typenormal-row-number2.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9379098fb3576de98038dca32b61e1658fc22808fe59bd697e827111dc8a02

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"7ac42807575951df81f5b1e18777160d-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 08:40:06 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877CE71FBB9C77F
cf-ray: 9a012a1d2a3033a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 d7fde138-77a3-41a4-9196-197c932038ab-wins-typenormal-row-number3.svg Show response
vegashero2.com/dimg/v2/icon/ 6 KB
2 KB 59ms
56ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/d7fde138-77a3-41a4-9196-197c932038ab-wins-typenormal-row-number3.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2db0f1cb6ba044931d25de47f722d7a8074cc05e6b6cc3921eae9d7392eeb077

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"26fa249e332e18b0ab540de2c2c6d04e-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 08:40:17 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877AC86665BBB65
cf-ray: 9a012a1d2a3333a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 bc2b23c6-9f12-4172-aa59-05072cf1fcc8-wins-typenormal-row-number4.svg Show response
vegashero2.com/dimg/v2/icon/ 9 KB
2 KB 56ms
53ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/bc2b23c6-9f12-4172-aa59-05072cf1fcc8-wins-typenormal-row-number4.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea64884f9e66a45114368b8cde20125be6637b4b2a3d63b7aa3151b9acea52ab

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"8ed73259a2db04a31702359b47991f7f-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 08:40:38 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877AC86480DA37E
cf-ray: 9a012a1d2a3433a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 b578185a-6692-4f44-a8e8-c850cdfb0a3c-iconswinssr-2.0.svg Show response
vegashero2.com/dimg/v2/icon/ 10 KB
2 KB 63ms
60ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/b578185a-6692-4f44-a8e8-c850cdfb0a3c-iconswinssr-2.0.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd7a68b24a5f8e7e5909dff6347c019f23973a7b85334058e8c7b8df6e02a498

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"4b38680be1fd1d9a7a8d980d50a360ca-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 06:45:23 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877C20E7A7D3EE0
cf-ray: 9a012a1d2a3733a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 90907021-47fb-4e21-8d3b-4ab923c50ee5-flag-2.svg Show response
vegashero2.com/dimg/v2/icon/ 2 KB
1 KB 55ms
53ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/90907021-47fb-4e21-8d3b-4ab923c50ee5-flag-2.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b4a2aa02b39271d7183eb884748ede18d6563d4cbc4af55b94182ffcf269638

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: MISS
content-encoding: br
cf-cache-status: HIT
etag: W/"986dcdaa8e930bc19a8d8a7f3af9a950-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Nov 2025 13:18:51 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: HIT
x-amz-request-id: 1877E4225DCEF13C
cf-ray: 9a012a1d2a3933a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ba223c50-a0eb-4941-9c03-00f0f097a5e3-gamificationicon-2.0-2.svg Show response
vegashero2.com/dimg/v2/icon/ 1 KB
956 B 78ms
76ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/ba223c50-a0eb-4941-9c03-00f0f097a5e3-gamificationicon-2.0-2.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec234e24dec0944e4ddb6bca283331333bcff09d76dfa24aac7ddb9c1ac42fc1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"1534c648f608ad84c4354fc1a43a246d-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 07:06:12 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877AC854031EC10
cf-ray: 9a012a1d2a3e33a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 f8fdb487-e742-4c7e-83ad-ef3c7ff7af1a-iconsrallywins.svg Show response
vegashero2.com/dimg/v2/icon/ 2 KB
1 KB 62ms
60ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/f8fdb487-e742-4c7e-83ad-ef3c7ff7af1a-iconsrallywins.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fbb152adb9e1fc8c48529cf3fe8ab52408a31616a23122d5529c0a10fce912c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"a958bc03bfbcfcb21b9264b9b0866a0e-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 05:49:23 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877AC85D070EEAB
cf-ray: 9a012a1d2a4133a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 b6a26049-a87a-4ebc-aac2-8bd601a01b76-generalicon-2.0.svg Show response
vegashero2.com/dimg/v2/icon/ 1 KB
1 KB 58ms
56ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/b6a26049-a87a-4ebc-aac2-8bd601a01b76-generalicon-2.0.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e436aee35d2c8bab46bc01f9ce45a7ebd95011eef3f0e86509ba57fe37a03fda

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"72e7f097a5640187fd88a7365bc645bf-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 07:07:41 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 1877AC860D15CAC3
cf-ray: 9a012a1d2a4333a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 9eaa8846-3b22-400f-9f21-62e79fdd419c-group.svg Show response
vegashero2.com/dimg/v2/icon/ 2 KB
1 KB 56ms
54ms Fetch
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://vegashero2.com/dimg/v2/icon/9eaa8846-3b22-400f-9f21-62e79fdd419c-group.svg

Requested by

Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a456630e99c4f5700013599e5e7df524162f13bd74865a9e7a832e2acfe43ccb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

x-conv-cache-status: HIT
content-encoding: br
cf-cache-status: HIT
etag: W/"a03212b04698adbbaab453fe5d65494a-1"
age: 274171
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Jul 2025 07:07:50 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
content-security-policy: block-all-mixed-content
x-front-cache-status: MISS
x-amz-request-id: 18775F84908A2167
cf-ray: 9a012a1d2a4533a5-TXL
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 analytics Show response
consent.cookie-script.com/ 47 B
294 B 455ms
380ms XHR
application/json 206.189.8.180
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://consent.cookie-script.com/analytics?action=firstshown&time=1763402813540&script=e72d128e1a8fd05dabb79b46315392f0&category=
Requested by: Host: vegashero2.com
URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/polyfills.82eea1a5a8ac9066.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.189.8.180 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d3020bf6447ead2316668a9c63ce33b649b2018472b44f6d2c24657891ad877a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/

Response headers

cross-origin-resource-policy: cross-origin
x-amzn-trace-id: Root=1-691b643d-16f9dd8d016600b65d96bd8d;Parent=64ab359cc584a7d3;Sampled=0;Lineage=1:243306bd:0
x-amzn-requestid: 338102cf-e369-4f24-8a82-1f590a32d5f7
access-control-allow-origin: *
content-length: 47
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: application/json
server: nginx

GET
H3 200 favicon.svg
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 267 KB
201 KB 87ms
87ms Other
image/svg+xml 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/favicon.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34579e3877d96e5876a2dfca51da95d7e2b41fcea9e66a01de35f47af1308b1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"e4d72e359a74a9deeac680634f959f45"
age: 372
cf-ray: 9a012a20bd8233a5-TXL
expires: Mon, 17 Nov 2025 21:59:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/svg+xml
last-modified: Mon, 17 Nov 2025 09:57:35 GMT
server: cloudflare
priority: u=1,i
vary: Accept-Encoding

GET
H3 200 favicon.ico
vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/ 2 KB
2 KB 71ms
71ms Other
image/vnd.microsoft.icon 185.207.199.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://vegashero2.com/cfr/7cdb81e011d038e/p/17-11-2025-09-27-33-4d55d586/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.207.199.248 , Marshall Islands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7d5cfe4e3fa7e7ba20f8f652d1755d2fbc4eafb0b185f276daf5890f305763a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://vegashero2.com/de/registration

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"14521af5a935c8ab7e48f135ea4d20d2"
age: 386
cf-ray: 9a012a21784833a5-TXL
expires: Mon, 17 Nov 2025 21:59:27 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 17 Nov 2025 18:06:53 GMT
content-type: image/vnd.microsoft.icon
last-modified: Mon, 17 Nov 2025 09:57:35 GMT
server: cloudflare
priority: u=1,i
vary: Accept-Encoding

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/7rg8i/0x4AAAAAABfM5zGQSKJYP40V/auto/fbE/new/ Frame C7C4 0
0 25ms
25ms Document
text/html 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/f/ov2/av0/rch/7rg8i/0x4AAAAAABfM5zGQSKJYP40V/auto/fbE/new/normal?lang=auto

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.94.41 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'nonce-zGgO6E2t9vMc8sVp' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms

Request headers

Referer: https://vegashero2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 9a012a249e63e519-TXL
content-encoding: br
content-security-policy: default-src 'none'; script-src 'nonce-zGgO6E2t9vMc8sVp' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 17 Nov 2025 18:06:54 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority: u=0,i
referrer-policy: same-origin
server: cloudflare
server-timing: cfExtPri

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.seondf.com
URL: https://cdn.seondf.com/js/v6/agent.umd.js

Domain: vegashero2.com
URL: blob:https://vegashero2.com/fa85b391-2c2b-40f6-9d42-e64347ecf7e5

Domain: vegashero2.com
URL: blob:https://vegashero2.com/b6988b17-ee4c-4871-824d-eb7f24f4719d

Domain: vegashero2.com
URL: blob:https://vegashero2.com/671ebede-2b58-44ae-acad-13a1987ce7e2

Domain: vegashero2.com
URL: blob:https://vegashero2.com/ed77e3b7-5a1c-4777-a268-b47bface5ab2

Domain: vegashero2.com
URL: blob:https://vegashero2.com/1c4e871d-b85a-4c73-8b4b-90e643df5787

Domain: vegashero2.com
URL: blob:https://vegashero2.com/298d5bc4-94d3-4a9e-9847-785024610e1d

Domain: vegashero2.com
URL: blob:https://vegashero2.com/f66390ae-6cbc-43c6-950a-899733821220

Domain: vegashero2.com
URL: blob:https://vegashero2.com/f0ebb590-5071-4917-b86e-ca560e5228cb

Domain: vegashero2.com
URL: blob:https://vegashero2.com/e4dc3236-6e1c-40d7-950f-68bfeb01fbd5

Domain: vegashero2.com
URL: blob:https://vegashero2.com/fbf317be-e590-44a2-9ca7-34424d8ba4ce

Domain: vegashero2.com
URL: blob:https://vegashero2.com/35136a9c-23a1-41d0-8550-b789da89c6a6

Domain: vegashero2.com
URL: blob:https://vegashero2.com/6f3536f9-62de-4727-afcf-688e9b875aa4

Domain: vegashero2.com
URL: blob:https://vegashero2.com/d4714a48-7ecb-49ff-bc83-7cdb84e860ad

Domain: vegashero2.com
URL: blob:https://vegashero2.com/1155d6a1-6787-43c9-9f41-81ff8e750098

Domain: vegashero2.com
URL: blob:https://vegashero2.com/a91dc835-4607-4c02-a4f2-06ba1dee2c08

Domain: vegashero2.com
URL: blob:https://vegashero2.com/fffa3667-9170-4953-9991-4365194c7b95

Domain: vegashero2.com
URL: blob:https://vegashero2.com/e52b6208-ce3f-4520-97f3-571f84f87fda

Domain: vegashero2.com
URL: blob:https://vegashero2.com/2625d636-104a-4919-bdc0-9a279c3a8af4

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/setuid?entity=18&code=5144588536831758359&gdpr=&gdpr_consent=&redir=

Verdicts & Comments Add Verdict or Comment

214 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vegashero2.com/de/api/v3/comrade	1969-12-31 23:59:59	Name: ws Value: "31777358d3b3e6c2"
vegashero2.com/de/api/v3/lang	1969-12-31 23:59:59	Name: ws Value: "233b0d54e2e0e85c"
vegashero2.com/de/api/v3/seo	1969-12-31 23:59:59	Name: ws Value: "a8e00510c0ae1453"
.evega5ge.com/	1970-01-21 09:50:04	Name: __cf_bm Value: eMvn4iozOdD7MhTQeA7YAMBpDqty0qESD6RUvn56qyk-1763402810-1.0.1.1-wv1D1DvOPkyYyIOM2MMm.lewm7n4E.LOVHMkrLye60k2CrTi8w__KqVnE.3VJT47QFz3JRPSy1nR2HjWvsVZJF8gBit5L9oxqdPgq7QgHv0
.vegashero2.com/	1970-01-21 09:50:04	Name: __cf_bm Value: Rfm9ZO811t20OrSoHupWOWQaUvBrsggEHrGkzB48EBs-1763402810-1.0.1.1-C2WYkeHwWOE4OSxznAHzH38k0SvEEFn.7kWhAGrdS3yXeFjnBdL9dpBs0o111T9PuHpUhsZ87j9tXqooj1PsboP8h5BGw0SRGPYRRXl_VVE
.vegashero2.com/	1970-01-21 18:35:38	Name: cf_clearance Value: sTBFnY0otWdcX4mm1YL5xqjU5ODSHBEyX0mFXs6_gas-1763402811-1.2.1.1-88hNvmao.Z8S4uQp_Gx2wfXGg8kbLfONMgZJYR6k8fker3FwdqooOCP8hmJqx0ugsSBkGFnyIqLqcOHuWIZROoYmGPc4eiae3of58BeFicKIKj8Yz_zS2wY8VaZsQRg_cR.VEJzKNHSOaJ20smekm7ghpDREKYgumiIodRU_CHjpBlddlQgLNs4woC0e_RKPXx0WIQ2loWDxEf.qwC6XKRwPZm.i9Svv9m2YmdAZSyI
.challenges.cloudflare.com/	1969-12-31 23:59:59	Name: _cfuvid Value: PaDj6pCEH3iSDIJnfO08bUMXd9mPsmFxyyIpMua82_E-1763402812077-0.0.1.1-604800000
.bidr.io/	1970-01-21 19:18:32	Name: bito Value: AABI4U7SNsgAAAA9dl4fAQ
.bidr.io/	1970-01-21 19:18:32	Name: bitoIsSecure Value: ok
.adform.net/	1970-01-21 10:33:14	Name: C Value: 1
.adform.net/	1970-01-21 11:16:26	Name: uid Value: 3222801662044230557
.adform.net/	1970-01-21 09:51:29	Name: CM Value: 1%7C1
.admaxium.com/	1970-01-21 10:33:14	Name: slfp Value: eyJ1dWlkIjoiYWVkZGMzNmUtMDRiNi00ZWJjLTg1MWMtMTkwZTMwMzM3ZjQ0%0AIiwibmFtZSI6InJyX3ZlZ2FzaGVybyIsInRzIjoiMjAyNS0xMS0xNyAxNTow%0ANjo1MiAtMDMwMCJ9%0A
.sportradarserving.com/	1970-01-21 18:34:12	Name: zuuid Value: c25a64f9-1a57-4b22-9356-919b88cbfad9
.sportradarserving.com/	1970-01-21 18:34:12	Name: c Value: 1763402812
.sportradarserving.com/	1970-01-21 18:34:12	Name: zuuid_lu Value: 1763402812
.adform.net/	1970-01-21 10:10:12	Name: CM14 Value: 1763489212_1763402812_1763402812_1_Hu7u4e4e4R7uAeAREREeEREREAAR
.rfihub.com/	1970-01-21 19:11:38	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1NrMwNjQ3tTA2tRTiM9R1cg-LjAgN0NUtC44EALv5xkYlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1NrMwNjQ3tTA2tRTiM9R1cg-LjAgN0NUtC44EALv5xkYlAAAA
.seadform.net/	1970-01-21 11:16:26	Name: uid Value: 3222801662044230557
.sportradarserving.com/	1970-01-21 18:34:12	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-21 18:34:12	Name: zuuid_k_lu Value: 1763402812
.sportradarserving.com/	1970-01-21 18:34:12	Name: bss Value: !bidswitch=532660012
.sportradarserving.com/	1970-01-21 18:34:12	Name: cm2 Value: !bidswitch=532732012
.casalemedia.com/	1970-01-21 11:59:38	Name: CMPS Value: 1128
.casalemedia.com/	1970-01-21 18:35:38	Name: CMID Value: aRtkPLmqPDsAFhyrAFcNQwAA
.casalemedia.com/	1970-01-21 11:59:38	Name: CMPRO Value: 1128
cm.adsafety.net/	1970-01-21 18:35:38	Name: UID Value: CM12025111718a3bbc8e93450a514fad
.adsafety.net/	1970-01-21 18:35:38	Name: cm_uid Value: CM12025111718a3bbc8e93450a514fad
.rqtrk.eu/	1970-01-21 10:00:07	Name: browser_id Value: 1:16b76c20-3c99-411f-b035-6609b3c09612
.eyeota.net/	1970-01-21 09:50:03	Name: SERVERID Value: 18637~DM
.weborama.fr/	1970-01-21 19:15:58	Name: AFFICHE_W Value: -5E6gMrYS9D-95
.audrte.com/	1970-01-21 10:11:38	Name: arcki2 Value: mi3gi6mu-b8wbSI0KTcSB810iDghHJw-ad!20210107!1763402812950!ip#193.32.248.216
.audrte.com/	1970-01-21 10:11:38	Name: arcki2_adform Value: 3222801662044230557!20210107!1763402812950
.demdex.net/	1970-01-21 14:09:14	Name: demdex Value: 05141824773391845900504280628775553245
.adfarm1.adition.com/	1970-01-21 11:59:38	Name: UserID1 Value: 7573757407285344620
.fwmrm.net/	1970-01-21 14:09:14	Name: _uid Value: umv1515_7574887439790202920
.w55c.net/	1970-01-21 19:18:50	Name: wfivefivec Value: awnApot71Vl3CQ5
.w55c.net/	1970-01-21 10:33:14	Name: matchadform Value: 5
.dpm.demdex.net/	1970-01-21 14:09:14	Name: dpm Value: 05141824773391845900504280628775553245
.exelator.com/	1970-01-21 12:42:50	Name: EE Value: "3fb634728eee2f507939787100ce894d"
ads.smartstream.tv/	1970-01-21 18:35:38	Name: DID Value: aeb7746fbf805e00f1e60c7c6133e89b
ads.smartstream.tv/	1970-01-21 18:35:38	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 18:35:38	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-21 10:33:14	Name: cm_uid Value: CM12025111718a3bbc8e93450a514fad
.rezync.com/	1970-01-21 14:09:14	Name: zync-uuid Value: 66c9be0f-5d9b-47b5-bba3-23e96e2025d4:1763402813.0041907
live.rezync.com/	1970-01-21 14:09:14	Name: sd-session-id Value: .eJwNykkOgzAMAMC_-EwqJ7azfQYR4kpRC60IXIr4ezmONCeMX92WadV1h7xvhw4wv9utDvmE3n6LviCDWGaJUchHskEiSYJrgK69t886tnof7-dUFJ9GaiqGQxFTykTGkSavDp1UzjZ4YnTR0gORbcIA1x_DYSXP.aRtkPQ.7UGltVJxLkGOmIoB-fi4Fx988JU
cm.adsafety.net/	1970-01-21 18:35:38	Name: permanent Value: 1
.exelator.com/	1970-01-21 12:42:50	Name: ud Value: "eJxrXxzq6XKLQcE4LcnM2MTcyCI1NdUozdTA3NLY0tzC3NDAIDnVwtIkZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDEaEl%252BUWb6IhfXxUUpaQyLSopPBZ%252F1bAAAemgpsw%253D%253D"
.media.net/	1970-01-21 18:35:38	Name: visitor-id Value: 4064044135336909000V10
.media.net/	1970-01-21 18:34:12	Name: data-rk Value: 5144588536831758359~~3
.doubleclick.net/	1970-01-21 19:11:38	Name: IDE Value: AHWqTUl8rOQJEonlTMLtlO2tXyRgDpArDBLI28Z-ia2A8eJZxJas5U1HHbd558EaN7k
.audrte.com/	1970-01-21 10:11:38	Name: arcki2_ddp2 Value: mi3gi6mu-b8wbSI0KTcSB810iDghHJw-ad!20210107!1763402813155
.rfihub.com/	1970-01-21 19:11:38	Name: eud Value: H4sIAAAAAAAA_-NicjUM4jU0NzM2MTCyMDQ2NDOaxYjgG1kYmGxC4-9C459C479C4_9C4y9iQuWvQuNvQpdnQeXfQuZbmlhsYkVzHzeafcKo_Edo_FmSqHwABIudRxMBAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-NicjUEAGxQrZEEAAAA
cm.adsafety.net/	1970-01-21 18:35:38	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaNmRvL2FCOC9GZ3VRMkR6NHpURFpydTdWSU1KWm9XM2lMNG5lQ25VOHlKT095ZTlOOW5wMnVWZnBTRzhtd1hmM3RyOERsSDVrcnd0a002YnB0SmhTNE1FQlIrVXY1NGRFTXF0MllnSHE2dm1VVzZBR2E0c2xCaXRMTGhHTGFLVmZvS2htb2YvQUJFMzNvN1pqWFI4QjZYQmZMcVNFa0x0b1RHYzR2SHg1ZkcyMnFERVB3Nk1vRlVjanNYdFUzWVVYSHZKMk0xTjBIbmlBdDU2ZkRzZmw4K3hmaDNJcDE3aXRDYXdObVp5WkVzeWpvaG9OUmljcy90VENQT2FoaFZMa0ppcUwxajJqM2IxT1hieWR2L1pBbFB6NUt0a0tQeXk2SEJXRHlZODJkV3BXYTZtMVYvUkIyUEF6eS9Oc09ENFhleE1uZlFIMjkxbHlhVm8xajJyZ0FlMllrMVZLbWEwa0VPbTlSd1N6QTZpZ0Q5ZXhWVW4zV3hWaHRDakY5OGhJeDNUYm8yRlBqbzdMN3VmaGx3WFpKT1E0R1pBc0hBV1I0Q2xTVU9KcFN5YTRUSG1Ud2RkWlNPS3Q2Q0dZclhtZHQxSW5VMld1dGVRK1NQYXo2bWpjZnhRVmptclpwZXBiTmN4cTcrMlpnRFI%3D
vegashero2.com/	1970-01-21 12:14:02	Name: CookieScriptConsent Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","ad_personalization":"targeting","ad_user_data":"targeting","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"},"bannershown":1}

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://vegashero2.com/de/registration Message: [GroupMarkerNotSet(crbug.com/242999)!:A070770234220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://vegashero2.com/de/registration Message: [GroupMarkerNotSet(crbug.com/242999)!:A000512034220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://vegashero2.com/de/registration Message: [GroupMarkerNotSet(crbug.com/242999)!:A030512034220000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://vegashero2.com/de/api/v3/seo/item?page=registration Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=3222801662044230557 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5144588536831758359 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=6466&tp=ADFM&tpid=3222801662044230557 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=66c9be0f-5d9b-47b5-bba3-23e96e2025d4%3A1763402813.0041907&_=1763402813.0052736 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ce9b5295a9b238836f42b27e515f96c.seondnsresolve.com
20872977p.rfihub.com
a.audrte.com
a.rfihub.com
a.sportradarserving.com
a1.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
admaxium.com
ads.smartstream.tv
c1.adform.net
c1.rfihub.net
cdn.cookie-script.com
cdn.seondf.com
challenges.cloudflare.com
cm.adsafety.net
cm.g.doubleclick.net
consent.cookie-script.com
contextual.media.net
cookie-matching.mediarithmics.com
dpm.demdex.net
dsp-cookie.adfarm1.adition.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eb6a7d55b667d9b6e52e2ebe363274d7b395eb78.seondnsresolve.com
eu-u.openx.net
evega5ge.com
gamification-widgets.platform-mega.com
gm9cn.com
i.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
live.rezync.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
onetag-sys.com
p.rfihub.com
partners.tremorhub.com
pdw-adf.userreport.com
pixel.onaudience.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
rtg.admaxium.com
s.ad.smaato.net
s2.adform.net
secure.adnxs.com
segment.prod.bidr.io
server.seadform.net
simage2.pubmatic.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.teads.tv
tm.ads.sportradar.com
token.rubiconproject.com
tournaments-gateway-prod.platform-mega.com
track.adform.net
tracker.ads.sportradar.com
uipglob.semasio.net
us-u.openx.net
user-sync.fwmrm.net
vegashero2.com
vgr.naralvin.com
wt.rqtrk.eu
www.googletagmanager.com
x.bidswitch.net
cdn.seondf.com
ib.adnxs.com
secure.adnxs.com
vegashero2.com
103.231.98.109
104.18.27.193
104.18.94.41
104.18.95.41
141.95.98.64
142.250.186.130
149.202.238.105
151.101.66.49
172.67.198.48
18.173.205.128
185.207.196.148
185.207.199.248
185.207.199.61
188.114.97.3
188.166.63.236
193.0.160.130
193.0.160.131
198.47.127.205
2001:4860:4802:32::36
206.189.8.180
23.59.16.30
2600:1f10:4ce4:4a02:8e9:90a7:8e89:68ae
2600:9000:20b4:a200:1:76cf:fe80:93a1
2606:4700::6812:13e
2a00:1450:4001:828::2008
2a02:26f0:7100::210:139
2a04:4e42:600::644
2a0b:7e00:202:2701::5
3.120.214.218
3.122.165.18
3.230.248.29
3.33.220.150
3.69.181.172
34.1.242.226
34.102.136.131
34.254.143.3
34.98.64.218
35.156.243.179
35.190.24.218
35.210.130.15
35.214.136.108
35.214.183.184
35.244.174.68
37.157.2.235
37.157.5.49
37.157.5.87
37.157.6.243
37.187.82.52
50.16.197.56
51.89.9.251
52.17.172.159
52.214.0.104
52.214.80.236
52.29.115.198
52.49.104.56
54.220.174.14
54.220.208.29
54.36.150.183
57.129.18.111
69.173.144.139
76.223.111.18
77.243.51.122
80.82.210.217
85.114.159.93
89.163.240.122
91.185.218.28
91.210.226.39
95.100.184.137
99.84.152.75
0024e99f8ce228cde6182758e895dbab3f2ce25e1c12b2fca576fa58723af21e
004c7d3fd8f5d37fe5a229c662eb920702d5adae0136473a65650cc9fe98da2e
005bb91e5fd75f1a2334486d8b15dffbea73c5e9e5fd455051044c6d8db2cfe7
0294daa17eb730398a656f3fc7969852dff41dd3378a3aa7984d4a5812e4c205
046c5ee81a3e091c67e61b79bb5d7389bb636af8cb502e5c4aa8ba2490f91103
054e6c5160fd8b52c75267a4fcac2b6201027d9d0cae865dd33c35e1cb59cef7
0765645a33cea6a119b2657046f10dae469304eb8c21b702f81a4ce36697ad3c
08b9313a30d37f0e70ceeab65045b7bfa27f338503d9ca01e028ad741aaa80fd
0a72c668014740c640a74c6766d38bd24a293ef02be57e89aee18a8947001363
0be9782d54f4ef9d9b325bbe266afb129c9b79c20e8992f27a89c46225908457
0cd065f3e74abbe6e4e4e68d01a1c7b4a84c0f7a7b7eef89878c8962235ed4ef
0f5d0c4cfab5775f118873a913e08186463514be404d85e884ede60f806f80cd
1284e157231f911bf058d00f66c9458a75b29ae75e991e6b4fb6b95b343f88ac
1297083b34d4fa90eefbbb7064f1fee68d8ee8be06dd5ecd604647e77a11c079
12b12a061fdce3f0e4043721091b1fa8951a4834e105fc060e29a63ad7a9a78c
1922e927c2d1c26d7de13b03c7786b55557723c52d546d5c288137dfb475bff5
199af398a06b6ccdf5e4800d45328246f9e6199da03fe16d71fd2cd2f0c25b80
1bfa108a175ecc62b8a557edb1bb1b0f8a618149a5b42743139a0b96685a1bf5
1c99a097a01fdcdcb97a2c059ad03178e5f83a20c278d42f48624c194ab1714c
1e4b3b126009a3cb3f083a6f74f717cd2c82f486cd66839ea2f810a767784ada
1fd7c13e201daf5e5d1d658812b9859a2fdd6642ba8150830f798d2fe7146371
22e020b9e990c11db615cbde19923f101721b0cf958f3482ee1b07ef6de2311f
24c0b7b638e83fd66fbd29175f2a7f4cb075f1ac520d19a6e2f32bb8f0a92a88
2522e3f24f318e5c2d998482e9dbb933566aa4eb8b55bccbfff48c91505d27ba
276c8f84076f40cff0dfdf65b848e6f765e2a593b2db5c57d7c841b6ea74a4f4
28ca3444d424dbd27b837c82a4b17692bab71a6a4cba4058a698d283f32e7ba7
2960f24bf19ec177ead60171f3e4ff1f2ccdaf174f2246ef6621447cb7f95074
2a818629089cff6a6d1e378dabefffa4d75d0d815a175551c03657aa7b187d28
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b4a2aa02b39271d7183eb884748ede18d6563d4cbc4af55b94182ffcf269638
2be04bc76bfb9ee25a5034e3ec55abad50ff295759e93516edfbe2bb0e5f6348
2c157d33f8f26c6dd381c3579f470fed57fc0190667d584ac847bd6e2241aa44
2c9c777bda4785d40c5d29242b90934b945ab0ee9ab3de26419cf245cd19da1e
2ccf3a72c060c9b6cc38f9a110b8ac3e01c7bee9f5baf61fffca60c3098616db
2d7a270c1928be61476bfe7e9a662b5d23101783e646e0b241b3955ad5ee786f
2db0f1cb6ba044931d25de47f722d7a8074cc05e6b6cc3921eae9d7392eeb077
2ddeade3a8991666b89f2a0c3aaba4508852838488781e260d45bc886f1172a5
2ee26ce81faaababd04d1f9d2c7af2bbc5a8acd70595d4a1e7517822660fe82c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
319bccafc8f368496df876b9fb77ba025b28e2c2acf39f5819aa26691a9e6a21
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34579e3877d96e5876a2dfca51da95d7e2b41fcea9e66a01de35f47af1308b1c
34a5ff75a8cb066e3553351ebd71024112ea62a608758194b89b16b3d581b12d
366a72ddd55508eac18d99a504340547e1022820d86f9275646bc4a3b0388722
39a5213f31f24d94ac52bea7e3be8e06668b2a9fdd629921e61670a7e2b92c10
3a4ee90afae2f396974f9a3b3a2693e7df222e606b92089bb98541ed8a703b97
3adbdddf7adeffac841141bbc84c8a2816c32dc35bdc6c86153cf457f10553b8
3d3ed8cb93e0c8f6bb6cb7d4d55bf84b2e1c818ef500435783f21013dcf7bd45
42ae7ad9883ca4d8c3951dee32c425cc2896f463497733e23de273eb4f01aa40
4356c4839535096156a4486e6bf517d276dc781cd9b738a781bbc3427c48e254
46153a68b3882e0cf12377195f465d70f4153f4062cb0d4c46b93f3850213342
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4dac9a6ad1e8bc32ca4f902ea2461f6a2e6b2fa3ba92081fb016637a12054694
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f68f4669565e314d17776c578665484367a76bf89eb9dafeed78b8fa5b2b1c9
525328b390aaf93e38637e0bf50f4775a1134ea07881be15fca2b2a9193d540a
53576d8269d499ff8d1873b5ee81d77f812e8934510028162a970ebebb3ffa83
53ab540c1def5924a0a559a6ec502d44a17e9d57f8b915ad32e222c834df1841
53b9e66bdb86db6e73a61eb9a2a71451a7349af34c8ec42f394a3ad0fcf14705
5481edb09453aaf142452e54ed81070a59563686bcc880babb2f8edb0927e4d6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55cc17000f8c38db85802b0b2d2a0ddfd12856d373f147c3e566fe8ac8bc8b69
56a47a60ad2ab7a3dcc615af1cdcb5af1e206f4157c6393413ac43883bf15a0d
59938868870ce60b8576506d0211346d8a85329a9d54997c39d921389c493b34
59b5d8a6bb1904d25e82254b1e3a510c7d73c142bcfb0fb058ffe74db1734a0b
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
5def9c0967358d1ebe20335b6dda40c97e30e03322cb425662bd5603145afb98
5f9cbd3d55fb3386f13c42fb3c90f201e2f180fe573909bf343328a74f7e3d93
61a0b4d2a1839a01a943343cd8628f051dc02bdf9c61efd2a602264805c5fa3c
63646d4acf954ffbc8502e5af68473eee3e13784b5ef135767d9c56ffb6b31e5
66e0a325be5f86a801b45ae552735e11f7ed3bd9a58059742abb1e16c86d09d4
67d4549c9c5bb9014fb11071f6d71e10d505cf9c5297e6983181e10cd53f4fb5
69acd510581c1674185125ca6090e8186c2a13774400a3649afd540b3110b993
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b05a78c8fd98c2dae6803ba06b384f33acbbeb14a0483253a93c28f29605c84
6cadddf1717be85c3467494943718b22cc3b75cfdfc4b972d5fdafc0a659f529
6edaed37bba3c172f71cf94ab3586587681dfb3b978b4433e288c11691fe1652
6ef6555df5b46fe7c29fe4b3e32b0a6d97c348179e322bcf7230ec10edbf74a3
70c67c009a651e7caa03f7b09dcd6ac8a7daa7e75b6806a039f0b771bad0296b
734fbb886c3b047ee3e289855ce263e47dc0282c9499b3ea52234fbd36f94e88
737a4d5d94f1f725d6d49da1acd629d8d56d6f37234615b9607463fa1aec1164
73fce1a83732acb53b2be9474670ff94bbb61ba9546c72eeceeac3e066501ac1
757c8d89cfb714ce3173a61d018265b104aa5a1a6bcc9a52123c64dd0fea64c1
79172cb0b22b4205cb278da03be1bc0120718a7ec98dfc2b91ee018b33d2bf03
7b4359d036e41e89a9557d63a0dbc80d7ed971853c5079d8001fa7bfadb5e992
7b460f058bde06aad8389291233b4cebee09130bfdd0795e956b9efd09dfb730
7d9220b905a8b59cb801c869182a28400acf41d5e3bdf6b2bed411111365aa7a
7dba8389b7a569281086c54c688523a92213c3a4da3e58bf0dce03f38407af64
7eb52f0a6b7bea08eaec4f90db8a7547a0d1dc57fb5ccc898c77edf8b2d0e57f
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
804ca4e5e48213b6f08692e4ba45b2be52f4b6f8c983a1c0d7786d7011615672
8246381b527647512866b22a99203ca644b689ba2a7bab6962c6010e3027e3c7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8544fd687b99eb9e3f1104f315dfe557b49bb3440e1ad50f9afe6adada2032b9
875db474e4f3e621f792664ca240b5947e8baf09a6693df5fd5a34f6e356eb91
87a06d50a2e60f0f2fa9957322630c869ea00dfc13b6d462a7967bb3ffb0cffc
880ef04dd777a18769e0be495de3e6c962eed8c95774f39c260e7d6abb7d88fd
895dd08edd1842f3719e4abb5ba5aa9a0ef6c83280ff629df00e8725ac93f037
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0204f9fcb4ce6b0e0c448a963717c4aa1b589d60a1d59360a38d9d5c4d0adf
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f141857444f27a2ed17ff685c8eefb4b981509a3905d179a8d4b2fbf829d108
8f218f0b8a7dbbdf1f5a8189b47c661eb4af0b084772bf9eebeca58e36a676e2
8f8e662acc914b588e9733a612b6fb0d9a135b2e30d45c195b3556fb88fd4392
8fbb152adb9e1fc8c48529cf3fe8ab52408a31616a23122d5529c0a10fce912c
90a9bc0dd3483b43bc6a935e866a0dbb8b6efa8f0a75e70efddd103751b386fd
90d663d204e12d5bec92c56fd5e719af645f1bb528facc735f7df6f34e17d524
97678b8ddc9c4cf7396905777e67898037d1226d01789daf394d368e29a6ae01
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f886686a13e43bd2e9f2d487db890a39df44bbdd2543213673654c3e858967
9ab1aaf86cd32b627d78affb540908d2eecc48858ba5f57d263ea287e1d588d2
9b27b654536e8c883577ab92a2c5703bc743e92f24dd7f4c2d66077821c03827
9bac7415a3566beec04c98643201c02437d82cfcf82d1ec4fe402ca0f5ecfac9
9d9379098fb3576de98038dca32b61e1658fc22808fe59bd697e827111dc8a02
9ec558b5973a14f6d6b14186931ccddcf465f17830a398e271a458d50e8cc70b
9f00a4002c54d02d64c663b997811dca43e094faafff0e218ec719238fe512e9
9f7d92445cd4b4fa750089f3d63de12ed13a1efbbf5735877bedb58de43eecb4
9fbee9b4f42ddf81b20682cba2c64afa843edec28b594f877c21137f87aee8ff
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a072838e812ef83ad812182093a7b7eff6655c6aa437a5d61559a2b155ac9baa
a14947bcda48b783a71090180c6e2ed10165133fabeda696a78792369f09c0d0
a456630e99c4f5700013599e5e7df524162f13bd74865a9e7a832e2acfe43ccb
a8efe9b073bd85f717da5b0383285116c708ce886027f3b1fd60b9c5b5fcbfe8
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adedbdf5426af7120a28c66dbeb8f3f2d1548b29370600b4a64a2d8867ff4e78
afdd871828f24df4904a44279c98ed53646810b01b2bc7c6996f6628b18fc338
b0ebbaf4d965bfb0496f9c04e71e1eb6589c8de39b4bfb59e97360eed1fb3766
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14c73c8abedbd964fc48b3bcc69cb1af412e956fc6dff18b89a993eeba0e3f2
b35986948a6b74b2598f332f761cfa848c058fe9d195b3d2c61f92aec7f5e1c7
b46fe54b974272ee7e091746bda42c14d9b697309bc311e58cfb66178a64b2be
b517d1868a8189c455fe56701aeb55ad0ca064bbf22924633b75b75dfe4e8470
b9a2ff5231c92e5f62f0c31ffc734d1aa35840bc10c5ee3dc208a0a1f5d619a5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdcfff76b1a267221f3557b2eeb6b4b28f87eceefae0e25f328ef63c0cb1778f
c0648f58da89e09ab936dd44c457b942af57b36c68788c95bb55d5dcadf453dc
c204e62ee9676201fe7b784694aab0b2aee7a7be1522698da50ff01f6ba146a7
c8dc337434644c2df12bce8df5ec3eea2d93e24808045dcce97d0d80d8523be3
c8f3587faab98b8525cb614eb27e89920940357327131b2b058d9ff6c4b53f8e
c9482dc5dbc6af298b7c0264630fdf6370c078b2b4096c542a22d53643df4706
cc00e3163a948a3bb06956975e080cc5dc8334b248814d588c0288b3ff7b1f20
ccb7fe373694182c1f1d6c6548638fdcb17a630f7bce2298a7486281ee48295b
cd47bad97241544fcadd200521cf6909dd627e4cc2dbed1a3aacd05fcb8ec5fb
cd7a68b24a5f8e7e5909dff6347c019f23973a7b85334058e8c7b8df6e02a498
ceda53a1d6d7a245271072e6306ab3ecad53be80d39eafdd3e6c3b7911df21ea
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66dd196e4dea28252eb08f65608f18be5fbe8ab6b3d0330c5d097a3990cd72
d03da69a6da86457efff6d663c4d794804aade9192e07c1658206c1b8b30b241
d3020bf6447ead2316668a9c63ce33b649b2018472b44f6d2c24657891ad877a
d515be5da5b65785436e59277291f50482846c6e0ee4a71324b85a978c9b66cf
d7afb6a6e888054337493d041a08d937f4216c3e7935520916a2145898679be1
d7d821911f5f6727cf14086687dfedd12709f26c34d8137b3d52c562b347d627
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df3d87eeed2079bc5a48c77feed939710a110db9fd6d64dcc982a1fbe2ea60b3
e02f15c0519642e214882ea4646d5629446baf98ff3fc5ac681404e16740404b
e07080f16ae0bb76bc1f1ad916b9e3055977828a1797d64928de59a3b8694121
e1b3a6a849778af7ad42ce57b8aa43fd24af85495cb10f6a937061283d5d6f2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e436aee35d2c8bab46bc01f9ce45a7ebd95011eef3f0e86509ba57fe37a03fda
e577b138d1ff351b477dc463444dce66861936725d211807f050b7b7745905f4
e96271b09ac2fa31e230553164a6e017e751c3adaf3198f542bb6583f53e210c
ea64884f9e66a45114368b8cde20125be6637b4b2a3d63b7aa3151b9acea52ab
ec234e24dec0944e4ddb6bca283331333bcff09d76dfa24aac7ddb9c1ac42fc1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d54d1989c2a6391c0953d4ed0095ad0afe944da154e1c1fa44ecf8c2833940
f2ae3158daef483eaa221b920ee478c2bda0757f3880ce6bddb66a477e9da203
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f438faa36c17edf2fb94ff23c349219d03db3c5c8940861ce9f93cf99cc0fcfe
f7d5cfe4e3fa7e7ba20f8f652d1755d2fbc4eafb0b185f276daf5890f305763a
f84025664b9326f19e8e11d05175b63c152b2c53e54074885af9038e6c37cb3d
f955d022abad91d9318acbc4053fc640adc7f06d3b00dd1fbf6e2da0301dd9f5
fa2e9b3c8836c24b40cb49b5cfc01771f853dc3e0fbd2da1729da44cfc652d2c
fabe527817cac710db0692168b506a9642c0de36f9ae96dd040a92d828eee45e
fd8ada1dee2023e3c855671ad4c7d64b45f62d51e3da66e094969c15a6f3ff40

vegashero2.com Open in urlscan Pro 185.207.199.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

277 Requests

85 %HTTPS

12 %IPv6

61 Domains

76 Subdomains

60 IPs

13 Countries

3731 kBTransfer

13546 kBSize

57 Cookies

0 Outgoing links

Page URL History

Redirected requests

277 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vegashero2.com Open in urlscan Pro
185.207.199.248 Public Scan

Screenshot
Live screenshot

Full Image

277
Requests

85 %
HTTPS

12 %
IPv6

61
Domains

76
Subdomains

60
IPs

13
Countries

3731 kB
Transfer

13546 kB
Size

57
Cookies

277 HTTP transactions
3 data transactions