www.vegas.com
95.101.111.153 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
http://slot.vulkan-casino-play.com/ 2yr old
Effective URL:
https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_26003... 10yr old
Submission: On April 13 via api (April 13th 2026, 3:19:28 pm UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 13 domains to perform 42 HTTP transactions. The main IP is 95.101.111.153, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1 Akamai International B.V., NL. The main domain is www.vegas.com. The Cisco Umbrella rank of the primary domain is 322726. 10yr old
TLS certificate: Issued by E7 on March 11th 2026. Valid for: 3mo.

This is the only time www.vegas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	103.224.182.253 103.224.182.253	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	2600:9000:264... 2600:9000:2646:c200:a:df5d:54c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	103.224.182.220 103.224.182.220	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 1	162.248.167.98 162.248.167.98	44051 (FORNEX-AS...) (FORNEX-AS Fornex Hosting S.L.)
1 1	35.227.211.136 35.227.211.136	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM - Google LLC)
1 1	34.95.127.121 34.95.127.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM - Google LLC)
1 1	34.248.162.141 34.248.162.141	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
18	95.101.111.153 95.101.111.153	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
5	2a02:26f0:170... 2a02:26f0:1700:1c::217:60d	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:400a:1001::5f	15169 (GOOGLE) (GOOGLE - Google LLC)
3	142.251.13.155 142.251.13.155	15169 (GOOGLE) (GOOGLE - Google LLC)
42	10

3 103.224.182.253 (San Diego, United States) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-253.above.com

slot.vulkan-casino-play.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2600:9000:2646:c200:a:df5d:54c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

ob.sd559908.js.brandsmat.com 4mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)

obs.sd559908.js.brandsmat.com 4mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 103.224.182.220 (San Diego, United States) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-220.above.com

giriul.com 2mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 162.248.167.98 (Frankfurt am Main, Germany) 1 redirects

ASN44051 (FORNEX-AS Fornex Hosting S.L., ES)
PTR: dsde333-8.fornex.org

naiawork.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.227.211.136 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 136.211.227.35.bc.googleusercontent.com

vegas.sjv.io 2mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.95.127.121 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.248.162.141 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-248-162-141.eu-west-1.compute.amazonaws.com

vegas.vdvm.net 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

18 95.101.111.153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a95-101-111-153.deploy.static.akamaitechnologies.com

www.vegas.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 2a02:26f0:1700:1c::217:60d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

p11.techlab-cdn.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:3036::6815:1b98 (None, )

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

use.fontawesome.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:400a:1001::5f (Switzerland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 142.251.13.155 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wt-in-f155.1e100.net

securepubads.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
18	vegas.com www.vegas.com — Cisco Umbrella Rank: 322726 10yr old	1 MB
5	techlab-cdn.com p11.techlab-cdn.com — Cisco Umbrella Rank: 4306 7yr old	118 KB
4	brandsmat.com ob.sd559908.js.brandsmat.com — Cisco Umbrella Rank: 179388 4mo old obs.sd559908.js.brandsmat.com — Cisco Umbrella Rank: 182159 4mo old	46 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 295 9yr old	239 KB
3	vulkan-casino-play.com 1 redirects slot.vulkan-casino-play.com 2yr old	37 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 56yr old	3 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1366 10yr old	172 KB
2	giriul.com 1 redirects giriul.com 2mo old	2 KB
1	vdvm.net 1 redirects vegas.vdvm.net — Cisco Umbrella Rank: 701095 7yr old	946 B
1	ojrq.net 1 redirects www.ojrq.net — Cisco Umbrella Rank: 7136 9yr old	541 B
1	sjv.io 1 redirects vegas.sjv.io 2mo old	762 B
1	naiawork.com 1 redirects naiawork.com 5yr old	2 KB
0	Failed function sub() { [native code] }. Failed
42	13

	Domain	Requested by
18	www.vegas.com	giriul.com www.vegas.com p11.techlab-cdn.com
5	p11.techlab-cdn.com	www.vegas.com p11.techlab-cdn.com
3	securepubads.g.doubleclick.net	www.vegas.com p11.techlab-cdn.com
3	obs.sd559908.js.brandsmat.com	ob.sd559908.js.brandsmat.com slot.vulkan-casino-play.com
3	slot.vulkan-casino-play.com	1 redirects slot.vulkan-casino-play.com
2	fonts.googleapis.com	www.vegas.com
2	use.fontawesome.com	www.vegas.com
2	giriul.com	1 redirects slot.vulkan-casino-play.com
1	vegas.vdvm.net	1 redirects
1	www.ojrq.net	1 redirects
1	vegas.sjv.io	1 redirects
1	naiawork.com	1 redirects
1	ob.sd559908.js.brandsmat.com	slot.vulkan-casino-play.com
0	invalid Failed	ob.sd559908.js.brandsmat.com
42	14

This site contains no links.

Subject Issuer	Validity	Valid
kuwaitmosafer.com R12	`2026-04-05` - `2026-07-04`	3mo	crt.sh
*.sd559908.js.brandsmat.com Amazon RSA 2048 M04	`2026-01-05` - `2027-02-03`	1yr	crt.sh
littleportboathaven.co.uk R12	`2026-04-02` - `2026-07-01`	3mo	crt.sh
www.vegas.com E7	`2026-03-11` - `2026-06-09`	3mo	crt.sh
p11.techlab-cdn.com R13	`2026-03-18` - `2026-06-16`	3mo	crt.sh
use.fontawesome.com WE1	`2026-02-23` - `2026-05-24`	3mo	crt.sh
upload.video.google.com WR2	`2026-03-23` - `2026-06-15`	3mo	crt.sh
*.g.doubleclick.net WE2	`2026-03-23` - `2026-06-15`	3mo	crt.sh

This page contains 1 frames:

Primary Page: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
Frame ID: EB6AC8EBAFF0B31F0DA6E2DF266B9DD4
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://slot.vulkan-casino-play.com/ HTTP 307
https://slot.vulkan-casino-play.com/ Page URL
http://slot.vulkan-casino-play.com/?tr_uuid=20260414-0119-2929-b010-1599f6015f9a&fp=0c86acbfa86dc070abd86c3e2f7... HTTP 307
https://slot.vulkan-casino-play.com/?tr_uuid=20260414-0119-2929-b010-1599f6015f9a&fp=0c86acbfa86dc070abd86c3e2f7... HTTP 302
http://giriul.com/xr.php?e=mgKI88eLBwVnMGN0Je3zPH49fkpUWkdyMERxZGV1dSsyVy9JR3E4RkhFSFpLVldlU05... HTTP 307
https://giriul.com/xr.php?e=mgKI88eLBwVnMGN0Je3zPH49fkpUWkdyMERxZGV1dSsyVy9JR3E4RkhFSFpLVldlU05... Page URL
https://giriul.com/r.php?enc=GDYv6lusquVp8JjJqhcRin49fjVmdXh6Yyt2SkQ0WThXcVZ4MzVoM3VCVHE3MG8vOT... HTTP 302
https://naiawork.com/g/7z8rbci6j9aed232ee182a35947101/?subid3={1426660902}&sid=2026041401192929b0... HTTP 302
https://vegas.sjv.io/c/269814/260030/4221?Subid1=fec9536994d19656bf6247d1ca6e35e9&sharedid=1553143 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fvegas.vdvm.net%2Fc%2F269814%2F260030%2F4221%3FSubid1... HTTP 302
https://vegas.vdvm.net/c/269814/260030/4221?Subid1=fec9536994d19656bf6247d1ca6e35e9&sharedid=155314... HTTP 301
https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_c... Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Floodlight (Advertising) Expand

Overall confidence: 100%
Detected patterns

\.doubleclick\.net

Font Awesome (Font scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Publisher Tag (Advertising) Expand

Overall confidence: 100%
Detected patterns

securepubads\.g\.doubleclick.net/tag/js/gpt\.js

Page Statistics

42
Requests

88 %
HTTPS

38 %
IPv6

13
Domains

14
Subdomains

10
IPs

5
Countries

1977 kB
Transfer

4868 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://slot.vulkan-casino-play.com/ HTTP 307
https://slot.vulkan-casino-play.com/ Page URL
http://slot.vulkan-casino-play.com/?tr_uuid=20260414-0119-2929-b010-1599f6015f9a&fp=0c86acbfa86dc070abd86c3e2f7eff4c&cheq=13048ba9b51c8f87b60635f64c9c502c HTTP 307
https://slot.vulkan-casino-play.com/?tr_uuid=20260414-0119-2929-b010-1599f6015f9a&fp=0c86acbfa86dc070abd86c3e2f7eff4c&cheq=13048ba9b51c8f87b60635f64c9c502c HTTP 302
http://giriul.com/xr.php?e=mgKI88eLBwVnMGN0Je3zPH49fkpUWkdyMERxZGV1dSsyVy9JR3E4RkhFSFpLVldlU05uYmh5RkRjUWFEbDNPVWU2Q2VWbG13MXNnK0pxMWdSVWR3SGk2cnhoVXF4cDhnajRnUDBQMHJpb0VvTHUralJydmFnT0JaV3N6YkJuYUIxcUZ0S0JDTWtVOExmbXRyNmpITWFmc2FvNVF5bnQ2dlFNem9aVzNZK1hrdFdqV1c5Q21qSXo2UVlPLytWK2RhT281SmRDUFhiSExkNFAzNDRiK3JkYWxmeVEyMmoyL1dpT3FpM3N1R2dwek9nZ3BCa0xxbENJWlJWNzBUVkJGaFc5U3ZDUzd1WStPb2hta0pucldYODlSY3R5YjZta3dmdzAybldVOVZERm4rYmlvZDBsZnllNExVK1Bkeks2dHhFRTBBOE1QajRybVF4VFJLZVA4Q0hrWFMwdDlna1ZPMzU4MmhEN3ppSHlMeEJuWGRvQXJoenovNFdkVFh3cHMrYU9sdzJzdTRvU0pyYmV2R09kK0NYSHUxT2cwQUt4ekpKSUZQdkRIM3lEV2JMUGptdE5KREJzczhxaVZiNXQwNWFjMnh3Um5SWGNRQUw5MWlJN1FUY296a0FTRXg5MkF1b2ZXc2VRNG9xWnJSUllITG9mSzNrdlVHWGtTOEt4c2lzaU5GRDFENWMrQlhjMHNNc01wN0FlazB3UnlZd0E1NkVVRzd6d1VpOU91dC9reVRCY0hjUWhicXlRMEp5cTlUekpFVUVUMGwwd3JHSzFuaExpM0RWS05oSDZ1VDhmZ24vOTFtQ1lZM3l6ME1pOVdTMzNEUEtLVE1Qdk9hREpic1E2TlFNWlFuZDJ0eCszWCtDN2F2c0hiN0o5SFJyYUlmc1BLSWY4T1czWXJVUjhhY1ZHbEZxckhEdlBnTW4zUlo3UmlEMjRuV2R1T1Rud1BobEx0UXFaQnFvbktqTHBzOWd5RU04MkM5SWRJNm9aaEtRSUg1dVJDN3lKOThaOVQrR01VdFlvVWM1QTREZmwwRENXU1JScndzNDgvZkhGY09zOUFFYTNhUS9GRDJUZVFndS9wL0F6QVV1N2RGKzMxK0VHTzRRaWVkV0I4a0JGZFZ2QzBDTnIzSzY1L3VXYVZJbHhUb2FUemlCS1JCaEFMYlFJYldhUDVYbjhZOE81ZHVUVW1KN1d0UGVPa3A0OWpScmowam9Edk13ellCbnI4QUM4aVZpOTgySTZzQU1hM2pKdmNXNytEZzRhbnZsTT0%3D HTTP 307
https://giriul.com/xr.php?e=mgKI88eLBwVnMGN0Je3zPH49fkpUWkdyMERxZGV1dSsyVy9JR3E4RkhFSFpLVldlU05uYmh5RkRjUWFEbDNPVWU2Q2VWbG13MXNnK0pxMWdSVWR3SGk2cnhoVXF4cDhnajRnUDBQMHJpb0VvTHUralJydmFnT0JaV3N6YkJuYUIxcUZ0S0JDTWtVOExmbXRyNmpITWFmc2FvNVF5bnQ2dlFNem9aVzNZK1hrdFdqV1c5Q21qSXo2UVlPLytWK2RhT281SmRDUFhiSExkNFAzNDRiK3JkYWxmeVEyMmoyL1dpT3FpM3N1R2dwek9nZ3BCa0xxbENJWlJWNzBUVkJGaFc5U3ZDUzd1WStPb2hta0pucldYODlSY3R5YjZta3dmdzAybldVOVZERm4rYmlvZDBsZnllNExVK1Bkeks2dHhFRTBBOE1QajRybVF4VFJLZVA4Q0hrWFMwdDlna1ZPMzU4MmhEN3ppSHlMeEJuWGRvQXJoenovNFdkVFh3cHMrYU9sdzJzdTRvU0pyYmV2R09kK0NYSHUxT2cwQUt4ekpKSUZQdkRIM3lEV2JMUGptdE5KREJzczhxaVZiNXQwNWFjMnh3Um5SWGNRQUw5MWlJN1FUY296a0FTRXg5MkF1b2ZXc2VRNG9xWnJSUllITG9mSzNrdlVHWGtTOEt4c2lzaU5GRDFENWMrQlhjMHNNc01wN0FlazB3UnlZd0E1NkVVRzd6d1VpOU91dC9reVRCY0hjUWhicXlRMEp5cTlUekpFVUVUMGwwd3JHSzFuaExpM0RWS05oSDZ1VDhmZ24vOTFtQ1lZM3l6ME1pOVdTMzNEUEtLVE1Qdk9hREpic1E2TlFNWlFuZDJ0eCszWCtDN2F2c0hiN0o5SFJyYUlmc1BLSWY4T1czWXJVUjhhY1ZHbEZxckhEdlBnTW4zUlo3UmlEMjRuV2R1T1Rud1BobEx0UXFaQnFvbktqTHBzOWd5RU04MkM5SWRJNm9aaEtRSUg1dVJDN3lKOThaOVQrR01VdFlvVWM1QTREZmwwRENXU1JScndzNDgvZkhGY09zOUFFYTNhUS9GRDJUZVFndS9wL0F6QVV1N2RGKzMxK0VHTzRRaWVkV0I4a0JGZFZ2QzBDTnIzSzY1L3VXYVZJbHhUb2FUemlCS1JCaEFMYlFJYldhUDVYbjhZOE81ZHVUVW1KN1d0UGVPa3A0OWpScmowam9Edk13ellCbnI4QUM4aVZpOTgySTZzQU1hM2pKdmNXNytEZzRhbnZsTT0%3D Page URL
https://giriul.com/r.php?enc=GDYv6lusquVp8JjJqhcRin49fjVmdXh6Yyt2SkQ0WThXcVZ4MzVoM3VCVHE3MG8vOTB1TjV3QzdGUFl1bVVvUzQrR1AyZUdPZ1M5S1JncERCY1V3bEZDSmh1aXhMT0F3YzFoVzliOWtmRlU0ZG8zOGpXdWRxdjhJZlhxRVNweUc5Y1MxUWdKa3V3OUtSOG1BNWVIMTVXbENVSHNVZG0xSjVhbE5xMWxYbTErTWsxL3FybUNKbVhCUTd5RjRvck12TkoyOVM1ZzM2RlVhN1VrTVdXdkZBKzdjaTF2QW9NOUFMMWtKTTFNQjVyYXBmUktERzJwRndyRGVlZEVQRlBpNUYrU2ZXdHNmQjBMTlNrRVdsckYyN05QVmFYbW1heFBPa1g5SUUyd1JZOWowUHZPWnZvdEVQaklhRnBqQ3BNOUxmTW9iTzYvSFcrdk5XUzZMRXdkaGZ4bHIzWGNGTlBrbFlGV204VjJVcElCTWJSbzNFUDhLWWE5NzZRTVVBQXF3c2pJRUY0YUhNdkZMaVR5YWdPVE13S1lubUdVL2VKeUs2ZVVmTkhtRmtnYnJIU2pHVkJHN0xhL09hKzBJS09DRUgvNTM3bkJBVVdHZUVGRkxOakQ4MUFUYXRySkJlZlMzZ3F3eFNHYWtrMm1NazAxenhiNTN4dGNBQTJTejRoS3E4ZDlLam5VMEg3YVJWN3dNWk84MUY5S1JValdHMXg4VmNaZ2piSkJEbzY3QUVEcXhlbGphNjVNaUNRSE8zRUdlVlEzOFNGanN4REZEZVQ1OGllbG02RlJsRktYUVFBcjFGSVEzM01EVm1vQ0MwYlVxQS9QS3JnbDlpVHhzb2pHRE55d2xYcDVIZU9EeGJzOFhYQ1kzcUpFNDNHSS8xQWdrVzMwVUtQL1pEaHFUZXNaTWN3SVlzR212eTJVWVRZZ3BaQktqb3ZSNVZiVDdiRjExSlA1bUIyWnF2ZE9raEQrZUtQZG92MWVCRmZjdC9pdTJSSDVBQmVTTC9rY3h5LzE5REFlcWVaVW9GNnp6aloyMXo2OVFHTjdvWUd3d1B4R3MzZ2JlM3I3VzltM2JZbndqVkh6V2NCSDlhWjR1dFU9&vs=1600:1200&ds=1600:1200&sl=1570:1170&os=f&nos=t HTTP 302
https://naiawork.com/g/7z8rbci6j9aed232ee182a35947101/?subid3={1426660902}&sid=2026041401192929b0101599f6015f9a HTTP 302
https://vegas.sjv.io/c/269814/260030/4221?Subid1=fec9536994d19656bf6247d1ca6e35e9&sharedid=1553143 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fvegas.vdvm.net%2Fc%2F269814%2F260030%2F4221%3FSubid1%3Dfec9536994d19656bf6247d1ca6e35e9%26sharedid%3D1553143%26level%3D1%26srcref%3Dhttps%253A%252F%252Fgiriul.com%252F&cid=4221&tpsync=yes&auth=5a56376c16dd77ad HTTP 302
https://vegas.vdvm.net/c/269814/260030/4221?Subid1=fec9536994d19656bf6247d1ca6e35e9&sharedid=1553143&level=1&srcref=https%3A%2F%2Fgiriul.com%2F&brwsr=2ced3047-374c-11f1-a87d-5bbcc9043cfa&brwsrsig=zbxVcFVOuSLtxqrSYsSIVzweQijwMm HTTP 301
https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://slot.vulkan-casino-play.com/ HTTP 307
https://slot.vulkan-casino-play.com/

Request Chain 7

http://slot.vulkan-casino-play.com/?tr_uuid=20260414-0119-2929-b010-1599f6015f9a&fp=0c86acbfa86dc070abd86c3e2f7eff4c&cheq=13048ba9b51c8f87b60635f64c9c502c HTTP 307
https://slot.vulkan-casino-play.com/?tr_uuid=20260414-0119-2929-b010-1599f6015f9a&fp=0c86acbfa86dc070abd86c3e2f7eff4c&cheq=13048ba9b51c8f87b60635f64c9c502c HTTP 302
http://giriul.com/xr.php?e=mgKI88eLBwVnMGN0Je3zPH49fkpUWkdyMERxZGV1dSsyVy9JR3E4RkhFSFpLVldlU05uYmh5RkRjUWFEbDNPVWU2Q2VWbG13MXNnK0pxMWdSVWR3SGk2cnhoVXF4cDhnajRnUDBQMHJpb0VvTHUralJydmFnT0JaV3N6YkJuYUIxcUZ0S0JDTWtVOExmbXRyNmpITWFmc2FvNVF5bnQ2dlFNem9aVzNZK1hrdFdqV1c5Q21qSXo2UVlPLytWK2RhT281SmRDUFhiSExkNFAzNDRiK3JkYWxmeVEyMmoyL1dpT3FpM3N1R2dwek9nZ3BCa0xxbENJWlJWNzBUVkJGaFc5U3ZDUzd1WStPb2hta0pucldYODlSY3R5YjZta3dmdzAybldVOVZERm4rYmlvZDBsZnllNExVK1Bkeks2dHhFRTBBOE1QajRybVF4VFJLZVA4Q0hrWFMwdDlna1ZPMzU4MmhEN3ppSHlMeEJuWGRvQXJoenovNFdkVFh3cHMrYU9sdzJzdTRvU0pyYmV2R09kK0NYSHUxT2cwQUt4ekpKSUZQdkRIM3lEV2JMUGptdE5KREJzczhxaVZiNXQwNWFjMnh3Um5SWGNRQUw5MWlJN1FUY296a0FTRXg5MkF1b2ZXc2VRNG9xWnJSUllITG9mSzNrdlVHWGtTOEt4c2lzaU5GRDFENWMrQlhjMHNNc01wN0FlazB3UnlZd0E1NkVVRzd6d1VpOU91dC9reVRCY0hjUWhicXlRMEp5cTlUekpFVUVUMGwwd3JHSzFuaExpM0RWS05oSDZ1VDhmZ24vOTFtQ1lZM3l6ME1pOVdTMzNEUEtLVE1Qdk9hREpic1E2TlFNWlFuZDJ0eCszWCtDN2F2c0hiN0o5SFJyYUlmc1BLSWY4T1czWXJVUjhhY1ZHbEZxckhEdlBnTW4zUlo3UmlEMjRuV2R1T1Rud1BobEx0UXFaQnFvbktqTHBzOWd5RU04MkM5SWRJNm9aaEtRSUg1dVJDN3lKOThaOVQrR01VdFlvVWM1QTREZmwwRENXU1JScndzNDgvZkhGY09zOUFFYTNhUS9GRDJUZVFndS9wL0F6QVV1N2RGKzMxK0VHTzRRaWVkV0I4a0JGZFZ2QzBDTnIzSzY1L3VXYVZJbHhUb2FUemlCS1JCaEFMYlFJYldhUDVYbjhZOE81ZHVUVW1KN1d0UGVPa3A0OWpScmowam9Edk13ellCbnI4QUM4aVZpOTgySTZzQU1hM2pKdmNXNytEZzRhbnZsTT0%3D HTTP 307
https://giriul.com/xr.php?e=mgKI88eLBwVnMGN0Je3zPH49fkpUWkdyMERxZGV1dSsyVy9JR3E4RkhFSFpLVldlU05uYmh5RkRjUWFEbDNPVWU2Q2VWbG13MXNnK0pxMWdSVWR3SGk2cnhoVXF4cDhnajRnUDBQMHJpb0VvTHUralJydmFnT0JaV3N6YkJuYUIxcUZ0S0JDTWtVOExmbXRyNmpITWFmc2FvNVF5bnQ2dlFNem9aVzNZK1hrdFdqV1c5Q21qSXo2UVlPLytWK2RhT281SmRDUFhiSExkNFAzNDRiK3JkYWxmeVEyMmoyL1dpT3FpM3N1R2dwek9nZ3BCa0xxbENJWlJWNzBUVkJGaFc5U3ZDUzd1WStPb2hta0pucldYODlSY3R5YjZta3dmdzAybldVOVZERm4rYmlvZDBsZnllNExVK1Bkeks2dHhFRTBBOE1QajRybVF4VFJLZVA4Q0hrWFMwdDlna1ZPMzU4MmhEN3ppSHlMeEJuWGRvQXJoenovNFdkVFh3cHMrYU9sdzJzdTRvU0pyYmV2R09kK0NYSHUxT2cwQUt4ekpKSUZQdkRIM3lEV2JMUGptdE5KREJzczhxaVZiNXQwNWFjMnh3Um5SWGNRQUw5MWlJN1FUY296a0FTRXg5MkF1b2ZXc2VRNG9xWnJSUllITG9mSzNrdlVHWGtTOEt4c2lzaU5GRDFENWMrQlhjMHNNc01wN0FlazB3UnlZd0E1NkVVRzd6d1VpOU91dC9reVRCY0hjUWhicXlRMEp5cTlUekpFVUVUMGwwd3JHSzFuaExpM0RWS05oSDZ1VDhmZ24vOTFtQ1lZM3l6ME1pOVdTMzNEUEtLVE1Qdk9hREpic1E2TlFNWlFuZDJ0eCszWCtDN2F2c0hiN0o5SFJyYUlmc1BLSWY4T1czWXJVUjhhY1ZHbEZxckhEdlBnTW4zUlo3UmlEMjRuV2R1T1Rud1BobEx0UXFaQnFvbktqTHBzOWd5RU04MkM5SWRJNm9aaEtRSUg1dVJDN3lKOThaOVQrR01VdFlvVWM1QTREZmwwRENXU1JScndzNDgvZkhGY09zOUFFYTNhUS9GRDJUZVFndS9wL0F6QVV1N2RGKzMxK0VHTzRRaWVkV0I4a0JGZFZ2QzBDTnIzSzY1L3VXYVZJbHhUb2FUemlCS1JCaEFMYlFJYldhUDVYbjhZOE81ZHVUVW1KN1d0UGVPa3A0OWpScmowam9Edk13ellCbnI4QUM4aVZpOTgySTZzQU1hM2pKdmNXNytEZzRhbnZsTT0%3D

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
slot.vulkan-casino-play.com/
Redirect Chain

http://slot.vulkan-casino-play.com/
https://slot.vulkan-casino-play.com/

3 KB
1 KB

1030ms
194ms

Document
text/html

103.224.182.253
TRELLIAN-AS-AP Tr...

General

Check archive.org

Download Go to

Full URL: https://slot.vulkan-casino-play.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.182.253 San Diego, United States, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-182-253.above.com
Software: Apache /
Resource Hash: 0c2cf4534b166c3bcb95643020f295848d54896167414de3a564b57921cd7ad6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

connection: close
content-encoding: gzip
content-length: 1172
content-type: text/html; charset=UTF-8
date: Mon, 13 Apr 2026 15:19:29 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Location: https://slot.vulkan-casino-play.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 c59f6651af12b5efb3ef9693abae15af.js Show response
ob.sd559908.js.brandsmat.com/i/ 119 KB
45 KB 124ms
34ms Script
text/javascript 2600:9000:2646:c200:a:df5d:54c0:93a1
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://ob.sd559908.js.brandsmat.com/i/c59f6651af12b5efb3ef9693abae15af.js
Requested by: Host: slot.vulkan-casino-play.com
URL: https://slot.vulkan-casino-play.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:c200:a:df5d:54c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Caddy /
Resource Hash: 38e0c53becf1ce3772f762173c98ca177caa9f852492b334b32756adb3321777

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://slot.vulkan-casino-play.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "1dc1e-ZORXFzV6E4+Bd9RnhKfEoTAfpV0"
age: 42689
via: 1.1 bd96095bb3c15c742ab4d72d1fecba6c.cloudfront.net (CloudFront)
expires: Mon, 13 Apr 2026 15:28:00 GMT
x-cache: Hit from cloudfront
content-length: 45191
x-amz-cf-id: DHjDY3XjBJ8_JbsdrMWaT6Pwuy2aE7rB9Bn8EYVFQ0J7GUWb_bVq1Q==
date: Mon, 13 Apr 2026 03:28:02 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Caddy
x-amz-cf-pop: FRA60-P5

GET
H/1.1 200
OK iife.min.js Show response
slot.vulkan-casino-play.com/js/fingerprint/ 33 KB
34 KB 548ms
187ms Script
text/javascript 103.224.182.253
TRELLIAN-AS-AP Tr...

General

Check archive.org

Download Go to

Full URL: https://slot.vulkan-casino-play.com/js/fingerprint/iife.min.js
Requested by: Host: slot.vulkan-casino-play.com
URL: https://slot.vulkan-casino-play.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.182.253 San Diego, United States, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-182-253.above.com
Software: Apache /
Resource Hash: c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://slot.vulkan-casino-play.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

etag: "85c0-6250852f4b980"
connection: close
accept-ranges: bytes
content-length: 34240
date: Mon, 13 Apr 2026 15:19:29 GMT
last-modified: Tue, 22 Oct 2024 03:25:42 GMT
content-type: text/javascript
server: Apache

GET
H2 200 ct Show response
obs.sd559908.js.brandsmat.com/ 4 KB
2 KB 442ms
161ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://obs.sd559908.js.brandsmat.com/ct?id=94292&url=https%3A%2F%2Fslot.vulkan-casino-play.com%2F&sf=0&tpi=&ch=vulkan-casino-play.com&uvid=&tsf=0&tsfmi=&tsfu=&cb=1776093569479&hl=2&op=0&ag=2068119151&rand=14511927559167080210571897096191982905471022987412710687079014187085106071248021527665081907&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDE0NTldLFsiYWJuY2giLDExXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcImludGVsIGluYy5cIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMCAob3BlbmdsIGVzIGdsc2wgZXMgMS4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wIChvcGVuZ2wgZXMgMi4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJiZW5cIjo0LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MTkzMDgyMDI3OSxcInNlY1wiOlwiXCJ9Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy0yNCwiW10iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMywiLSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy00OSwiLSJdLFstNTIsIi0iXSxbLTU4LCItIl0sWy02NywiLSJdLFstNSwiLSJdLFstMTMsIi0iXSxbLTIwLCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00OCwiW1wiLVwiLFwiLVwiLFwiLVwiLFwiLVwiLFwiLVwiXSJdLFstNTksImRlZmF1bHQiXSxbLTY5LCJMaW51eCB4ODZfNjR8R29vZ2xlIEluYy58MzJ8MzJ8TGludXh8MCJdLFstNzEsImEwMTAwMTAxMTAwMTAwMTAxMDAwMTAxMDAxMTExMTAxMDAwMDEwIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoxMDAwMDAwMCxcInVqaHNcIjoxMDAwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIls1MCwxMCwwLFwiNGdcIixudWxsXSJdLFstNTAsIi0iXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNjQsIlswLFwiTGludXhcIixbe1wiYlwiOlwiQ2hyb21pdW1cIixcInZcIjpcIjE0N1wifSx7XCJiXCI6XCJHb29nbGUgQ2hyb21lXCIsXCJ2XCI6XCIxNDdcIn0se1wiYlwiOlwiTm90LUEuQnJhbmRcIixcInZcIjpcIjI0XCJ9XV0iXSxbLTY4LCItIl0sWy0yLCI2LE5JU0FJSmhBNEpIUlVFUWNHQ0JRczJiRnl4ZTBWVUVDelk4SXFpWENzaUZ4VkZ4UUtpVjBHUW9paWlLTDBtb1JNZ1FNcVQ1R21uek14dS85K2FjODZUa3hCQS9OejM4OTczUDUiXSxbLTQsIjxodG1sPjxoZWFkPlxuICAgIDx0aXRsZT52dWxrYW4tY2FzaW5vLXBsYXkuY29tPC90aXRsZT5cbiAgICA8c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj5cbiAgICAgICAgd2luZG93LmNoZXFSZXF1ZXN0SWQgPSBudWxsO1xuICAgICAgICB3aW5kb3cuX19yZXNvbHZlQ2hlcSA9IG51bGw7XG5cbiAgICAgICAgd2luZG93Lm9uQ2hlcVJlc3BvbnNlID0gZnVuY3Rpb24gKGRhdGEsIHJlcXVlc3RJZCkge1xuICAgICAgICAgICAgaWYgKHR5cGVvZiByZXF1ZXN0SWQgPT09IFwic3RyaW5nXCIgJiYgcmVxdWVzdElkLmxlbmd0aCA%2BIDApIHtcbiAgICAgICAgICAgICAgICB3aW5kb3cuY2hlcVJlcXVlc3RJZCA9IHJlcXVlc3RJZDtcbiAgICAgICAgICAgIH1cblxuICAgICAgICAgICAgaWYgKHR5cGVvZiB3aW5kb3cuX19yZXNvbHZlQ2hlcSA9PT0gXCJmdW5jdGlvblwiKSB7XG4gICAgICAgICAgICAgICAgd2luZG93Ll9fcmVzb2x2ZUNoZXEoKTtcbiAgICAgICAgICAgIH1cbiAgICAgICAgfTtcbiAgICA8L3NjcmlwdD5cbiAgICA8c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly9vYi5zZDU1OTkwOC5qcy5icmFuZHNtYXQuY29tL2kvYzU5ZjY2NTFhZjEyYjVlZmIzZWY5NjkzYWJhZTE1YWYuanNcIiBkYXRhLWNoPVwidnVsa2FuLWNhc2luby1wbGF5LmNvbVwiIGNsYXNzPVwiY3RfY2xpY2t0cnVlXzk0MjkyXCIgZGF0YS1qc29ucD1cIm9uQ2hlcVJlc3BvbnNlXCI%2BXG4gICAgPC9zY3JpcHQ%2BXG4gICAgPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgc3JjPVwiL2pzL2ZpbmdlcnByaW50L2lpZmUubWluLmpzXCI%2BPC9zY3JpcHQ%2BPGlmcmFtZSBzdHlsZT1cIndpZHRoOiAwcHggIWltcG9ydGFudDsgaGVpZ2h0OiAwcHggIWltcG9ydGFudDsgZGlzcGxheTogbm9uZSAhaW1wb3J0YW50O1wiPjwvaWZyYW1lPjwvaGVhZD48L2h0bWw%2BLDkwMSJdLFstMTAsIi0iXSxbLTIxLCItIl0sWy0zNSwiWzE3NzYwOTM1Njk0NjIsLTJdIl0sWy02MSwie1wid2dzbFwiOlwiODtwYWNrZWRfNHg4X2ludGVnZXJfZG90X3Byb2R1Y3Q7c3ViZ3JvdXBfdW5pZm9ybWl0eTtzdWJncm91cF9pZDtyZWFkb25seV9hbmRfcmVhZHdyaXRlX3N0b3JhZ2VfdGV4dHVyZXM7dW5yZXN0cmljdGVkX3BvaW50ZXJfcGFyYW1ldGVyczt0ZXh0dXJlX2FuZF9zYW1wbGVyX2xldDtwb2ludGVyX2NvbXBvc2l0ZV9hY2Nlc3M7dW5pZm9ybV9idWZmZXJfc3RhbmRhcmRfbGF5b3V0O1wiLFwicGNmXCI6XCJyZ2JhOHVub3JtXCJ9Il0sWy02MiwiODAiXSxbLTY1LCItIl0sWy03MiwiRXhVPSJdLFstNzMsIi0iXSxbLTc1LCJ7fS5zb21lRnVuYyBpcyBub3QgYSBmdW5jdGlvbiJdLFstMzQsIi0iXSxbLTQ1LCItIl0sWy02NiwiZ2VvbG9jYXRpb24sY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjcm9zc29yaWdpbmlzb2xhdGVkLHNjcmVlbndha2Vsb2NrLG9uZGV2aWNlc3BlZWNocmVjb2duaXRpb24sdHJhbnNsYXRvcixwdWJsaWNrZXljcmVkZW50aWFsc2dldCxzaGFyZWRzdG9yYWdlc2VsZWN0dXJsLGNodWFhcmNoLGNvbXB1dGVwcmVzc3VyZSxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LGRlZmVycmVkZmV0Y2gsdXNiLGNoc2F2ZWRhdGEscHVibGlja2V5Y3JlZGVudGlhbHNjcmVhdGUsc2hhcmVkc3RvcmFnZSxkZWZlcnJlZGZldGNobWluaW1hbCxydW5hZGF1Y3Rpb24sY2hkb3dubGluayxjaHVhZm9ybWZhY3RvcnMsb3RwY3JlZGVudGlhbHMscGF5bWVudCxjaHVhLGNodWFtb2RlbCxjaGVjdCxhdXRvcGxheSxjYW1lcmEsbGFuZ3VhZ2VkZXRlY3Rvcixwcml2YXRlc3RhdGV0b2tlbmlzc3VhbmNlLGRpZ2l0YWxjcmVkZW50aWFsc2dldCxhY2NlbGVyb21ldGVyLGNodWFwbGF0Zm9ybXZlcnNpb24saWRsZWRldGVjdGlvbixwcml2YXRlYWdncmVnYXRpb24saW50ZXJlc3Rjb2hvcnQsY2h2aWV3cG9ydGhlaWdodCxjYXB0dXJlZHN1cmZhY2Vjb250cm9sLGxvY2FsZm9udHMsY2h1YXBsYXRmb3JtLG1pZGksY2h1YWZ1bGx2ZXJzaW9uLHhyc3BhdGlhbHRyYWNraW5nLGNsaXBib2FyZHJlYWQsZ2FtZXBhZCxkaXNwbGF5Y2FwdHVyZSxrZXlib2FyZG1hcCxqb2luYWRpbnRlcmVzdGdyb3VwLGFyaWFub3RpZnksbG9jYWxuZXR3b3JrLGNodWFoaWdoZW50cm9weXZhbHVlcyxjaHdpZHRoLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24sYnJvd3Npbmd0b3BpY3MsZW5jcnlwdGVkbWVkaWEsbG9jYWxuZXR3b3JrYWNjZXNzLGd5cm9zY29wZSxzZXJpYWwsY2hydHQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LHVubG9hZCxjaGRwcixjaHByZWZlcnNjb2xvcnNjaGVtZSxjaHVhd293NjQsYXR0cmlidXRpb25yZXBvcnRpbmcsZnVsbHNjcmVlbixpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixoaWQsc3VtbWFyaXplcixjaHVhYml0bmVzcyxzdG9yYWdlYWNjZXNzLHN5bmN4aHIsY2hkZXZpY2VtZW1vcnksY2h2aWV3cG9ydHdpZHRoLHBpY3R1cmVpbnBpY3R1cmUsbWFnbmV0b21ldGVyLGxvb3BiYWNrbmV0d29yayxjbGlwYm9hcmR3cml0ZSxtaWNyb3Bob25lIl0sWy03MCwiLSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMzEsImZhbHNlIl0sWy00MSwiLSJdLFstNTEsIi0iXSxbLTU1LCIwIl0sWy0xLCItIl0sWy02LCItIl0sWy04LCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W119Il0sWy0xMiwibnVsbCJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzExNzAsMTU3MCwxMTcwLDE1NzAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyODUsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwLDBdIl0sWy0yOCwiZGUtREUiXSxbLTQ3LCJFdXJvcGUvQmVybGluLGRlLGxhdG4sZ3JlZ29yeSJdLFstNTQsIi0iXSxbLTcsIi0iXSxbLTksIisiXSxbLTMyLCItIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy00MCwiMzMiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z0tEd0FJQUJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZDhYQmtSVVUxTlNVb0RGaFpXV3hkS1hRd01BQUFKQVJkVFNoZGJTMWhYWFVwVVdFMFhXbFpVRmxBV1dnd0FYdzhQREFoWVh3Z0xXd3hjWDFzS1hGOEFEd0FLV0Z0WVhBZ01XRjhYVTBvRENBTVBDQW9CQ1JBVldFMFpTeGtSVVUxTlNVb0RGaFpXV3hkS1hRd01BQUFKQVJkVFNoZGJTMWhYWFVwVVdFMFhXbFpVRmxBV1dnd0FYdzhQREFoWVh3Z0xXd3hjWDFzS1hGOEFEd0FLV0E9PSJdLFstMTYsIjAiXSxbLTE3LCIzMiJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAxMTAxMTAxMDAwMDAxMDExMDEiXSxbLTYwLDIwOF0sWy03NCwiMCwwIl0sWyJibmNoIiw1Ml0sWy0zOCwibCwtMSwtMSwyLDAsMSwwLDQ3MywzNjIsMTk2LC0xLDAsLCwxMjU5LDEyNTkiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSwzMixmYWxzZSxudWxsLDUsdHJ1ZSx0cnVlLG51bGwsMCx0cnVlLHRydWUsZmFsc2UsdHJ1ZV0iXSxbLTQ0LCIwLDAsMCw1Il0sWy00NiwiMCJdLFstNTMsIjAwMSJdLFstNjMsIjAiXSxbImRkYiIsIjAsNSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwxLDAsMiwwLDAsNCwwLDEsMCwwLDAsMCwwLDAsMCwxLDIsMCw1LDEsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDQsMCwwLDUsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdXQ%3D%3D&dep=0&pre=0&sdd=&cri=cZW31xNxx1&pto=1263&ver=65&gac=-&mei=&ap=&fe=1&duid=1.1776093569.z9RC3EBBkGsJ4Hdh&suid=1.1776093569.CfQm3ZWajJW3M4bu&tuid=1.1776093569.OUvrNgricl0SQCUJ&sid=1.1776093569481.RI3HXgFOnVEKwJUO&fbc=-&gtm=-&it=3%2C1048%2C151&fbcl=-&gacl=-&gacsd=-&rtic=-&rtict=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA%2FNjotaGA2Og%3D%3D
Requested by: Host: ob.sd559908.js.brandsmat.com
URL: https://ob.sd559908.js.brandsmat.com/i/c59f6651af12b5efb3ef9693abae15af.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 69bdd452aa935aa0279c48f3aae7710125915657e5fa8a47bf53d64866c1491e

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://slot.vulkan-casino-play.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: https://slot.vulkan-casino-play.com
content-encoding: gzip
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 1264
date: Mon, 13 Apr 2026 15:19:29 GMT
content-type: text/javascript

GET
H2 200 tc_imp.gif
obs.sd559908.js.brandsmat.com/tracker/ 43 B
79 B 132ms
132ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://obs.sd559908.js.brandsmat.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126de8c73ce9428c949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d57158f642517071a10acf9f29f674f81d1dd037f3f13fb2d7200d26e8b31c5033901719300540933045e95b8384b77be26bb25cb43e2916af05165ad5f2f7a1bda53ec14f4c1d7de3cbb2807ff7ecaa8556d8e0e3143714493870265a060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c44ca4825b6a3e5aa22a76da50eda7cf54a6863c89777256e1d0cd71ed0d906f50732e690b73255015ab2fb523c9bdc05457f54065258fcd135700e5fe6a5142c93aaf1298ee04572032cbbc5f4c2c935e7c2db59ec489f5e2c7edfaacff4e43e82dde16b933b5c80f09b291945ff3767afc21264e8dbfe228902ac4fe18118c01cd9d36d9a6d279c9c22d16c90daf4e1caadbf0b20e477f2ffba6a5b2ba3903fcff05cf5001a5a860347d68192c3cdf1ca22c629cbd2b48577a33c3574827f6bccc7df0e37d7eb62a60da7cb1cc72ce13d430b0c8c10984d9287ae3fe0d476870be4cf848829ce494369fa4e04546e092687ec2df444de8cdf64b1896bf493209583eaef7683bda84d687d93a55f49d4f7471a0ef7f8e931f57ec3b502fdea3cec6ebc23c202a7488efd62836373f6a4807b2d2372557878004effbfc8158610bd57535135eaf613cd92730ffdb1c3bbbc6cc2edf8fd86f8aff2574e3cfb4782aa586e83436207d6635d7364ea7aaf761ac3f7c0638a63d0398ab731c4b80c9c67122820037a0f81c9e4da3b6748991f4289cedabcb9d64e039eb1d061849b36228cc0182e3ffb96dd0421b773820a981ee7389e13dac041f8ef35b193d9d1ca4760eee53a719e64e5c8e9ff04967e350804936f4550b8a05a89e50ab9cffa9557a7e0d669745044c339f940b849a0c52ccf66512b533b637ee65d88813a56bc69c9b98a509f8d33db362afc4d7c4ffe9bb47048f263b7ce46c80d5a6d56ae7968dbbddd69d7456acbc142dd808eaec41b8503377742ab287b409691104eee69a5eccb2e8cdaf01c1d21f3782a0918dd570db3dbfc1212936b6dc1d7da03dbdebad34b7df963ea156057d05c7c3c8685465381d5e0dffea04ca269e47cdf25dd9d5b92b8ea2136f39411818cb4b1cdf0d3cc2850cea27c13893596168f06b2f621bacccfc76da0df9681bb3427cbb2bda71d96468204473e513d87&cri=cZW31xNxx1&ts=451&cb=1776093569930
Requested by: Host: slot.vulkan-casino-play.com
URL: https://slot.vulkan-casino-play.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://slot.vulkan-casino-play.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Mon, 13 Apr 2026 15:19:29 GMT
pragma: no-cache
content-type: image/gif

GET b3cc69f2-7a64-402e-bcb9-ff692cc5725e
https://slot.vulkan-casino-play.com/ 0
0

GET /
invalid/ 0
0

GET
H/1.1

200
OK

xr.php
giriul.com/
Redirect Chain

http://slot.vulkan-casino-play.com/?tr_uuid=20260414-0119-2929-b010-1599f6015f9a&fp=0c86acbfa86dc070abd86c3e2f7eff4c&cheq=13048ba9b51c8f87b60635f64c9c502c
https://slot.vulkan-casino-play.com/?tr_uuid=20260414-0119-2929-b010-1599f6015f9a&fp=0c86acbfa86dc070abd86c3e2f7eff4c&cheq=13048ba9b51c8f87b60635f64c9c502c
http://giriul.com/xr.php?e=mgKI88eLBwVnMGN0Je3zPH49fkpUWkdyMERxZGV1dSsyVy9JR3E4RkhFSFpLVldlU05uYmh5RkRjUWFEbDNPVWU2Q2VWbG13MXNnK0pxMWdSVWR3SGk2cnhoVXF4cDhnajRnUDBQMHJpb0VvTHUralJydmFnT0JaV3N6YkJuYU...
https://giriul.com/xr.php?e=mgKI88eLBwVnMGN0Je3zPH49fkpUWkdyMERxZGV1dSsyVy9JR3E4RkhFSFpLVldlU05uYmh5RkRjUWFEbDNPVWU2Q2VWbG13MXNnK0pxMWdSVWR3SGk2cnhoVXF4cDhnajRnUDBQMHJpb0VvTHUralJydmFnT0JaV3N6YkJuY...

2 KB
1 KB

1035ms
196ms

Document
text/html

103.224.182.220
TRELLIAN-AS-AP Tr...

General

Check archive.org

Download Go to

Full URL: https://giriul.com/xr.php?e=mgKI88eLBwVnMGN0Je3zPH49fkpUWkdyMERxZGV1dSsyVy9JR3E4RkhFSFpLVldlU05uYmh5RkRjUWFEbDNPVWU2Q2VWbG13MXNnK0pxMWdSVWR3SGk2cnhoVXF4cDhnajRnUDBQMHJpb0VvTHUralJydmFnT0JaV3N6YkJuYUIxcUZ0S0JDTWtVOExmbXRyNmpITWFmc2FvNVF5bnQ2dlFNem9aVzNZK1hrdFdqV1c5Q21qSXo2UVlPLytWK2RhT281SmRDUFhiSExkNFAzNDRiK3JkYWxmeVEyMmoyL1dpT3FpM3N1R2dwek9nZ3BCa0xxbENJWlJWNzBUVkJGaFc5U3ZDUzd1WStPb2hta0pucldYODlSY3R5YjZta3dmdzAybldVOVZERm4rYmlvZDBsZnllNExVK1Bkeks2dHhFRTBBOE1QajRybVF4VFJLZVA4Q0hrWFMwdDlna1ZPMzU4MmhEN3ppSHlMeEJuWGRvQXJoenovNFdkVFh3cHMrYU9sdzJzdTRvU0pyYmV2R09kK0NYSHUxT2cwQUt4ekpKSUZQdkRIM3lEV2JMUGptdE5KREJzczhxaVZiNXQwNWFjMnh3Um5SWGNRQUw5MWlJN1FUY296a0FTRXg5MkF1b2ZXc2VRNG9xWnJSUllITG9mSzNrdlVHWGtTOEt4c2lzaU5GRDFENWMrQlhjMHNNc01wN0FlazB3UnlZd0E1NkVVRzd6d1VpOU91dC9reVRCY0hjUWhicXlRMEp5cTlUekpFVUVUMGwwd3JHSzFuaExpM0RWS05oSDZ1VDhmZ24vOTFtQ1lZM3l6ME1pOVdTMzNEUEtLVE1Qdk9hREpic1E2TlFNWlFuZDJ0eCszWCtDN2F2c0hiN0o5SFJyYUlmc1BLSWY4T1czWXJVUjhhY1ZHbEZxckhEdlBnTW4zUlo3UmlEMjRuV2R1T1Rud1BobEx0UXFaQnFvbktqTHBzOWd5RU04MkM5SWRJNm9aaEtRSUg1dVJDN3lKOThaOVQrR01VdFlvVWM1QTREZmwwRENXU1JScndzNDgvZkhGY09zOUFFYTNhUS9GRDJUZVFndS9wL0F6QVV1N2RGKzMxK0VHTzRRaWVkV0I4a0JGZFZ2QzBDTnIzSzY1L3VXYVZJbHhUb2FUemlCS1JCaEFMYlFJYldhUDVYbjhZOE81ZHVUVW1KN1d0UGVPa3A0OWpScmowam9Edk13ellCbnI4QUM4aVZpOTgySTZzQU1hM2pKdmNXNytEZzRhbnZsTT0%3D
Requested by: Host: slot.vulkan-casino-play.com
URL: https://slot.vulkan-casino-play.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.182.220 San Diego, United States, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-182-220.above.com
Software: Apache /
Resource Hash

Request headers

Referer: https://slot.vulkan-casino-play.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36

Response headers

connection: close
content-encoding: gzip
content-length: 1240
content-type: text/html; charset=UTF-8
date: Mon, 13 Apr 2026 15:19:32 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Location: https://giriul.com/xr.php?e=mgKI88eLBwVnMGN0Je3zPH49fkpUWkdyMERxZGV1dSsyVy9JR3E4RkhFSFpLVldlU05uYmh5RkRjUWFEbDNPVWU2Q2VWbG13MXNnK0pxMWdSVWR3SGk2cnhoVXF4cDhnajRnUDBQMHJpb0VvTHUralJydmFnT0JaV3N6YkJuYUIxcUZ0S0JDTWtVOExmbXRyNmpITWFmc2FvNVF5bnQ2dlFNem9aVzNZK1hrdFdqV1c5Q21qSXo2UVlPLytWK2RhT281SmRDUFhiSExkNFAzNDRiK3JkYWxmeVEyMmoyL1dpT3FpM3N1R2dwek9nZ3BCa0xxbENJWlJWNzBUVkJGaFc5U3ZDUzd1WStPb2hta0pucldYODlSY3R5YjZta3dmdzAybldVOVZERm4rYmlvZDBsZnllNExVK1Bkeks2dHhFRTBBOE1QajRybVF4VFJLZVA4Q0hrWFMwdDlna1ZPMzU4MmhEN3ppSHlMeEJuWGRvQXJoenovNFdkVFh3cHMrYU9sdzJzdTRvU0pyYmV2R09kK0NYSHUxT2cwQUt4ekpKSUZQdkRIM3lEV2JMUGptdE5KREJzczhxaVZiNXQwNWFjMnh3Um5SWGNRQUw5MWlJN1FUY296a0FTRXg5MkF1b2ZXc2VRNG9xWnJSUllITG9mSzNrdlVHWGtTOEt4c2lzaU5GRDFENWMrQlhjMHNNc01wN0FlazB3UnlZd0E1NkVVRzd6d1VpOU91dC9reVRCY0hjUWhicXlRMEp5cTlUekpFVUVUMGwwd3JHSzFuaExpM0RWS05oSDZ1VDhmZ24vOTFtQ1lZM3l6ME1pOVdTMzNEUEtLVE1Qdk9hREpic1E2TlFNWlFuZDJ0eCszWCtDN2F2c0hiN0o5SFJyYUlmc1BLSWY4T1czWXJVUjhhY1ZHbEZxckhEdlBnTW4zUlo3UmlEMjRuV2R1T1Rud1BobEx0UXFaQnFvbktqTHBzOWd5RU04MkM5SWRJNm9aaEtRSUg1dVJDN3lKOThaOVQrR01VdFlvVWM1QTREZmwwRENXU1JScndzNDgvZkhGY09zOUFFYTNhUS9GRDJUZVFndS9wL0F6QVV1N2RGKzMxK0VHTzRRaWVkV0I4a0JGZFZ2QzBDTnIzSzY1L3VXYVZJbHhUb2FUemlCS1JCaEFMYlFJYldhUDVYbjhZOE81ZHVUVW1KN1d0UGVPa3A0OWpScmowam9Edk13ellCbnI4QUM4aVZpOTgySTZzQU1hM2pKdmNXNytEZzRhbnZsTT0%3D
Non-Authoritative-Reason: HttpsUpgrades

POST
H2 200 mon
obs.sd559908.js.brandsmat.com/ 0
155 B 137ms
134ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://obs.sd559908.js.brandsmat.com/mon
Requested by: Host: ob.sd559908.js.brandsmat.com
URL: https://ob.sd559908.js.brandsmat.com/i/c59f6651af12b5efb3ef9693abae15af.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://slot.vulkan-casino-play.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type: application/x-www-form-urlencoded
sec-ch-ua-mobile: ?0

Response headers

access-control-allow-origin: https://slot.vulkan-casino-play.com
content-length: 0
date: Mon, 13 Apr 2026 15:19:31 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

GET
H2

200

Primary Request / Show response
www.vegas.com/
Redirect Chain

https://giriul.com/r.php?enc=GDYv6lusquVp8JjJqhcRin49fjVmdXh6Yyt2SkQ0WThXcVZ4MzVoM3VCVHE3MG8vOTB1TjV3QzdGUFl1bVVvUzQrR1AyZUdPZ1M5S1JncERCY1V3bEZDSmh1aXhMT0F3YzFoVzliOWtmRlU0ZG8zOGpXdWRxdjhJZlhxRVNw...
https://naiawork.com/g/7z8rbci6j9aed232ee182a35947101/?subid3={1426660902}&sid=2026041401192929b0101599f6015f9a
https://vegas.sjv.io/c/269814/260030/4221?Subid1=fec9536994d19656bf6247d1ca6e35e9&sharedid=1553143
https://www.ojrq.net/p/?return=https%3A%2F%2Fvegas.vdvm.net%2Fc%2F269814%2F260030%2F4221%3FSubid1%3Dfec9536994d19656bf6247d1ca6e35e9%26sharedid%3D1553143%26level%3D1%26srcref%3Dhttps%253A%252F%252F...
https://vegas.vdvm.net/c/269814/260030/4221?Subid1=fec9536994d19656bf6247d1ca6e35e9&sharedid=1553143&level=1&srcref=https%3A%2F%2Fgiriul.com%2F&brwsr=2ced3047-374c-11f1-a87d-5bbcc9043cfa&brwsrsig=z...
https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143

19 KB
11 KB

336ms
240ms

Document
text/html

95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143

Requested by

Host: giriul.com
URL: https://giriul.com/xr.php?e=mgKI88eLBwVnMGN0Je3zPH49fkpUWkdyMERxZGV1dSsyVy9JR3E4RkhFSFpLVldlU05uYmh5RkRjUWFEbDNPVWU2Q2VWbG13MXNnK0pxMWdSVWR3SGk2cnhoVXF4cDhnajRnUDBQMHJpb0VvTHUralJydmFnT0JaV3N6YkJuYUIxcUZ0S0JDTWtVOExmbXRyNmpITWFmc2FvNVF5bnQ2dlFNem9aVzNZK1hrdFdqV1c5Q21qSXo2UVlPLytWK2RhT281SmRDUFhiSExkNFAzNDRiK3JkYWxmeVEyMmoyL1dpT3FpM3N1R2dwek9nZ3BCa0xxbENJWlJWNzBUVkJGaFc5U3ZDUzd1WStPb2hta0pucldYODlSY3R5YjZta3dmdzAybldVOVZERm4rYmlvZDBsZnllNExVK1Bkeks2dHhFRTBBOE1QajRybVF4VFJLZVA4Q0hrWFMwdDlna1ZPMzU4MmhEN3ppSHlMeEJuWGRvQXJoenovNFdkVFh3cHMrYU9sdzJzdTRvU0pyYmV2R09kK0NYSHUxT2cwQUt4ekpKSUZQdkRIM3lEV2JMUGptdE5KREJzczhxaVZiNXQwNWFjMnh3Um5SWGNRQUw5MWlJN1FUY296a0FTRXg5MkF1b2ZXc2VRNG9xWnJSUllITG9mSzNrdlVHWGtTOEt4c2lzaU5GRDFENWMrQlhjMHNNc01wN0FlazB3UnlZd0E1NkVVRzd6d1VpOU91dC9reVRCY0hjUWhicXlRMEp5cTlUekpFVUVUMGwwd3JHSzFuaExpM0RWS05oSDZ1VDhmZ24vOTFtQ1lZM3l6ME1pOVdTMzNEUEtLVE1Qdk9hREpic1E2TlFNWlFuZDJ0eCszWCtDN2F2c0hiN0o5SFJyYUlmc1BLSWY4T1czWXJVUjhhY1ZHbEZxckhEdlBnTW4zUlo3UmlEMjRuV2R1T1Rud1BobEx0UXFaQnFvbktqTHBzOWd5RU04MkM5SWRJNm9aaEtRSUg1dVJDN3lKOThaOVQrR01VdFlvVWM1QTREZmwwRENXU1JScndzNDgvZkhGY09zOUFFYTNhUS9GRDJUZVFndS9wL0F6QVV1N2RGKzMxK0VHTzRRaWVkV0I4a0JGZFZ2QzBDTnIzSzY1L3VXYVZJbHhUb2FUemlCS1JCaEFMYlFJYldhUDVYbjhZOE81ZHVUVW1KN1d0UGVPa3A0OWpScmowam9Edk13ellCbnI4QUM4aVZpOTgySTZzQU1hM2pKdmNXNytEZzRhbnZsTT0%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

64e9fc63cf9dce814a28fa7a0be5d94b9c22167cbcb28830c3b810a91a05bfcc

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000 max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://giriul.com/xr.php?e=mgKI88eLBwVnMGN0Je3zPH49fkpUWkdyMERxZGV1dSsyVy9JR3E4RkhFSFpLVldlU05uYmh5RkRjUWFEbDNPVWU2Q2VWbG13MXNnK0pxMWdSVWR3SGk2cnhoVXF4cDhnajRnUDBQMHJpb0VvTHUralJydmFnT0JaV3N6YkJuYUIxcUZ0S0JDTWtVOExmbXRyNmpITWFmc2FvNVF5bnQ2dlFNem9aVzNZK1hrdFdqV1c5Q21qSXo2UVlPLytWK2RhT281SmRDUFhiSExkNFAzNDRiK3JkYWxmeVEyMmoyL1dpT3FpM3N1R2dwek9nZ3BCa0xxbENJWlJWNzBUVkJGaFc5U3ZDUzd1WStPb2hta0pucldYODlSY3R5YjZta3dmdzAybldVOVZERm4rYmlvZDBsZnllNExVK1Bkeks2dHhFRTBBOE1QajRybVF4VFJLZVA4Q0hrWFMwdDlna1ZPMzU4MmhEN3ppSHlMeEJuWGRvQXJoenovNFdkVFh3cHMrYU9sdzJzdTRvU0pyYmV2R09kK0NYSHUxT2cwQUt4ekpKSUZQdkRIM3lEV2JMUGptdE5KREJzczhxaVZiNXQwNWFjMnh3Um5SWGNRQUw5MWlJN1FUY296a0FTRXg5MkF1b2ZXc2VRNG9xWnJSUllITG9mSzNrdlVHWGtTOEt4c2lzaU5GRDFENWMrQlhjMHNNc01wN0FlazB3UnlZd0E1NkVVRzd6d1VpOU91dC9reVRCY0hjUWhicXlRMEp5cTlUekpFVUVUMGwwd3JHSzFuaExpM0RWS05oSDZ1VDhmZ24vOTFtQ1lZM3l6ME1pOVdTMzNEUEtLVE1Qdk9hREpic1E2TlFNWlFuZDJ0eCszWCtDN2F2c0hiN0o5SFJyYUlmc1BLSWY4T1czWXJVUjhhY1ZHbEZxckhEdlBnTW4zUlo3UmlEMjRuV2R1T1Rud1BobEx0UXFaQnFvbktqTHBzOWd5RU04MkM5SWRJNm9aaEtRSUg1dVJDN3lKOThaOVQrR01VdFlvVWM1QTREZmwwRENXU1JScndzNDgvZkhGY09zOUFFYTNhUS9GRDJUZVFndS9wL0F6QVV1N2RGKzMxK0VHTzRRaWVkV0I4a0JGZFZ2QzBDTnIzSzY1L3VXYVZJbHhUb2FUemlCS1JCaEFMYlFJYldhUDVYbjhZOE81ZHVUVW1KN1d0UGVPa3A0OWpScmowam9Edk13ellCbnI4QUM4aVZpOTgySTZzQU1hM2pKdmNXNytEZzRhbnZsTT0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

accept-ranges: bytes
cache-control: private, no-cache, no-store, no-transform, proxy-revalidate
content-encoding: gzip
content-length: 8682
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
content-type: text/html; charset=UTF-8
csp_nonce: 1776093574jnSjkw2SjadI
date: Mon, 13 Apr 2026 15:19:34 GMT
expires: Mon, 13 Apr 2026 15:19:34 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
pragma: no-cache
strict-transport-security: max-age=31536000 max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
date: Mon, 13 Apr 2026 15:19:33 GMT
expires: Mon, 13 Apr 2026 15:19:33 GMT
location: https://www.vegas.com?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
pragma: no-cache
timing-allow-origin: *

GET
H2 200 6799001b32863f88cc8cc620.js Show response
p11.techlab-cdn.com/ 167 KB
58 KB 141ms
44ms Script
application/javascript 2a02:26f0:1700:1c::217:60d
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js
Requested by: Host: www.vegas.com
URL: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1c::217:60d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: ca4cb68887db04f52b67e8a087530508f46bcf95f2269daf041392b5a9a4ee9c

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: prKhGJGikByp6As9XGk/mw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
content-encoding: gzip
etag: 0x8DD6BD7D049225B
timing-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
expires: Mon, 13 Apr 2026 15:29:34 GMT
access-control-allow-origin: *
content-length: 59370
date: Mon, 13 Apr 2026 15:19:34 GMT
content-type: application/javascript
last-modified: Tue, 25 Mar 2025 20:01:21 GMT
vary: Accept-Encoding

GET
H2 200 symbolFont.woff
www.vegas.com/common/fonts/symbolFont/ 25 KB
26 KB 753ms
751ms Font
font/woff 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/common/fonts/symbolFont/symbolFont.woff

Requested by

Host: www.vegas.com
URL: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

7dd1526576e5898bd159f039d64f3d84cc8af05fc278406b38a266ccaea36ccd

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.vegas.com
sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 15:19:34 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:34 GMT
last-modified: Fri, 06 Feb 2026 08:04:24 GMT
content-type: font/woff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1776093574sWdaRiLoVrjf
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
access-control-allow-origin: https://www.vegas.com
content-length: 25144
x-xss-protection: 1; mode=block

GET
H2 200 fontawesome-webfont.woff
use.fontawesome.com/releases/v4.7.0/fonts/ 96 KB
96 KB 87ms
22ms Font
application/font-woff 2606:4700:3036::6815:1b98
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff
Requested by: Host: www.vegas.com
URL: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Origin: https://www.vegas.com
sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=31556926
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"fee66e712a8a08eef5805a46892932ad"
age: 72222
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=O6wC%2Fynn1AKPNvkuVK3ZPKXhjOM46gKedcsaQYjE33nX6PqI7pCzTk8zNEBLKf3RNyuhtP219g1AEKnOlOWS2tAt8RwbY4W3Ak1BG94%2FSlNE3NkMXT8utQIQFy6IiDie9H0NozguIj4BftzIoNuZzD6R"}]}
cf-ray: 9ebb7326ca73c760-TXL
access-control-allow-origin: *
date: Mon, 13 Apr 2026 15:19:34 GMT
content-type: application/font-woff
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 106ms
40ms Font
application/font-woff2 2606:4700:3036::6815:1b98
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: www.vegas.com
URL: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://www.vegas.com
sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=31556926
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: HIT
etag: "af7ae505a9eed503f8b8e6982036873e"
age: 1410531
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=7VYPwGVmd2Zjxi492xlKbTNoLAdirs1re1wl3BQDDVZDO6NICHMAcX67FblNfxiguhS%2BmM%2FuiZ6JY73UpDCkdtMjuRzkGQol9J4ggilByxCxwgLFfT0UATqoYDN%2BMofUm9QbxLmWV6Ms%2BY6LSOdQg4sy"}]}
cf-ray: 9ebb7326ca70c760-TXL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160
date: Mon, 13 Apr 2026 15:19:34 GMT
content-type: application/font-woff2
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
2 KB 184ms
65ms Stylesheet
text/css 2a00:1450:400a:1001::5f
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:1450:400a:1001::5f , Switzerland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

1334350a42e985e91b20ac233fdd44142bc77a0d61079a5f26fee4f915044119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 15:19:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 13 Apr 2026 15:19:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 13 Apr 2026 15:14:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 tokens.css
www.vegas.com/styles/ 27 KB
8 KB 66ms
65ms Stylesheet
text/css 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/styles/tokens.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

97a423e263daa3c1843e16b32b8e42628fb9698c0f1331ed1eb4635329f4b983

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:34:50 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:34 GMT
last-modified: Wed, 07 Jan 2026 23:09:16 GMT
content-type: text/css
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866262mNCQXj3O5Nj4
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=15316
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 7442
x-xss-protection: 1; mode=block

GET
H2 200 theia-vars.css
www.vegas.com/styles/ 26 KB
7 KB 70ms
69ms Stylesheet
text/css 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/styles/theia-vars.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

12409596097ecbdab7137a6c3ad95c60990b702bcaaa7f624a0f8a761951ad15

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:34:49 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:34 GMT
last-modified: Fri, 01 Aug 2025 17:32:31 GMT
content-type: text/css
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866262CexoBgJgewPY
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=15315
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 6664
x-xss-protection: 1; mode=block

GET
H2 200 inject.js Show response
www.vegas.com/common/mvproxy/ 13 KB
7 KB 55ms
53ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/common/mvproxy/inject.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

f1f2803b13fd4b16579b812b53461d87c3cc783c1c782cdea150bd63839ed16e

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:19:04 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:34 GMT
last-modified: Fri, 06 Feb 2026 08:04:24 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775865881kXtk_T5s51uL
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14370
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 6899
x-xss-protection: 1; mode=block

GET clientExperiment
www.vegas.com/mvproxy/ 0
0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 107 KB
34 KB 123ms
69ms Script
text/javascript 142.251.13.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f155.1e100.net

Software

cafe /

Resource Hash

651aa544b6ff07b3123000f0a7aa5da910b2e83fce1d7178289bb8051f117e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 631 / 20556 / m202604070101 / config-hash: 4544702333420187920
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 15:19:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 13 Apr 2026 15:19:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34435
x-xss-protection: 0
server: cafe

GET
H2 200 wsVar.js Show response
www.vegas.com/common/js/ 1 KB
2 KB 59ms
57ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/common/js/wsVar.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

f7747fe1c8c83be9779f1bc3993b19dde7f7ea873694f028d8adc8026578cd5f

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:23:41 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:34 GMT
last-modified: Fri, 06 Feb 2026 08:04:24 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866263YtTU6rPysHt1
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14647
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 873
x-xss-protection: 1; mode=block

GET
H2 200 runtime.js Show response
www.vegas.com/container/iris-container/v1.89.0-4/ 7 KB
4 KB 68ms
67ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/container/iris-container/v1.89.0-4/runtime.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1628d508936c627c5b9c1e6e0fd82d3b02198f5f51ef2861e437f3fae73e659

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:24:11 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:34 GMT
last-modified: Tue, 07 Apr 2026 22:44:45 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866263ecjglAkjYnI8
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14677
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 3623
x-xss-protection: 1; mode=block

GET
H2 200 main.js Show response
www.vegas.com/container/iris-container/v1.89.0-4/ 2 KB
1 KB 61ms
60ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/container/iris-container/v1.89.0-4/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d5bf5e85efaa2f18d103294ff0d16fef93c9c7c9cf83e06656873d8c16a64f6

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:24:11 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:34 GMT
last-modified: Tue, 07 Apr 2026 22:44:45 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866263NC90JI5cYxl2
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14677
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 825
x-xss-protection: 1; mode=block

GET
H2 200 65319_1825172608.js Show response
p11.techlab-cdn.com/e/ 56 KB
18 KB 128ms
55ms Script
application/javascript 2a02:26f0:1700:1c::217:60d
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://p11.techlab-cdn.com/e/65319_1825172608.js
Requested by: Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1c::217:60d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 2e3068a02ac934d82b62f4bbdd4e6caaf40b0b5840cc883f87ef96144bf48af6

Request headers

Origin: https://www.vegas.com
sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: a86+CgoYngZJ3tcgPZ6Vvg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
content-encoding: gzip
etag: 0x8DC28A1A3CBE51E
timing-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
expires: Mon, 13 Apr 2026 15:29:34 GMT
access-control-allow-origin: *
content-length: 18349
date: Mon, 13 Apr 2026 15:19:34 GMT
content-type: application/javascript
last-modified: Thu, 08 Feb 2024 12:29:48 GMT
vary: Accept-Encoding

GET
H2 200 65257_1825202523.js Show response
p11.techlab-cdn.com/e/ 16 KB
7 KB 142ms
70ms Script
application/javascript 2a02:26f0:1700:1c::217:60d
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://p11.techlab-cdn.com/e/65257_1825202523.js
Requested by: Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1c::217:60d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 86dc5ca127190d30356b59709c527327e62d7dbbd49b9225d22a1eef5a557fa0

Request headers

Origin: https://www.vegas.com
sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: ri/rF2i6fOfBFb6htsEB1g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
content-encoding: gzip
etag: 0x8DCF8E35AEEEA1B
timing-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
expires: Mon, 13 Apr 2026 15:29:34 GMT
access-control-allow-origin: *
content-length: 6742
date: Mon, 13 Apr 2026 15:19:34 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 13:04:14 GMT
vary: Accept-Encoding

GET
H2 200 64885_1825202492.js Show response
p11.techlab-cdn.com/e/ 3 KB
2 KB 142ms
70ms Script
application/javascript 2a02:26f0:1700:1c::217:60d
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://p11.techlab-cdn.com/e/64885_1825202492.js
Requested by: Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1c::217:60d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: dea050d655a6484f97804ccc69e5858871526c6b5b74b0a4e21f3a61ed32e1af

Request headers

Origin: https://www.vegas.com
sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: Gw44y3cQDft8OiNm1Lh7Tg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
content-encoding: gzip
etag: 0x8DD4C21FC500F71
timing-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
expires: Mon, 13 Apr 2026 15:29:34 GMT
access-control-allow-origin: *
content-length: 1632
date: Mon, 13 Apr 2026 15:19:34 GMT
content-type: application/javascript
last-modified: Thu, 13 Feb 2025 11:31:40 GMT
vary: Accept-Encoding

GET
H2 200 65226_747628217.js Show response
p11.techlab-cdn.com/e/ 70 KB
33 KB 162ms
91ms Script
application/javascript 2a02:26f0:1700:1c::217:60d
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://p11.techlab-cdn.com/e/65226_747628217.js
Requested by: Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1c::217:60d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 4e5abd4a0506bb0c5426fddde67167e2f86cdad465d7fb77ce459988d26964ca

Request headers

Origin: https://www.vegas.com
sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-md5: FfPxnOXyJHEeTjF3kZAIQQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=600
content-encoding: gzip
etag: 0x8DBF76B7C0E97C7
timing-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
expires: Mon, 13 Apr 2026 15:29:34 GMT
access-control-allow-origin: *
content-length: 33072
date: Mon, 13 Apr 2026 15:19:34 GMT
content-type: application/javascript
last-modified: Thu, 07 Dec 2023 21:28:41 GMT
vary: Accept-Encoding

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202604070101/ 583 KB
183 KB 46ms
46ms Script
text/javascript 142.251.13.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202604070101/pubads_impl.js

Requested by

Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f155.1e100.net

Software

cafe /

Resource Hash

71da1e1fa08dbb955a057eea68b089a85387a81fb6bac0d687c907f27fc21f22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 1199479975104355321
age: 15621
x-content-type-options: nosniff
expires: Tue, 13 Apr 2027 10:59:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 13 Apr 2026 10:59:14 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 187244
x-xss-protection: 0
server: cafe

GET
H2 200 apollo.min.js Show response
www.vegas.com/container/iris-container/v1.89.0-4/ 227 KB
86 KB 132ms
132ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/container/iris-container/v1.89.0-4/apollo.min.js

Requested by

Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

4b3cf5f6f42859703493147995dcd68db73cb843a7a39c33a5259882da11b6a8

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:24:11 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:35 GMT
last-modified: Tue, 07 Apr 2026 22:44:45 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866264iRnTcZ8Yx6j8
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14676
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 86977
x-xss-protection: 1; mode=block

GET
H2 200 headerfooter.min.js Show response
www.vegas.com/container/iris-container/v1.89.0-4/ 83 KB
32 KB 59ms
59ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/container/iris-container/v1.89.0-4/headerfooter.min.js

Requested by

Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

9efd2ca426bf0eeceb22c09353a88ea2ef01bd4d997072ad2e10021312b82e43

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:24:11 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:35 GMT
last-modified: Tue, 07 Apr 2026 22:44:45 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866265jsqOzSt2yNOO
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14676
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 32188
x-xss-protection: 1; mode=block

GET
H2 200 misc1.min.js Show response
www.vegas.com/container/iris-container/v1.89.0-4/ 295 KB
119 KB 79ms
79ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/container/iris-container/v1.89.0-4/misc1.min.js

Requested by

Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

ba6dcdc463a9a6975a9c24f5c1157bd6b6c6f6032f025d4e345cc7eb31c474dc

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:24:11 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:35 GMT
last-modified: Tue, 07 Apr 2026 22:44:45 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866265MWZn1xwFTBTv
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14676
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 121021
x-xss-protection: 1; mode=block

GET
H2 200 react.min.js Show response
www.vegas.com/container/iris-container/v1.89.0-4/ 180 KB
79 KB 154ms
153ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/container/iris-container/v1.89.0-4/react.min.js

Requested by

Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

86377649d1be1eafe173fde072417df683089122b7616bf61fb8ae0e72d34e68

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:24:11 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:35 GMT
last-modified: Tue, 07 Apr 2026 22:44:45 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866264GVwxwFDE0TsR
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14676
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 79831
x-xss-protection: 1; mode=block

GET
H2 200 reactor.min.js Show response
www.vegas.com/container/iris-container/v1.89.0-4/ 134 KB
54 KB 166ms
166ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/container/iris-container/v1.89.0-4/reactor.min.js

Requested by

Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

33a97cfaa68c5f66cbf27c692f3f3f08fc9f7f9f4183f66a4b8a9fd8aae6040d

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:24:11 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:35 GMT
last-modified: Tue, 07 Apr 2026 22:44:45 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866265DeStJDYng-5H
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14676
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 54629
x-xss-protection: 1; mode=block

GET
H2 200 retailtravel2.min.js Show response
www.vegas.com/container/iris-container/v1.89.0-4/ 810 KB
303 KB 172ms
172ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/container/iris-container/v1.89.0-4/retailtravel2.min.js

Requested by

Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

827cf537d7a9b83d99d44e6816c830b77263732f18e23b08b3545e6387fb100a

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:24:11 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:35 GMT
last-modified: Tue, 07 Apr 2026 22:44:45 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866264gWVrNHr3a9V3
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14676
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 308973
x-xss-protection: 1; mode=block

GET
H2 200 cl.min.js Show response
www.vegas.com/container/iris-container/v1.89.0-4/ 429 KB
145 KB 194ms
193ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/container/iris-container/v1.89.0-4/cl.min.js

Requested by

Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

84e78dbf34b8cfdf638da88bd1b93dd0ec0976b70320cc006573046ab18e467a

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:24:11 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:35 GMT
last-modified: Tue, 07 Apr 2026 22:44:45 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866264l0_guw7tR_Ti
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14676
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 147404
x-xss-protection: 1; mode=block

GET
H2 200 retailtravel1.min.js Show response
www.vegas.com/container/iris-container/v1.89.0-4/ 94 KB
38 KB 205ms
205ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/container/iris-container/v1.89.0-4/retailtravel1.min.js

Requested by

Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

a5fe58a98d07ac3cb7093e07aa0d80e7488a362c5f6c4baffac879c4ed14c64b

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:24:11 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:35 GMT
last-modified: Tue, 07 Apr 2026 22:44:45 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866265e95H2uHm1v5E
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14676
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 38604
x-xss-protection: 1; mode=block

GET
H2 200 common.min.js
www.vegas.com/container/iris-container/v1.89.0-4/ 903 KB
378 KB 207ms
206ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/container/iris-container/v1.89.0-4/common.min.js

Requested by

Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:24:12 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:35 GMT
last-modified: Tue, 07 Apr 2026 22:44:45 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866265rz2Xq8yGQCrG
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14677
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 386054
x-xss-protection: 1; mode=block

GET
H2 200 893.min.js Show response
www.vegas.com/container/iris-container/v1.89.0-4/ 169 KB
63 KB 218ms
218ms Script
text/javascript 95.101.111.153
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://www.vegas.com/container/iris-container/v1.89.0-4/893.min.js

Requested by

Host: p11.techlab-cdn.com
URL: https://p11.techlab-cdn.com/6799001b32863f88cc8cc620.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

c43910a16e6f1d30b41d20e7189a3e4452c07af1be0d1176c95a9f347f9af121

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://.vegas.com https://.vegas.com
Strict-Transport-Security	max-age=31536000, max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 19:24:11 GMT
p3p: policyref="https://www.vegas.com/w3c/p3p.xml", CP="OTI DSP COR IND CUR ADMa DEVa TAIa PSAa PSDa IVAa IVDa HISa OUR UNI COM NAV INT CNT STA"
date: Mon, 13 Apr 2026 15:19:35 GMT
last-modified: Tue, 07 Apr 2026 22:44:45 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000, max-age=15552000
csp_nonce: 1775866265or2lH_gGiCs7
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data:; frame-src https://* about: javascript:; frame-ancestors 'self' http://*.vegas.com https://*.vegas.com
cache-control: max-age=14676
content-security-policy-report-only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
accept-ranges: bytes
content-length: 63309
x-xss-protection: 1; mode=block

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202604090101/ 63 KB
23 KB 54ms
54ms Other
text/plain 142.251.13.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202604090101/gpt

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.13.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

wt-in-f155.1e100.net

Software

cafe /

Resource Hash

d3e01c343083ce4c4a9fe64f0ab915f99339794372f31378e58ed309824d1dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 2796382326219958242
age: 85659
x-content-type-options: nosniff
expires: Sun, 19 Apr 2026 15:31:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 12 Apr 2026 15:31:56 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23174
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202604090101"

GET
H2 200 css2
fonts.googleapis.com/ 763 B
615 B 79ms
79ms Stylesheet
text/css 2a00:1450:400a:1001::5f
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200&display=block&icon_names=access_time,account_circle,airline_stops,arrow_back_ios_new,arrow_right_alt,attractions,calendar_month,calendar_view_day,call,campaign,category,check,check_circle,chevron_left,chevron_right,close,credit_card,delete,edit_calendar,expand_circle_down,expand_circle_up,expand_less,expand_more,flight,flight_land,flight_takeoff,free_cancellation,helicopter,help,home,hotel,info,keyboard_arrow_down,keyboard_arrow_right,list_alt,local_activity,local_fire_department,local_offer,local_play,location_on,menu,mobile_screen_share,phone,schedule,search,security,shopping_cart,timelapse,verified,verified_user,visibility,watch_later

Requested by

Host:
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:1450:400a:1001::5f , Switzerland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.vegas.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 13 Apr 2026 15:19:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 13 Apr 2026 15:19:35 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 13 Apr 2026 15:19:35 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET css2
fonts.googleapis.com/ 0
0

POST clientExperiment
www.vegas.com/mvproxy/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: slot.vulkan-casino-play.com
URL: blob:https://slot.vulkan-casino-play.com/b3cc69f2-7a64-402e-bcb9-ff692cc5725e

Domain: invalid
URL: chrome-extension://invalid/

Domain: www.vegas.com
URL: https://www.vegas.com/mvproxy/clientExperiment?jsonCallback=initializeMVP&_=1776093574323

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Symbols+Rounded:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200&display=block&icon_names=access_time,account_circle,airline_stops,arrow_back_ios_new,arrow_right_alt,attractions,calendar_month,calendar_view_day,call,campaign,category,check,check_circle,chevron_left,chevron_right,close,credit_card,delete,edit_calendar,expand_circle_down,expand_circle_up,expand_less,expand_more,flight,flight_land,flight_takeoff,free_cancellation,helicopter,help,home,hotel,info,keyboard_arrow_down,keyboard_arrow_right,list_alt,local_activity,local_fire_department,local_offer,local_play,location_on,menu,mobile_screen_share,phone,schedule,search,security,shopping_cart,timelapse,verified,verified_user,visibility,watch_later

Domain: www.vegas.com
URL: https://www.vegas.com/mvproxy/clientExperiment

Verdicts & Comments Add Verdict or Comment

25 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
slot.vulkan-casino-play.com/	1970-01-21 22:57:33	Name: __tad Value: 1776093569.2679348
.vulkan-casino-play.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1776093569.CfQm3ZWajJW3M4bu
.vulkan-casino-play.com/	1970-01-21 22:57:33	Name: _cq_session Value: 1.1776093569481.RI3HXgFOnVEKwJUO.1776093569481
obs.sd559908.js.brandsmat.com/	1970-01-21 21:25:23	Name: cg_uuid Value: 63bd4c085e54eedc2794b0bdf601c6c4
.vulkan-casino-play.com/	1970-01-21 22:07:09	Name: _cq_duid Value: 4.f274b00d7e74475118b0e7c8a3b02151
.vulkan-casino-play.com/	1970-01-21 22:07:09	Name: _cq_pvid Value: 4.13048ba9b51c8f87b60635f64c9c502c
.ojrq.net/	1970-01-21 22:07:09	Name: brwsr Value: 2ced3047-374c-11f1-a87d-5bbcc9043cfa
vegas.vdvm.net/	1970-01-21 13:31:38	Name: AWSALB Value: ChmbMLCuH4hzRmmRrIsgF3UmSkCQCMNzSo/a8t8HbPNfg6d17ZiQknOr61qjrH0kOUtEqn0hae1FA9Tc4ejHGJ08ApYJPh1CIQsKAohf62HBsTZ0BXeFDrRsjmwL
vegas.vdvm.net/	1970-01-21 13:31:38	Name: AWSALBCORS Value: ChmbMLCuH4hzRmmRrIsgF3UmSkCQCMNzSo/a8t8HbPNfg6d17ZiQknOr61qjrH0kOUtEqn0hae1FA9Tc4ejHGJ08ApYJPh1CIQsKAohf62HBsTZ0BXeFDrRsjmwL
.vdvm.net/	1970-01-21 22:07:09	Name: brwsr Value: 2ced3047-374c-11f1-a87d-5bbcc9043cfa
vegas.vdvm.net/	1970-01-21 17:40:45	Name: irld Value: L3j93lSxE8WnJXqg1Isw6sSFfxQEzcvX0fTXq1%3AqxNXT3pUOS
.vegas.com/	1970-01-21 22:57:33	Name: LIFETIME_VISITOR_ID Value: "ad0Jhq9QeNI05g65GEzyMAAAAOI"
.vegas.com/	1970-01-21 13:21:35	Name: www_sid Value: 1035
.vegas.com/	1969-12-31 23:59:59	Name: Device Value: Desktop
.vegas.com/	1969-12-31 23:59:59	Name: DeviceTypeForAdaptive Value: DESKTOP
.vegas.com/	1969-12-31 23:59:59	Name: UseAdaptiveEverything Value: true
.vegas.com/	1970-01-21 15:31:09	Name: mvproxyid Value: 99c4ed0d-d326-4817-a5e2-227881cdf09e
www.vegas.com/	1969-12-31 23:59:59	Name: mvproxy Value: 33908,38608,38904,39843,41273,46453,46982,47929,49586,50271,50321,50961,51077,51078
www.vegas.com/	1969-12-31 23:59:59	Name: TS0120ef13 Value: 016121ed6799b9e141e4e33c5b0a186a4faf4b9bad7857380a417f2c74af324bcc5b3a207a926362578b045f95acbd528f97c5e544fd832fc76bd4452f2e267ad47222d3e6
.vegas.com/	1970-01-21 13:21:40	Name: ak_bmsc Value: 90A525DDA186FA54D2A054752B500FD0~000000000000000000000000000000~YAAQi9AXAvKwjU+dAQAAzjNthx93KVaGn+LztC6WlcRtUz6+mlPeBNbWYMZsWgk4VwpP0JUFyRSohts9QeVVpjsYt7zR/8u0u7YtD9djlxgJpQ/DWnM2AYL/Ieyb3nfnCyp//EODWj2zwcNNC7A/nptFc0UGyRIpXpf17yw4jGzhanbbqJSUnluc/FdIZ98JNAjwKhneSFlYw0MPSfo8kYt61qaS4CbA8Qwr7tAQTeOWm2VthEbTlSVH2CoZA7coiqyb305xk9FCWBt8qkSnnfNXQat7vFne9+p5vbpsyGke/QpsSR6ayoNgaUMvyzfRIb2RJCbQwzvhyTSivtBICivS33hUuUVTyO0/s/WoT4twmww0oJiQ1GThdjlypV/zVHwASv9yQA00xg3g
.vegas.com/	1969-12-31 23:59:59	Name: qs_qualification Value: ?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143
.vegas.com/	1969-12-31 23:59:59	Name: GeoLocation Value: DE,BE,BERLIN,511,22150,52.52,13.40,511
.vegas.com/	1969-12-31 23:59:59	Name: TS018f5c8d Value: 016121ed674970c435e06d7b7cda2a96352553d9047857380a417f2c74af324bcc5b3a207ac4b564c6cef45f82ecc7fb1d3161618c7c2c1be588830a600458de2997086f208231f685d5f3e4c4fb9ad768a399c95317dd79f5aa9b975adea1c8eb29fa6a0cdd90b45694bf2ea5be47d16aa2250ca149519de1c039b41ea1249fe2db35897a6e16402bc45dc93ac58b90c3efddae601dbc8640a8248369c14e467ad22e119a

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://slot.vulkan-casino-play.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:1FC08D200A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
worker	warning	URL: https://slot.vulkan-casino-play.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:1FC01F830A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://slot.vulkan-casino-play.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:1FC0AC600A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
security	error	URL: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143(Line 187) Message: Executing inline script violates the following Content Security Policy directive 'script-src 'strict-dynamic' 'sha256-i8gQNnyo0lbX98psQnx8NpFy5+530dW/ITGiaDqCuPc=' 'sha256-F+cE3pGCmtkOg3s1er7j9oMDuGHGJdBntkX5Fshrcag=' 'sha256-EoFtXZCo9c9mxWV3cIUiip9gPEFa8EbjkzO8IQ11nfU=' 'sha256-aqawmosfI0VVigRPp1ywr5sv51WvksxNCI9k1dDEvVQ=' 'sha256-wlTDLCBWUJrqFESJMrBde1ILmeoWqjt71LMpk9wLh0Y=' 'sha256-Y+OeGfpnDflXnrMYQvIuhGbO1wzoLNSb8uuI92oQN10=' 'sha256-PkJGfII3Mo6X1ZQHKIBconGQXZKn1EkBRRVwmL5VhEc=' 'sha256-lvBs0y8yOF05JpDNK4WTRt8RIwQEtXYHGsPHrCxW+uY=' 'sha256-G1ZsI27zxEDIZVFKJhwbE9pvQKrgCt/kkUSnJcPBzQ0=' 'sha256-hoYwwDXWSLFFnMMMXeCJ6hnXmCoI13xgNhS1ZO+Qfng=' 'sha256-C635Ul78yoSCrnwpFO+KTUaL1KW37osKz/ix90vUOkc=' https: 'unsafe-inline' 'unsafe-eval' 'nonce-1776093574jnSjkw2SjadI''. Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list. The action has been blocked.
security	error	URL: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143(Line 192) Message: Executing inline script violates the following Content Security Policy directive 'script-src 'strict-dynamic' 'sha256-i8gQNnyo0lbX98psQnx8NpFy5+530dW/ITGiaDqCuPc=' 'sha256-F+cE3pGCmtkOg3s1er7j9oMDuGHGJdBntkX5Fshrcag=' 'sha256-EoFtXZCo9c9mxWV3cIUiip9gPEFa8EbjkzO8IQ11nfU=' 'sha256-aqawmosfI0VVigRPp1ywr5sv51WvksxNCI9k1dDEvVQ=' 'sha256-wlTDLCBWUJrqFESJMrBde1ILmeoWqjt71LMpk9wLh0Y=' 'sha256-Y+OeGfpnDflXnrMYQvIuhGbO1wzoLNSb8uuI92oQN10=' 'sha256-PkJGfII3Mo6X1ZQHKIBconGQXZKn1EkBRRVwmL5VhEc=' 'sha256-lvBs0y8yOF05JpDNK4WTRt8RIwQEtXYHGsPHrCxW+uY=' 'sha256-G1ZsI27zxEDIZVFKJhwbE9pvQKrgCt/kkUSnJcPBzQ0=' 'sha256-hoYwwDXWSLFFnMMMXeCJ6hnXmCoI13xgNhS1ZO+Qfng=' 'sha256-C635Ul78yoSCrnwpFO+KTUaL1KW37osKz/ix90vUOkc=' https: 'unsafe-inline' 'unsafe-eval' 'nonce-1776093574jnSjkw2SjadI''. Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list. The action has been blocked.
security	error	URL: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143(Line 233) Message: Executing inline script violates the following Content Security Policy directive 'script-src 'strict-dynamic' 'sha256-i8gQNnyo0lbX98psQnx8NpFy5+530dW/ITGiaDqCuPc=' 'sha256-F+cE3pGCmtkOg3s1er7j9oMDuGHGJdBntkX5Fshrcag=' 'sha256-EoFtXZCo9c9mxWV3cIUiip9gPEFa8EbjkzO8IQ11nfU=' 'sha256-aqawmosfI0VVigRPp1ywr5sv51WvksxNCI9k1dDEvVQ=' 'sha256-wlTDLCBWUJrqFESJMrBde1ILmeoWqjt71LMpk9wLh0Y=' 'sha256-Y+OeGfpnDflXnrMYQvIuhGbO1wzoLNSb8uuI92oQN10=' 'sha256-PkJGfII3Mo6X1ZQHKIBconGQXZKn1EkBRRVwmL5VhEc=' 'sha256-lvBs0y8yOF05JpDNK4WTRt8RIwQEtXYHGsPHrCxW+uY=' 'sha256-G1ZsI27zxEDIZVFKJhwbE9pvQKrgCt/kkUSnJcPBzQ0=' 'sha256-hoYwwDXWSLFFnMMMXeCJ6hnXmCoI13xgNhS1ZO+Qfng=' 'sha256-C635Ul78yoSCrnwpFO+KTUaL1KW37osKz/ix90vUOkc=' https: 'unsafe-inline' 'unsafe-eval' 'nonce-1776093574jnSjkw2SjadI''. Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list. The action has been blocked.
security	error	URL: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143(Line 236) Message: Executing inline script violates the following Content Security Policy directive 'script-src 'strict-dynamic' 'sha256-i8gQNnyo0lbX98psQnx8NpFy5+530dW/ITGiaDqCuPc=' 'sha256-F+cE3pGCmtkOg3s1er7j9oMDuGHGJdBntkX5Fshrcag=' 'sha256-EoFtXZCo9c9mxWV3cIUiip9gPEFa8EbjkzO8IQ11nfU=' 'sha256-aqawmosfI0VVigRPp1ywr5sv51WvksxNCI9k1dDEvVQ=' 'sha256-wlTDLCBWUJrqFESJMrBde1ILmeoWqjt71LMpk9wLh0Y=' 'sha256-Y+OeGfpnDflXnrMYQvIuhGbO1wzoLNSb8uuI92oQN10=' 'sha256-PkJGfII3Mo6X1ZQHKIBconGQXZKn1EkBRRVwmL5VhEc=' 'sha256-lvBs0y8yOF05JpDNK4WTRt8RIwQEtXYHGsPHrCxW+uY=' 'sha256-G1ZsI27zxEDIZVFKJhwbE9pvQKrgCt/kkUSnJcPBzQ0=' 'sha256-hoYwwDXWSLFFnMMMXeCJ6hnXmCoI13xgNhS1ZO+Qfng=' 'sha256-C635Ul78yoSCrnwpFO+KTUaL1KW37osKz/ix90vUOkc=' https: 'unsafe-inline' 'unsafe-eval' 'nonce-1776093574jnSjkw2SjadI''. Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list. The action has been blocked.
security	error	URL: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143(Line 306) Message: Executing inline script violates the following Content Security Policy directive 'script-src 'strict-dynamic' 'sha256-i8gQNnyo0lbX98psQnx8NpFy5+530dW/ITGiaDqCuPc=' 'sha256-F+cE3pGCmtkOg3s1er7j9oMDuGHGJdBntkX5Fshrcag=' 'sha256-EoFtXZCo9c9mxWV3cIUiip9gPEFa8EbjkzO8IQ11nfU=' 'sha256-aqawmosfI0VVigRPp1ywr5sv51WvksxNCI9k1dDEvVQ=' 'sha256-wlTDLCBWUJrqFESJMrBde1ILmeoWqjt71LMpk9wLh0Y=' 'sha256-Y+OeGfpnDflXnrMYQvIuhGbO1wzoLNSb8uuI92oQN10=' 'sha256-PkJGfII3Mo6X1ZQHKIBconGQXZKn1EkBRRVwmL5VhEc=' 'sha256-lvBs0y8yOF05JpDNK4WTRt8RIwQEtXYHGsPHrCxW+uY=' 'sha256-G1ZsI27zxEDIZVFKJhwbE9pvQKrgCt/kkUSnJcPBzQ0=' 'sha256-hoYwwDXWSLFFnMMMXeCJ6hnXmCoI13xgNhS1ZO+Qfng=' 'sha256-C635Ul78yoSCrnwpFO+KTUaL1KW37osKz/ix90vUOkc=' https: 'unsafe-inline' 'unsafe-eval' 'nonce-1776093574jnSjkw2SjadI''. Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list. The action has been blocked.
security	error	URL: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143(Line 309) Message: Executing inline script violates the following Content Security Policy directive 'script-src 'strict-dynamic' 'sha256-i8gQNnyo0lbX98psQnx8NpFy5+530dW/ITGiaDqCuPc=' 'sha256-F+cE3pGCmtkOg3s1er7j9oMDuGHGJdBntkX5Fshrcag=' 'sha256-EoFtXZCo9c9mxWV3cIUiip9gPEFa8EbjkzO8IQ11nfU=' 'sha256-aqawmosfI0VVigRPp1ywr5sv51WvksxNCI9k1dDEvVQ=' 'sha256-wlTDLCBWUJrqFESJMrBde1ILmeoWqjt71LMpk9wLh0Y=' 'sha256-Y+OeGfpnDflXnrMYQvIuhGbO1wzoLNSb8uuI92oQN10=' 'sha256-PkJGfII3Mo6X1ZQHKIBconGQXZKn1EkBRRVwmL5VhEc=' 'sha256-lvBs0y8yOF05JpDNK4WTRt8RIwQEtXYHGsPHrCxW+uY=' 'sha256-G1ZsI27zxEDIZVFKJhwbE9pvQKrgCt/kkUSnJcPBzQ0=' 'sha256-hoYwwDXWSLFFnMMMXeCJ6hnXmCoI13xgNhS1ZO+Qfng=' 'sha256-C635Ul78yoSCrnwpFO+KTUaL1KW37osKz/ix90vUOkc=' https: 'unsafe-inline' 'unsafe-eval' 'nonce-1776093574jnSjkw2SjadI''. Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list. The action has been blocked.
security	error	URL: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143(Line 481) Message: Executing inline script violates the following Content Security Policy directive 'script-src 'strict-dynamic' 'sha256-i8gQNnyo0lbX98psQnx8NpFy5+530dW/ITGiaDqCuPc=' 'sha256-F+cE3pGCmtkOg3s1er7j9oMDuGHGJdBntkX5Fshrcag=' 'sha256-EoFtXZCo9c9mxWV3cIUiip9gPEFa8EbjkzO8IQ11nfU=' 'sha256-aqawmosfI0VVigRPp1ywr5sv51WvksxNCI9k1dDEvVQ=' 'sha256-wlTDLCBWUJrqFESJMrBde1ILmeoWqjt71LMpk9wLh0Y=' 'sha256-Y+OeGfpnDflXnrMYQvIuhGbO1wzoLNSb8uuI92oQN10=' 'sha256-PkJGfII3Mo6X1ZQHKIBconGQXZKn1EkBRRVwmL5VhEc=' 'sha256-lvBs0y8yOF05JpDNK4WTRt8RIwQEtXYHGsPHrCxW+uY=' 'sha256-G1ZsI27zxEDIZVFKJhwbE9pvQKrgCt/kkUSnJcPBzQ0=' 'sha256-hoYwwDXWSLFFnMMMXeCJ6hnXmCoI13xgNhS1ZO+Qfng=' 'sha256-C635Ul78yoSCrnwpFO+KTUaL1KW37osKz/ix90vUOkc=' https: 'unsafe-inline' 'unsafe-eval' 'nonce-1776093574jnSjkw2SjadI''. Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list. The action has been blocked.
security	error	URL: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143(Line 505) Message: Executing inline script violates the following Content Security Policy directive 'script-src 'strict-dynamic' 'sha256-i8gQNnyo0lbX98psQnx8NpFy5+530dW/ITGiaDqCuPc=' 'sha256-F+cE3pGCmtkOg3s1er7j9oMDuGHGJdBntkX5Fshrcag=' 'sha256-EoFtXZCo9c9mxWV3cIUiip9gPEFa8EbjkzO8IQ11nfU=' 'sha256-aqawmosfI0VVigRPp1ywr5sv51WvksxNCI9k1dDEvVQ=' 'sha256-wlTDLCBWUJrqFESJMrBde1ILmeoWqjt71LMpk9wLh0Y=' 'sha256-Y+OeGfpnDflXnrMYQvIuhGbO1wzoLNSb8uuI92oQN10=' 'sha256-PkJGfII3Mo6X1ZQHKIBconGQXZKn1EkBRRVwmL5VhEc=' 'sha256-lvBs0y8yOF05JpDNK4WTRt8RIwQEtXYHGsPHrCxW+uY=' 'sha256-G1ZsI27zxEDIZVFKJhwbE9pvQKrgCt/kkUSnJcPBzQ0=' 'sha256-hoYwwDXWSLFFnMMMXeCJ6hnXmCoI13xgNhS1ZO+Qfng=' 'sha256-C635Ul78yoSCrnwpFO+KTUaL1KW37osKz/ix90vUOkc=' https: 'unsafe-inline' 'unsafe-eval' 'nonce-1776093574jnSjkw2SjadI''. Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list. The action has been blocked.
security	error	URL: https://www.vegas.com/?irgwc=1&afsrc=1&utm_content=2bNzxyzFQxyZWp91P4Qowzb%3AUku3QnUix2z8UQ0&utm_campaign=269814_260030&utm_medium=affiliate&utm_source=impactradius&utm_term=1553143(Line 509) Message: Executing inline script violates the following Content Security Policy directive 'script-src 'strict-dynamic' 'sha256-i8gQNnyo0lbX98psQnx8NpFy5+530dW/ITGiaDqCuPc=' 'sha256-F+cE3pGCmtkOg3s1er7j9oMDuGHGJdBntkX5Fshrcag=' 'sha256-EoFtXZCo9c9mxWV3cIUiip9gPEFa8EbjkzO8IQ11nfU=' 'sha256-aqawmosfI0VVigRPp1ywr5sv51WvksxNCI9k1dDEvVQ=' 'sha256-wlTDLCBWUJrqFESJMrBde1ILmeoWqjt71LMpk9wLh0Y=' 'sha256-Y+OeGfpnDflXnrMYQvIuhGbO1wzoLNSb8uuI92oQN10=' 'sha256-PkJGfII3Mo6X1ZQHKIBconGQXZKn1EkBRRVwmL5VhEc=' 'sha256-lvBs0y8yOF05JpDNK4WTRt8RIwQEtXYHGsPHrCxW+uY=' 'sha256-G1ZsI27zxEDIZVFKJhwbE9pvQKrgCt/kkUSnJcPBzQ0=' 'sha256-hoYwwDXWSLFFnMMMXeCJ6hnXmCoI13xgNhS1ZO+Qfng=' 'sha256-C635Ul78yoSCrnwpFO+KTUaL1KW37osKz/ix90vUOkc=' https: 'unsafe-inline' 'unsafe-eval' 'nonce-1776093574jnSjkw2SjadI''. Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list. The action has been blocked.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
giriul.com
invalid
naiawork.com
ob.sd559908.js.brandsmat.com
obs.sd559908.js.brandsmat.com
p11.techlab-cdn.com
securepubads.g.doubleclick.net
slot.vulkan-casino-play.com
use.fontawesome.com
vegas.sjv.io
vegas.vdvm.net
www.ojrq.net
www.vegas.com
fonts.googleapis.com
invalid
slot.vulkan-casino-play.com
www.vegas.com
103.224.182.220
103.224.182.253
142.251.13.155
162.248.167.98
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:2646:c200:a:df5d:54c0:93a1
2606:4700:3036::6815:1b98
2a00:1450:400a:1001::5f
2a02:26f0:1700:1c::217:60d
34.248.162.141
34.95.127.121
35.227.211.136
95.101.111.153
0c2cf4534b166c3bcb95643020f295848d54896167414de3a564b57921cd7ad6
12409596097ecbdab7137a6c3ad95c60990b702bcaaa7f624a0f8a761951ad15
1334350a42e985e91b20ac233fdd44142bc77a0d61079a5f26fee4f915044119
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e3068a02ac934d82b62f4bbdd4e6caaf40b0b5840cc883f87ef96144bf48af6
33a97cfaa68c5f66cbf27c692f3f3f08fc9f7f9f4183f66a4b8a9fd8aae6040d
38e0c53becf1ce3772f762173c98ca177caa9f852492b334b32756adb3321777
4b3cf5f6f42859703493147995dcd68db73cb843a7a39c33a5259882da11b6a8
4e5abd4a0506bb0c5426fddde67167e2f86cdad465d7fb77ce459988d26964ca
64e9fc63cf9dce814a28fa7a0be5d94b9c22167cbcb28830c3b810a91a05bfcc
651aa544b6ff07b3123000f0a7aa5da910b2e83fce1d7178289bb8051f117e83
69bdd452aa935aa0279c48f3aae7710125915657e5fa8a47bf53d64866c1491e
71da1e1fa08dbb955a057eea68b089a85387a81fb6bac0d687c907f27fc21f22
7d5bf5e85efaa2f18d103294ff0d16fef93c9c7c9cf83e06656873d8c16a64f6
7dd1526576e5898bd159f039d64f3d84cc8af05fc278406b38a266ccaea36ccd
827cf537d7a9b83d99d44e6816c830b77263732f18e23b08b3545e6387fb100a
84e78dbf34b8cfdf638da88bd1b93dd0ec0976b70320cc006573046ab18e467a
86377649d1be1eafe173fde072417df683089122b7616bf61fb8ae0e72d34e68
86dc5ca127190d30356b59709c527327e62d7dbbd49b9225d22a1eef5a557fa0
97a423e263daa3c1843e16b32b8e42628fb9698c0f1331ed1eb4635329f4b983
9efd2ca426bf0eeceb22c09353a88ea2ef01bd4d997072ad2e10021312b82e43
a5fe58a98d07ac3cb7093e07aa0d80e7488a362c5f6c4baffac879c4ed14c64b
b1628d508936c627c5b9c1e6e0fd82d3b02198f5f51ef2861e437f3fae73e659
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba6dcdc463a9a6975a9c24f5c1157bd6b6c6f6032f025d4e345cc7eb31c474dc
c43910a16e6f1d30b41d20e7189a3e4452c07af1be0d1176c95a9f347f9af121
c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089
ca4cb68887db04f52b67e8a087530508f46bcf95f2269daf041392b5a9a4ee9c
d3e01c343083ce4c4a9fe64f0ab915f99339794372f31378e58ed309824d1dfc
dea050d655a6484f97804ccc69e5858871526c6b5b74b0a4e21f3a61ed32e1af
f1f2803b13fd4b16579b812b53461d87c3cc783c1c782cdea150bd63839ed16e
f7747fe1c8c83be9779f1bc3993b19dde7f7ea873694f028d8adc8026578cd5f

www.vegas.com 95.101.111.153 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

88 %HTTPS

38 %IPv6

13 Domains

14 Subdomains

10 IPs

5 Countries

1977 kBTransfer

4868 kBSize

23 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.vegas.com
95.101.111.153 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

42
Requests

88 %
HTTPS

38 %
IPv6

13
Domains

14
Subdomains

10
IPs

5
Countries

1977 kB
Transfer

4868 kB
Size

23
Cookies

42 HTTP transactions
0 data transactions